Multi-level role permission control method and device based on cryptography

Abstract

The invention provides a multi-level role permission control method and device based on cryptography, electronic equipment and a storable medium. The method comprises the following steps: dividing a role superior-subordinate relationship according to a service permission demand; controlling the access permission in the spatial dimension through the key encryption and decryption permission; whereina part of roles have verification permission, single original text information needing to be verified is sent to a verification party by a verified party (data input party) or a management party (highest permission party), the verification party performs hash operation on the original text information to obtain a hash head, the hash head is compared with the hash head of the encrypted informationobtained by the verification party, and if the two hash heads are consistent, the verification content is not tampered. The method is suitable for various access permission and verification permission requirements in the space dimension and the time dimension, extremely complex service requirements in real life can also be flexibly realized through simple configuration, and the development cost and the maintenance cost of a permission system are greatly reduced. Based on the cryptography technology, the permission is determined through the secret key, and high safety and stability are achieved.

Description

technical field [0001] The invention belongs to the technical field of computers, and in particular relates to a cryptographic-based multi-level role authority control method, device, electronic equipment and a storage medium. Background technique [0002] Asymmetric cryptographic algorithm (asymmetric cryptographic algorithm): This algorithm requires two keys, a public key (public key) and a private key (private key). The public key and the private key are a pair. If the data is encrypted with the public key, only the corresponding private key can be used to decrypt it; if the data is encrypted with the private key, only the corresponding public key can be used to decrypt the data. decrypt. [0003] Hierarchical Deterministic (HD for short): Hierarchical refers to the hierarchical relationship between keys, and child keys can be generated from parent keys; Deterministic refers to, According to the number of the key in the hierarchy, the specific content of the key can be ...

AI Technical Summary

Problems solved by technology

[0004] 1. The traditional permission control scheme is divided into functional access control and data access control, which can only solve the requirement of access permission control, but cannot solve the requirement of verification permission

[0005] 2. There are major hidden dangers in the security and stability of traditional solutions, such as using simulated login, brute force cracking, decompilation and other technical means to attack the authority system, and crack to obtain the highest authority

[0006] 3. The traditional solution also needs to be customized and developed according to the business needs, and the construction cost and maintenance cost are relatively high

[0007] 4. Simple layered deterministic cryptography cannot realize time-dimension access authority control such as delayed access and single-period data access, and at the same time cannot implement verification authority control functions

Images