Data management method, computer device, readable storage medium and program product

By converting encryption functions into native static functions and integrating them with native interface code, native dynamic functions that are compatible with multiple operating systems are formed, solving the problem of low data management efficiency and realizing efficient local data encryption and decryption operations, adapting to different server environments.

CN122174248APending Publication Date: 2026-06-09BEIJING BAIJU YIXING TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING BAIJU YIXING TECH CO LTD
Filing Date
2026-01-30
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

Existing technologies suffer from low data management efficiency, especially in scenarios such as ride-hailing platforms, maps, and computing services, due to bottlenecks in data encryption and decryption and resource consumption caused by the centralized processing mode on the server side.

Method used

The encryption function is converted into a local static function and integrated with the local interface code to form a local dynamic function, which is compatible with various server operating system versions, realizes local data encryption and decryption operations, and reduces dependence on the server.

Benefits of technology

It improves data management efficiency and the versatility of encryption functions, enabling efficient data encryption and decryption across different server operating systems, reducing network transmission latency and enhancing security.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122174248A_ABST
    Figure CN122174248A_ABST
Patent Text Reader

Abstract

This application discloses a data management method, computer device, readable storage medium, and program product, relating to the field of data management technology. The data management method includes obtaining an encryption function; converting the encryption function into a local static function and merging it with local interface code to form a local dynamic function; wherein the local interface code is compatible with various server operating system versions; requesting a combination of call parameters from the server to invoke the local dynamic function; and using the local dynamic function to encrypt and / or decrypt target data. This solves the technical problem of low data management efficiency and achieves the technical effect of improving the versatility of encryption functions and data management efficiency.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of data management technology, and in particular to a data management method, computer equipment, computer-readable storage medium, and computer program product. Background Technology

[0002] Data management typically involves data encryption and decryption processes. Taking ride-hailing platforms, maps, and computing services as examples, data encryption and decryption operations are often completed using a centralized server-side processing model. Furthermore, encryption functions are strongly bound to the server operating system version, which can easily lead to processing bottlenecks due to cross-platform data transmission and server resource consumption, resulting in low data management efficiency. Summary of the Invention

[0003] This application provides a data management method, computer device, computer-readable storage medium, and computer program product to at least solve the problem of low data management efficiency in related technologies.

[0004] This application provides a data management method, which includes: obtaining an encryption function; converting the encryption function into a local static function and merging it with local interface code to form a local dynamic function; wherein the local interface code is adapted to the operating system versions of various servers; requesting a combination of call parameters from the server to call the local dynamic function, and using the local dynamic function to encrypt and / or decrypt the target data.

[0005] In one embodiment of this application, converting an encryption function into a local static function includes: encapsulating the encryption function into a general-purpose encryption / decryption interface using a first code language; statically compiling the encryption / decryption interface and linking the encryption static library of the encryption function to obtain the local static function.

[0006] In one embodiment of this application, obtaining the encryption function includes: obtaining an encryption library associated with the local operating system; wherein the encryption library includes an encryption static library; and obtaining the source code of the encryption library as the encryption function.

[0007] In one embodiment of this application, the process of fusing local interface code with local dynamic function includes: obtaining local interface code; wherein the local interface code is pre-written and compatible with a first code language and a second code language; combining the local interface code with a local static function as a local encrypted combination, and compiling the local encrypted combination to obtain a local dynamic function; wherein the local dynamic function is formed based on the first code language and adapted to the second code language.

[0008] In one embodiment of this application, requesting a combination of call parameters from the server to invoke a local dynamic function includes: sending a parameter tuning request to the server; obtaining the encryption key and encryption vector of the server's response to the parameter tuning request as the combination of call parameters; and invoking the local dynamic function through local interface code using the combination of call parameters.

[0009] In one embodiment of this application, obtaining the encryption key and encryption vector in response to the server's parameter tuning request includes: obtaining the key ciphertext returned by the server; wherein the key ciphertext is obtained by the server encrypting the encryption key and encryption vector using a public key; and decrypting the key ciphertext using a private key associated with the public key to obtain the encryption key and encryption vector.

[0010] In one embodiment of this application, before sending a parameter tuning request to the server, the process includes: in response to the startup of a second code language program, generating a key combination through a key generation component of the second code language; wherein the key combination includes a public key and a private key; and sending the public key to the server via a remote service so that the server can perform key management on the public key.

[0011] This application also provides a computer device, the computer including: a memory and a processor; the memory is used to store a computer program; the processor is used to implement the steps of any of the above data management methods when executing the computer program.

[0012] This application also provides a computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the steps of any of the above-described data management methods.

[0013] This application also provides a computer program product, including a computer program that, when executed by a processor, implements the steps of any of the above-described data management methods.

[0014] This application addresses the issue of low data management efficiency by processing encryption functions that correspond to different operating system versions into local static functions and developing local interface code that adapts to various server operating system versions. This allows for the migration of the target data encryption and decryption process from the server to the local machine, improving data management efficiency. Furthermore, it enhances the versatility of data management by adapting to different server operating systems. Therefore, this approach solves the problem of low data management efficiency and achieves the technical effects of improving the versatility of encryption functions and data management efficiency. Attached Figure Description

[0015] To more clearly illustrate the embodiments of this application, the accompanying drawings used in the embodiments will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0016] Figure 1 This is a flowchart illustrating an embodiment of the data management method of this application; Figure 2 This is a flowchart illustrating another embodiment of the data management method of this application; Figure 3 This is a schematic diagram of the structure of an embodiment of the data management system of this application; Figure 4 This is a schematic diagram of the structure of a computer device according to an embodiment of this application. Detailed Implementation

[0017] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those of ordinary skill in the art without creative effort are within the protection scope of this application.

[0018] It should be noted that, in the description of this application, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. The terms "first," "second," etc., in this application are used to distinguish similar objects and are not used to describe a specific order or sequence.

[0019] To enable those skilled in the art to better understand the present application, the present application will be further described in detail below with reference to the accompanying drawings and specific embodiments.

[0020] The embodiments of this application provide a data management method, and the data management method is described in detail in conjunction with the execution flow of the data management method.

[0021] Please see Figure 1 , Figure 1 This is a flowchart illustrating an embodiment of the data management method of this application.

[0022] S101: Obtain the encryption function.

[0023] In this embodiment, an encryption function that can be used to encrypt and / or decrypt the target data is obtained. The encryption function initially has a corresponding adaptation relationship with the operating system version of the server, which serves as the basis for the migration of the encryption function from the server to the local end.

[0024] S102: Convert the encryption function into a local static function and merge it with the local interface code to form a local dynamic function; the local interface code is adapted to the operating system versions of various servers.

[0025] In this embodiment, the acquired encryption function undergoes a local adaptation conversion process to obtain a local static function that can run locally. This is then combined with pre-written local interface code to form a directly callable local dynamic function. It is easy to understand that the local interface code can overcome the adaptation limitations of a single operating system version, enabling compatibility with multiple server operating system versions. By combining this with the local static function, the resulting local dynamic function possesses both local execution characteristics and multi-system adaptability. This allows it to adapt to servers that may store data using different operating system versions, facilitating cross-system local data encryption and decryption.

[0026] S103: Request the server to call the parameter combination to invoke the local dynamic function, and use the local dynamic function to encrypt and / or decrypt the target data.

[0027] In this embodiment, a call request is initiated to the server to obtain a matching combination of call parameters. The call to the local dynamic function is then completed using this parameter combination, allowing encryption and / or decryption of the target data to be performed locally. This eliminates the need to transmit the target data to the server for encryption / decryption; the required parameter combination can be obtained directly from the server for independent local processing. Furthermore, leveraging the multi-system adaptability of the local dynamic function, the same encryption / decryption operations can be performed locally on servers running different operating systems.

[0028] As can be seen from the above, the data management method provided in this application processes the encryption function, which corresponds to the operating system version, to obtain a local static function, and writes local interface code that can adapt to different server operating system versions. The local static function and the local interface code form a local dynamic function, which can migrate from the server to the local machine during the target data encryption and decryption process to improve data management efficiency. It can also adapt to different server operating systems to improve the universality of data management, thereby improving the universality of encryption functions and data management efficiency.

[0029] Based on the specific application environment architecture or hardware architecture upon which the execution of the data management method depends, this paper describes the working principle of the specific application environment architecture or hardware architecture and the data management method.

[0030] Please see Figure 2 as well as Figure 3 , Figure 2 This is a flowchart illustrating another embodiment of the data management method of this application. Figure 3 This is a schematic diagram of the structure of an embodiment of the data management system of this application.

[0031] S201: Obtain the encryption function.

[0032] In this embodiment, the encryption library associated with the local operating system can be obtained. This encryption library includes a static encryption library. It can be considered that the encryption library includes a basic encryption algorithm matching the local operating system version and its corresponding native executable code. Obtaining the source code of the encryption library as the encryption function, and using the encryption library's source code as the encryption function, also helps to preserve the native execution logic of the encryption algorithm.

[0033] Generally, different operating system versions are compatible with different encryption library versions. Obtaining the source code of the encryption library as the encryption function can help reduce the impact of differences between different function algorithms on local static functions, and can help mitigate the differences between different versions of encryption libraries during data management.

[0034] S202: Encapsulate encryption functions into a universal encryption / decryption interface using a first-class code language.

[0035] In this embodiment, in response to obtaining the encryption function, the encryption function can be encapsulated into a universal encryption / decryption interface using a first coding language.

[0036] In this context, it can be assumed that the first code language is a compiled language with cross-platform compilation characteristics. By standardizing and encapsulating the encryption function through the first code language, the platform-related redundant logic in the original code of the encryption function can be reduced, and the impact of execution instructions bound to a specific operating system on the data management process can be mitigated. This enables the construction of a universal encryption and decryption interface that is decoupled from specific operating system versions and can be uniformly called in multiple environments.

[0037] S203: Compile the encryption / decryption interface to obtain local static functions.

[0038] In this embodiment, the encryption / decryption interface can be statically compiled and linked with the encryption function's static library to obtain a local static function, thereby converting the encryption function into a local static function. During the static compilation process, the execution code of the encryption / decryption interface and the algorithm code in the encryption static library can be packaged together, eliminating runtime dependencies on external library files. This allows the resulting local static function to run independently in the local environment, reducing dependence on server-side encryption libraries.

[0039] S204: Get the local interface code.

[0040] In this embodiment, the native interface code is pre-written and compatible with both the first and second code languages. The second code language is an interpreted language with cross-platform compatibility. The native interface code has a built-in syntax adaptation layer to achieve bidirectional compatibility with both the first and second code languages, enabling it to parse the execution instructions of native static functions while being directly called by programs in the second code language.

[0041] S205: Merge local static functions with local interface code to form local dynamic functions.

[0042] In this embodiment, the local interface code is adapted to various server operating system versions.

[0043] Native interface code and native static functions can be combined as a native encryption, and the native encryption combination can be compiled to obtain a native dynamic function. During the compilation process, the syntax adaptation logic of the native interface code and the encryption / decryption execution logic of the native static function can be integrated, reducing the calling barriers between the two code languages.

[0044] Among them, the local dynamic function is formed based on the first code language and adapted to the second code language. Relying on the local interface code and the adaptability of multiple operating systems, the local dynamic function generated after fusion can run in the local environment corresponding to different server operating system versions, while retaining the high-efficiency execution characteristics of the first code language and having the flexible calling characteristics of the second code language.

[0045] S206: Generate a key combination using a key generation component of a second code language.

[0046] In this embodiment, in response to the startup of the second code language program, a key combination can be generated through the key generation component of the second code language. The key combination includes a public key and a private key. The key generation component is a security encryption component natively provided with the second code language or developed based on the second code language, possessing cryptographically layered random and secure key generation capabilities. The public key can be considered as the public key in an asymmetric encryption system, and the private key as the private key in an asymmetric encryption system; the two form a uniquely matching asymmetric key pair to achieve one-way encryption and two-way decryption.

[0047] The public key can be sent to the server via a remote service, allowing the server to manage the public key. Upon receiving the public key, the server can store it, update it periodically, and verify its validity, which improves the reliability of subsequent parameter tuning requests and the asymmetric encryption channel for data transmission.

[0048] like Figure 3 As illustrated in the example, the client can invoke the server's key management service to transmit the public key to the server and store the public key in the key database.

[0049] S207: Send a parameter tuning request to the server.

[0050] In this embodiment, in response to a client's need for target data encryption / decryption, a parameter tuning request can be sent to the server. This parameter tuning request indicates that the client has a local data encryption / decryption requirement.

[0051] For example, a parameter tuning request can carry the unique identification information of the local device and the encryption requirement type of the target data. The server can match the corresponding public key based on the identification information, determine the appropriate encryption key and encryption vector type based on the encryption requirement type, and send the parameter tuning request to the server through a preset encrypted communication protocol to ensure the data security of the request during network transmission and reduce the risk of the request content being illegally tampered with or stolen.

[0052] S208: Get the combination of call parameters returned by the server.

[0053] In this embodiment, the encryption key and encryption vector from the server's response to the parameter tuning request can be obtained as a combination of calling parameters. The encryption key is a symmetric encryption session key used for encrypting and decrypting the target data, and the encryption vector is the initial vector required for symmetric encryption. The two work together to achieve efficient encryption and decryption of the target data.

[0054] Specifically, the server can retrieve the encrypted key returned by the server. This encrypted key is obtained by the server encrypting the encryption key and encryption vector using the public key. The server can use the public key uploaded from a local device to perform asymmetric encryption on the core call parameters, reducing the risk of the encryption key and encryption vector being intercepted during network transmission. The encrypted key is then decrypted using the private key associated with the public key to obtain the encryption key and encryption vector. This decryption process is entirely completed locally, eliminating the need to transmit the private key to any external device, further enhancing the security of the call parameter combination retrieval process.

[0055] S209: Use a combination of call parameters to invoke a local dynamic function to encrypt and / or decrypt the target data.

[0056] In this embodiment, a combination of call parameters can be used to call a local dynamic function through local interface code, thereby requesting the combination of call parameters from the server to call the local dynamic function.

[0057] Local dynamic functions execute corresponding encryption and decryption algorithms based on the received encryption key and encryption vector, enabling integrated processing of target data locally. Compared to combining with a server for target data encryption and decryption, this reduces network transmission latency, thereby improving data processing efficiency and enhancing the security and reliability of data management.

[0058] Taking C as the primary code language, Java as the secondary code language, and OpenSSL as the encryption library as an example. C and Java are computer programming languages, while OpenSSL is an open-source software library.

[0059] The OpenSSL AES ABI (equivalent to the source code mentioned earlier) can be encapsulated in C. This allows calling low-level functions of the OpenSSL encryption library (such as `AES_cbc_encrypt`, a low-level encryption function) from C, creating a generic encryption / decryption interface. Static compilation removes environment dependencies. The C code can be statically compiled, linking OpenSSL's static libraries (such as `libcrypto.a`, a static library) to generate object files that do not require external dynamic libraries and can run without OpenSSL installed. JNI interface development and dynamic library generation allow writing JNI (Java Native Interface) code to enable bidirectional data transfer between Java programs and C encryption functions. The JNI code and static libraries are then compiled into a dynamic library (such as `libaes_jni.so`) for loading by Java programs.

[0060] When a Java program starts, it generates a public-private key pair as a key combination using `java.security.KeyPairGenerator` (Java's key generation component). For example, a client can generate a 2048-bit key pair. The server uses the public key to encrypt the key and the IV (Initialization Vector, i.e., the encryption vector in this application). The client can send the public key to a dedicated key management service via RPC (Remote Procedure Call); the key management service uses the client's public key to encrypt the encryption key (256 bits) and the IV (16 bytes). The client receives the encrypted data and can decrypt it using the private key to obtain the plaintext encryption key and IV. In other words, the client uses the private key to decrypt and obtain the plaintext encryption key and IV. Therefore, the client can use the encryption key and IV to call dynamic libraries (i.e., native dynamic functions) via JNI to encrypt and decrypt data.

[0061] Through the above description of the embodiments, those skilled in the art can clearly understand that the methods according to the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method.

[0062] Embodiments of this application also provide an electronic device, which includes a memory and a processor. The memory stores a computer program, and the processor is configured to run the computer program to perform the steps in any of the above-described data management method embodiments.

[0063] For example, please see Figure 4 , Figure 4 This is a schematic diagram of the structure of a computer device according to an embodiment of this application.

[0064] In one embodiment, the computer device may be a terminal, and its internal structure diagram may be as follows: Figure 4 The examples shown herein illustrate this. Computer devices may include processors, memory, network interfaces, displays, and input devices connected via a system bus.

[0065] The processor of a computer device provides computing and control capabilities. The memory of a computer device includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system and computer programs. The internal memory provides the environment for the operation of the operating system and computer programs stored in the non-volatile storage media. The network interface of a computer device is used to communicate with external terminals via a network. When a computer program is executed by the processor, it implements a data management method. The display screen of a computer device can be an LCD screen or an e-ink display screen. The input device of a computer device can be a touch layer covering the display screen, or buttons, a trackball, or a touchpad located on the computer device's casing, or an external keyboard, touchpad, or mouse, etc.

[0066] Embodiments of this application also provide a computer-readable storage medium storing a computer program, wherein the computer program is configured to execute the steps in any of the above-described data management method embodiments when it is run.

[0067] In one exemplary embodiment, the aforementioned computer-readable storage medium may include, but is not limited to, various media capable of storing computer programs, such as a USB flash drive, read-only memory (ROM), random access memory (RAM), portable hard disk, magnetic disk, or optical disk.

[0068] Embodiments of this application also provide a computer program product, which includes a computer program that, when executed by a processor, implements the steps in any of the above-described data management method embodiments.

[0069] Embodiments of this application also provide another computer program product, including a non-volatile computer-readable storage medium storing a computer program, which, when executed by a processor, implements the steps in any of the above-described data management method embodiments.

[0070] Those skilled in the art will further recognize that the units and algorithm steps of the various examples described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, computer software, or a combination of both. To clearly illustrate the interchangeability of hardware and software, the components and steps of the various examples have been generally described in terms of functionality in the foregoing description. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of this application.

[0071] The foregoing has provided a detailed description of a data management method, computer device, computer-readable storage medium, and computer program product provided in this application. Specific examples have been used to illustrate the principles and implementation methods of this application. The descriptions of the embodiments above are only intended to aid in understanding the method and core ideas of this application. It should be noted that those skilled in the art can make various improvements and modifications to this application without departing from its principles, and these improvements and modifications also fall within the protection scope of this application.

Claims

1. A data management method, characterized in that, The data management method includes: Obtain the encryption function; The encryption function is converted into a local static function and merged with the local interface code to form a local dynamic function; wherein, the local interface code is compatible with the operating system versions of various servers; The server is requested to call the local dynamic function using a combination of parameters, and the target data is then encrypted and / or decrypted using the local dynamic function.

2. The data management method according to claim 1, characterized in that, The step of converting the encryption function into a local static function includes: The encryption function is encapsulated into a universal encryption and decryption interface using a first coding language; The encryption / decryption interface is statically compiled and linked to the encryption static library of the encryption function to obtain the local static function.

3. The data management method according to claim 2, characterized in that, The encryption function includes: Obtain the encryption library associated with the local operating system; wherein, the encryption library includes a static encryption library; Obtain the source code of the encryption library as the encryption function.

4. The data management method according to claim 1, characterized in that, The aforementioned functions, which are integrated with local interface code to form local dynamic functions, include: Obtain the local interface code; wherein the local interface code is pre-written and compatible with both the first and second code languages; The local interface code and the local static function are combined as a local encryption combination, and the local encryption combination is compiled to obtain the local dynamic function; wherein, the local dynamic function is formed based on the first code language and adapted to the second code language.

5. The data management method according to claim 1, characterized in that, The step of requesting the server to call the local dynamic function using the combination of call parameters includes: Send a parameter tuning request to the server; Obtain the encryption key and encryption vector from the server's response to the parameter tuning request, and use them as the combination of calling parameters; The local dynamic function is invoked through the local interface code using the combination of the invocation parameters.

6. The data management method according to claim 5, characterized in that, The step of obtaining the encryption key and encryption vector in response to the parameter tuning request from the server includes: Obtain the key ciphertext returned by the server; wherein the key ciphertext is obtained by the server encrypting the encryption key and the encryption vector using the public key; The encrypted key is decrypted using a private key associated with the public key to obtain the encryption key and the encryption vector.

7. The data management method according to claim 6, characterized in that, The process of sending the parameter tuning request to the server includes: In response to the startup of the second code language program, a key combination is generated through the key generation component of the second code language; wherein, the key combination includes a public key and a private key; The public key is sent to the server via a remote service so that the server can manage the public key.

8. A computer device, comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that, When the processor executes the computer program, it implements the steps of the data management method according to any one of claims 1 to 7.

9. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the steps of the data management method according to any one of claims 1 to 7.

10. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the data management method according to any one of claims 1-7.