Page rendering method and device, medium and electronic equipment
By identifying scenes and determining rendering strategies within the education platform, and combining a WASM-JS hybrid architecture with blockchain auditing, the problem of balancing identification and security in data processing on the education platform is solved, achieving flexible data processing and security protection.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- BEIJING ORIENTAL SIHONG TECHNOLOGY CO LTD
- Filing Date
- 2026-04-10
- Publication Date
- 2026-06-19
AI Technical Summary
Educational platforms face challenges in data processing, including difficulty in accurately identifying various types of sensitive educational data, inability to intelligently adapt to diverse teaching scenarios, and difficulty in balancing system performance and security.
By acquiring request data, scene recognition processing is performed to determine the usage scenario, and a rendering strategy is determined based on the usage scenario. The data to be rendered is then de-identified, and the de-identified data is used to render the page. High-performance encryption processing and blockchain auditing are achieved by combining the WASM-JS hybrid architecture.
It enables automatic switching of protection strategies in different educational scenarios, accurately identifies and de-identifies sensitive information, and ensures a balance between data operation capabilities and security protection, solving the industry problem of balancing security and functionality.
Smart Images

Figure CN122240206A_ABST
Abstract
Description
Technical Field
[0001] This disclosure relates to the field of computer technology, and more specifically, to a page rendering method, a page rendering apparatus, a non-transitory computer-readable storage medium, and an electronic device. Background Technology
[0002] With the rapid advancement of educational informatization and increasingly stringent data security regulations, ensuring the smooth operation of the education system while guaranteeing data security has become a core challenge for the industry.
[0003] Current education platforms face several key pain points in data processing: traditional methods struggle to accurately identify various types of sensitive educational data, such as student registration information in different formats; existing solutions cannot intelligently adapt to diverse teaching scenarios; and system performance and security are difficult to balance. Summary of the Invention
[0004] To overcome the problems existing in related technologies, this disclosure provides a page rendering method, a page rendering apparatus, a non-transitory computer-readable storage medium, and an electronic device.
[0005] According to a first aspect of the present disclosure, a page rendering method is provided, the method comprising: Obtain the request data and the data to be rendered, and perform scene recognition processing on the request data to determine the usage scenario; A rendering strategy is determined based on the usage scenario, and the data to be rendered is de-identified according to the rendering strategy to obtain the de-identified data to be rendered. The page is rendered using the de-identified data to be rendered.
[0006] Optionally, the step of performing scene recognition processing on the request data to determine the usage scenario includes: The request data is processed by feature extraction to obtain scene features; The usage scenario is obtained by performing scenario decision processing on the scenario features.
[0007] Optionally, the scene features include one or more of path features, device features, time features, and behavioral features.
[0008] Optionally, determining the rendering strategy based on the usage scenario includes: When the usage scenario is the first usage scenario, the rendering strategy is determined to be the examination strategy; When the usage scenario is the second usage scenario, the rendering strategy is determined to be either the teacher strategy or the default strategy; When the usage scenario is the third usage scenario, the rendering strategy is determined to be the parental strategy.
[0009] Optionally, determining the rendering strategy as a teacher strategy or a default strategy includes: The request data is subjected to permission verification to obtain the verification result; When the verification result is passed, the rendering strategy is determined to be the teacher strategy; When the verification result is unsuccessful, the rendering strategy is determined to be the default strategy.
[0010] Optionally, the method further includes: In response to a triggering operation applied to the page, a corresponding operation fingerprint is generated; The operation fingerprint is uploaded to the blockchain based on the network status.
[0011] Optionally, uploading the operation fingerprint to the blockchain based on the network status includes: When the network status is online, the operation fingerprint is uploaded to the blockchain to obtain audit proof; When the network status is offline, the operation fingerprint is added to the cache queue.
[0012] According to a second aspect of the present disclosure, a page rendering apparatus is provided, comprising: The scene recognition module is configured to acquire request data and data to be rendered, and to perform scene recognition processing on the request data to determine the usage scenario; The desensitization processing module is configured to determine a rendering strategy based on the usage scenario, and to perform desensitization processing on the data to be rendered according to the rendering strategy to obtain desensitized data to be rendered. The page rendering module is configured to render the page using the de-identified data to be rendered.
[0013] According to a third aspect of the present disclosure, a non-transitory computer-readable storage medium is provided, having stored thereon computer program instructions that, when executed by a processor, implement the steps of the method described in any of the first aspects of the present disclosure.
[0014] According to a fourth aspect of the present disclosure, an electronic device is provided, comprising: processor; Memory used to store processor-executable instructions; The processor is configured to execute the executable instructions to implement the steps of any of the methods described in the first aspect of this disclosure.
[0015] The technical solutions provided by the embodiments of this disclosure may include the following beneficial effects: In the exemplary embodiments of this disclosure, the method and apparatus determine the usage scenario based on the requested data, which can support the need for automatic switching of protection strategies in different usage scenarios such as teacher end, parent end, and examination room, and meet the diversified needs of education management. Furthermore, by performing desensitization processing on the data to be rendered, sensitive information such as various student registration codes and grade data can be accurately identified and desensitized, which not only fully preserves the front-end data operation capabilities, but also achieves true "usable but invisible" security protection, and completely solves the industry problem of the difficulty in balancing security and functionality.
[0016] Other features and advantages of this disclosure will be described in detail in the following detailed description section.
[0017] It should be understood that the above general description and the following detailed description are exemplary and explanatory only, and are not intended to limit this disclosure. Attached Figure Description
[0018] The accompanying drawings are provided to further illustrate the present disclosure and form part of the specification. They are used together with the following detailed description to explain the present disclosure, but do not constitute a limitation thereof. In the drawings: Figure 1 The illustration shows a schematic flowchart of a page rendering method according to an exemplary embodiment of the present disclosure; Figure 2 The illustration shows a flowchart of a method for determining a use case based on request data in an exemplary embodiment of this disclosure; Figure 3 The illustration shows a flowchart of a method for determining a rendering strategy based on a usage scenario in an exemplary embodiment of this disclosure; Figure 4 The schematic diagram illustrates a flowchart of a method for further determining a rendering strategy in an exemplary embodiment of this disclosure; Figure 5 The schematic diagram illustrates the architecture of a page rendering method in an exemplary embodiment of this disclosure; Figure 6 The schematic diagram illustrates a process flowchart of a page rendering method in an exemplary embodiment of this disclosure; Figure 7 This illustration schematically shows a flowchart of the encryption process in an exemplary embodiment of the present disclosure; Figure 8 The schematic diagram illustrates a flowchart of a security verification method in an exemplary embodiment of this disclosure; Figure 9 This illustration schematically shows a flowchart of a method for uploading page operations to a blockchain in an exemplary embodiment of this disclosure; Figure 10The illustration schematically shows a flowchart of a method for uploading data to the blockchain based on network status in an exemplary embodiment of this disclosure; Figure 11 The illustration schematically shows a flowchart of a method for uploading an operational fingerprint to a blockchain in an exemplary embodiment of this disclosure; Figure 12 This schematic diagram illustrates the architecture of a page rendering system in an application scenario according to an exemplary embodiment of this disclosure. Figure 13 The schematic diagram illustrates the process flow of an adaptive engine for an educational scenario in an exemplary embodiment of this disclosure. Figure 14 The illustration shows an interactive diagram of the adaptive engine in an application scenario of an exemplary embodiment of this disclosure; Figure 15 The schematic diagram illustrates a flowchart of a strategy matching method in an application scenario of an exemplary embodiment of this disclosure; Figure 16 This illustration schematically shows the architecture of a full-link auditing system in an application scenario of an exemplary embodiment of this disclosure; Figure 17 The schematic diagram illustrates a flowchart of an auditing method in an application scenario of an exemplary embodiment of this disclosure; Figure 18 The schematic diagram illustrates a verification method in an application scenario of an exemplary embodiment of this disclosure; Figure 19 The illustration shows a flowchart of a method for tracing the source of student registration information leakage in an application scenario of an exemplary embodiment of this disclosure; Figure 20 The schematic diagram illustrates a security verification method in an application scenario of an exemplary embodiment of this disclosure; Figure 21 This schematic diagram illustrates the structure of a page rendering apparatus according to an exemplary embodiment of the present disclosure; Figure 22 The illustration schematically depicts an electronic device for implementing a page rendering method according to an exemplary embodiment of the present disclosure; Figure 23 This illustration schematically shows another electronic device for implementing a page rendering method in an exemplary embodiment of the present disclosure. Detailed Implementation
[0019] Exemplary embodiments will now be described in detail, examples of which are illustrated in the accompanying drawings. When the following description relates to the drawings, unless otherwise indicated, the same numerals in different drawings denote the same or similar elements. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with this disclosure. Rather, they are merely examples of apparatuses and methods consistent with some aspects of this disclosure as detailed in the appended claims.
[0020] It should be noted that all actions involving the acquisition of signals, information, or data in this disclosure are carried out in compliance with the relevant data protection laws and policies of the country where the location is situated, and with authorization from the owner of the relevant device.
[0021] With the rapid advancement of educational informatization and increasingly stringent data security regulations, ensuring the smooth operation of the education system while guaranteeing data security has become a core challenge for the industry.
[0022] Current educational platforms face several key pain points in data processing: traditional methods struggle to accurately identify various types of sensitive educational data, such as student registration information in different formats; existing solutions cannot intelligently adapt to diverse teaching scenarios; system performance and security are difficult to balance; and there is a lack of robust data operation tracking mechanisms. These problems severely hinder the development of digital education.
[0023] In related technologies, educational data security mainly adopts the following two traditional solutions, both of which have obvious shortcomings.
[0024] Traditional server-side data masking solutions have the following drawbacks: 1. They employ a one-size-fits-all data filtering approach, using simple regular expressions to batch process sensitive information, which severely limits front-end functionality; 2. They use a fixed rule base, making it difficult to adapt to the differences in student registration encoding formats across different regions; 3. They use a mechanical truncation method, which cannot meet the flexible data display needs of educational scenarios.
[0025] Pure front-end encryption solutions have the following drawbacks: 1. They rely on a large encryption library, which significantly impacts page response speed; 2. They use a full scan method to process DOM (Document Object Model) nodes, leading to rendering lag on complex pages; 3. They have obvious memory security vulnerabilities, and encrypted data may be restored.
[0026] The main shortcomings of these traditional solutions are: 1. Limited recognition capabilities, making it difficult to accurately capture the data structure unique to educational scenarios; 2. Lack of scenario awareness, making it impossible to dynamically adjust according to actual usage needs; 3. Incomplete security protection, posing a risk of data leakage.
[0027] Therefore, typical problems with related technologies include: inability to correctly process student registration information in special formats; serious impact on core functions such as grade analysis; and lack of effective operation tracking mechanisms.
[0028] These limitations severely restrict the in-depth development of educational informatization, and there is an urgent need for more intelligent and flexible solutions.
[0029] In the field of educational data security, traditional solutions have the following inherent shortcomings: The main shortcomings of the server-side data masking solution are: 1. Significant functional limitations: Backend processing causes the frontend to lose its data manipulation capabilities, which seriously affects the teaching analysis function; 2. Insufficient adaptability: Fixed masking rules are difficult to cope with the diversity of student registration codes in different regions; 3. Lack of flexibility: Mechanical masking methods cannot meet the differentiated needs of different scenarios.
[0030] Key issues with pure front-end encryption solutions: 1. Significant performance impact: Encryption processing causes interface lag, affecting the teaching experience; 2. Prominent security risks: Multiple technical means exist that could bypass protection and obtain the original data; 3. Weak auditing capabilities: Lack of an effective operation tracking mechanism makes it difficult to meet compliance requirements.
[0031] Systemic defects of hybrid solutions: 1. Lack of scene awareness: unable to intelligently identify the differences in needs of different usage environments; 2. Content processing defects: insufficient support for complex content such as rich text; 3. Style compatibility issues: security measures may interfere with normal page display.
[0032] The core problems with these traditional solutions are: the contradiction between security protection and functional integrity; the disconnect between static rules and dynamic requirements; and the separation between technical implementation and educational scenarios.
[0033] The direct consequences are: 1. Reduced efficiency in teaching management; 2. Increased data security risks; 3. Decreased user experience quality.
[0034] This "either / or" solution model essentially reflects the fundamental limitations of traditional technologies in balancing security, functionality, and user experience, creating a sharp contradiction with the development needs of educational informatization.
[0035] This disclosure provides a page rendering method. Figure 1 This is a flowchart illustrating a page rendering method according to an exemplary embodiment, such as... Figure 1 As shown, the method may include at least the following steps: Step S110. Obtain the request data and the data to be rendered, and perform scene recognition processing on the request data to determine the usage scenario.
[0036] Step S120. Determine the rendering strategy based on the usage scenario, and perform desensitization processing on the data to be rendered according to the rendering strategy to obtain the desensitized data to be rendered.
[0037] Step S130. Render the page using the de-identified data to be rendered.
[0038] In the exemplary embodiments disclosed herein, the usage scenario is determined based on the requested data, which can support the need for automatic switching of protection strategies in different usage scenarios such as teacher end, parent end, and examination room, and meet the diversified needs of education management. Furthermore, by performing desensitization processing on the data to be rendered, sensitive information such as various student registration codes and grade data can be accurately identified and desensitized, which not only fully preserves the front-end data operation capabilities, but also achieves true "usable but invisible" security protection, and completely solves the industry problem of the difficulty in balancing security and functionality.
[0039] The following section provides a detailed explanation of each step in the page rendering method.
[0040] In step S110, request data and data to be rendered are obtained, and scene recognition processing is performed on the request data to determine the usage scenario.
[0041] In exemplary embodiments of this disclosure, the request data may be context-sensitive.
[0042] In an optional embodiment, Figure 2 The flowchart illustrates a method for determining the use case based on requested data, such as... Figure 2 As shown, the method may include at least the following steps: In step S210, feature extraction processing is performed on the request data to obtain scene features.
[0043] In optional embodiments, scene features include one or more of path features, device features, time features, and behavioral features.
[0044] Specifically, the methods for extracting features from various scenarios are shown in Table 1:
[0045] Table 1 In step S220, scene decision processing is performed on the scene features to obtain the usage scene.
[0046] Specifically, the following decision model algorithm can be used to determine the use cases: class SceneClassifier: def classify(self, request): # Feature Extraction Layer features = { 'path': self._extract_path_features(request), 'device': self._detect_device_type(request), 'time': self._get_time_context() } # Educational Scenario Decision Tree if self._is_exam_mode(features): return ExamScene() elif self._is_teacher_access(features): return TeacherScene( privilege=request.user.role_level, course_type=request.query.course_type ) else: return DefaultScene() In step S120, a rendering strategy is determined based on the usage scenario, and the data to be rendered is de-identified according to the rendering strategy to obtain the de-identified data to be rendered.
[0047] In an exemplary embodiment of this disclosure, after determining the use case, a rendering strategy can be determined based on the use case.
[0048] In an optional embodiment, Figure 3 A flowchart illustrating a method for determining a rendering strategy based on the usage scenario is shown, such as... Figure 3 As shown, the method may include at least the following steps: In step S310, when the usage scenario is the first usage scenario, the rendering strategy is determined to be the examination strategy.
[0049] When / exam / is included, it indicates that the current use case is the primary scenario, and the rendering strategy can be determined as the exam strategy.
[0050] In step S320, when the usage scenario is the second usage scenario, the rendering strategy is determined to be either the teacher strategy or the default strategy.
[0051] When / teacher / is included, it indicates that the current use case is the second one, and the rendering strategy can be determined as either the teacher strategy or the default strategy.
[0052] In an optional embodiment, Figure 4 A flowchart illustrating the method for further determining the rendering strategy is shown, such as... Figure 4 As shown, the method may include at least the following steps: In step S410, the request data is subjected to permission verification processing to obtain the verification result.
[0053] This permission verification process can be implemented by requesting data to determine whether the current request has the necessary teacher permissions.
[0054] In step S420, when the verification result is passed, the rendering strategy is determined to be the teacher strategy.
[0055] When the permission verification process passes, it indicates that the requested data has the necessary teacher permissions, and the rendering strategy can be determined to be the teacher strategy.
[0056] In step S430, when the verification result is unsuccessful, the rendering strategy is determined to be the default strategy.
[0057] When the permission verification fails, it indicates that the requested data does not have the necessary teacher permissions, and the rendering strategy can be determined to be the default strategy. This default strategy serves as a safety net in this situation.
[0058] In step S330, when the usage scenario is the third usage scenario, the rendering strategy is determined to be the parental strategy.
[0059] When the current scenario is not part of steps S310 and S320, it indicates that it is the third usage scenario, and the rendering strategy can be determined to be the parental strategy.
[0060] The specific implementation method is as follows: / / Policy Configuration Center const policies = { exam: { fields: { student_id: { mask: 'full', keep: 0}, score: { mask: 'range', min: 0, max: 100} }, ui: { preventScreenshot: true, disableRightClick: true } }, teacher: { fields: { student_id: { mask: 'partial', keep: 4}, address: { mask: 'regex', pattern: / ^(.{3}).+$ / } }, watermark: { text: user =>`${user.name} ${new Date().toISOString()}`, opacity: 0.3 } } }; After determining the rendering strategy, the data to be rendered can be anonymized according to the rendering strategy under different circumstances.
[0061] Specifically, the desensitization process is as follows: #[wasm_bindgen] pub fn format_preserving_mask(input:&str, keep: usize) ->String { let chars: Vec <char>= input.chars().collect(); let mut output = String::with_capacity(input.len()); for (i, c) in chars.iter().enumerate() { output.push(if i<keep || i> = chars.len() - keep { *c / / Preserve first and last characters } else if c.is_numeric() { '0' / / Replaces the number with 0 } else if c.is_alphabetic() { 'X' / / Replace the letter with X } else { *c / / Reserve special characters }); } output } In step S130, the page is rendered using the desensitized data to be rendered.
[0062] In an exemplary embodiment of this disclosure, after obtaining the de-identified data to be rendered, a browser page can be rendered based on the de-identified data to be rendered.
[0063] The page is rendered using a hybrid architecture of WASM (Web Assembly, a virtual instruction set architecture) and JS (a programming language).
[0064] Figure 5 A schematic diagram of the page rendering architecture is shown, such as... Figure 5 As shown, in terms of secure memory management in this architecture, memory isolation is implemented using Rust (a systems programming language), as detailed below: #[wasm_bindgen] pub struct SecureZone { buffer: Vec <u8>, #[wasm_bindgen(skip)] key: Aes256Key, / / Hardware encryption key } impl SecureZone { pub fn process(&mut self, data:&[u8]) ->Result <Vec <u8>, JsError>{ / / Memory protected area let mut guard = mprotect::Guard::new(&mut self.buffer)?; / / Sensitive operations (AES-NI (Advanced Encryption Standard New Instructions, a hardware-accelerated instruction set optimized for AES (Advanced Encryption Standard) symmetric encryption algorithm)) let result = unsafe { aes_gcm::encrypt(data,&self.key) }; Force memory clearing guard.wipe(); result } } This approach offers certain security features. Specifically, it features double isolation: WASM linear memory + Rust ownership system; immediate erasure: the mprotect system call (a function used to modify the protection attributes of a specified memory region) protects memory pages; and side-channel protection: constant-time cryptography.
[0065] In addition, it features a high-performance data transmission channel that supports zero-copy data transmission, as implemented below: / / JS side const wasmMemory = new Uint8Array(wasmModule.memory.buffer); function processLargeData(data) { / / 1. WASM memory pre-allocation const ptr = wasmModule._malloc(data.length); / / 2. Direct memory write (avoid serialization) wasmMemory.set(data, ptr); / / 3. SIMD Accelerated Processing wasmModule._process(ptr, data.length); / / 4. Read the results directly const result = wasmMemory.slice(ptr, ptr + data.length); wasmModule._free(ptr); return result; } The performance optimization comparison of this implementation method is shown in Table 2:
[0066] Table 2 Figure 6 The flowchart illustrating the page rendering process is shown, such as... Figure 6 As shown, first, the JS layer calls process(dataPtr, len), then WASM supports operations such as locking memory regions, SIMD (Single Instruction Multiple Data) to accelerate computation, and memory erasure, and finally returns the result pointer to the JS layer to render safe data.
[0067] Figure 7 A schematic diagram of the encryption process is shown, such as Figure 7 As shown, the JS data pointer needs to undergo a WASM security check. When the check passes, the process of memory locking, AES-NI confidentiality, memory unlocking, and returning the ciphertext is performed; when the check fails, the process terminates.
[0068] Regarding the optimization for educational scenarios, this page rendering method supports student ID number encryption for faster rendering. The specific implementation method is as follows: #[wasm_bindgen] pub fn encrypt_id(id:&str) ->String { / / Educational institution codes are not encrypted let (prefix, body) = id.split_at(3); / / Hardware-accelerated encryption let cipher = unsafe { aes_ni::encrypt(body.as_bytes()) }; format!("{}:{}", prefix, base64::encode(cipher)) } In this scenario, the processing time for a single student ID number is approximately 0.02ms, and it can support 5000+ concurrent encryptions.
[0069] In addition, this page rendering method also supports SIMD optimization for performance analysis, and the specific implementation method is as follows: #[target_feature(enable = "avx2")] unsafe fn simd_percentile(data:&[f32]) ->f32 { let sum = _mm256_add_ps(...); / / Parallel computation of SIMD ... } In this scenario, educational data is characterized by batch floating-point operations, strong data locality, and controllable precision requirements.
[0070] Table 3 shows a comparison of the key technologies used in this page rendering method:
[0071] Table 3 Therefore, a typical application of this method is preventing cheating in online exams, and the specific implementation method is as follows: class ExamSecurity { constructor() { this.detector = new WASMCheatDetector({ / / Load the trained cheat mode model: 'exam_cheat_model.bin' }); } analyze(videoFrame) { const ptr = this._copyToWASM(videoFrame); return this.detector.analyze(ptr); } } In terms of detection capabilities, the accuracy rate of screen sharing recognition reaches 98%+, and the accuracy rate of virtual machine detection reaches 99%+.
[0072] Typical application cases of this method also include home-school data security transmission scenarios, and the specific implementation method is as follows: async function decryptForParent(encrypted: Uint8Array, bioToken:string) { / / 1. WebCrypto processes biometrics const key = await crypto.subtle.importKey( 'jwk', bioToken, { name: 'PBKDF2'}, false, ['deriveKey'] ); / / 2. High-performance WASM decryption return wasmModule.decrypt( encrypted, key.algorithm.salt ); } Figure 8 A flowchart illustrating the security verification method is shown, such as... Figure 8 As shown, integrity checks can be performed based on verification requests. When the integrity check passes, an audit log is returned via hash verification or similar methods; when the integrity check fails, the process terminates and a warning is issued. Verification metrics for the integrity check may include memory hash consistency (CRC32 (Cyclic Redundancy Check 32-bit)); execution time deviation detection (<±5%); instruction set fingerprint matching, etc.
[0073] In an optional embodiment, Figure 9 The diagram illustrates a process for uploading page actions to the blockchain, such as... Figure 9 As shown, the method may include at least the following steps: In step S910, in response to a triggering operation applied to the page, a corresponding operation fingerprint is generated.
[0074] This triggering operation can be user-initiated. When this triggering operation is captured, a corresponding operation fingerprint can be generated based on an anti-collision fingerprint algorithm, as detailed below: func GenerateEduFingerprint(data EduRecord) string { h := sha3.NewShake256() h.Write([ ]byte(data.Content)) / / Add education-specific features h.Write([ ]byte{ byte(data.Type), / / Data type (grades / student records, etc.) byte(data.InstitutionID), / / Institution ID byte(data.GradeLevel), / / Grade information }) / / Time obfuscation ts := time.Now().Unix() % 3600 h.Write([ ]byte(strconv.FormatInt(ts^0x55AA, 10))) return base62.Encode(h.Sum(nil)[:16] / / Compressed output } This generation method possesses security features such as institutional-level data isolation, time-dimensional obfuscation, and fixed-length output (compatible with blockchain).
[0075] In step S920, the operation fingerprint is uploaded to the blockchain according to the network status.
[0076] In an optional embodiment, Figure 10 A flowchart illustrating the method of uploading data to the blockchain based on network status is shown, such as... Figure 10 As shown, the method may include at least the following steps: In step S1010, when the network status is online, the operation fingerprint is uploaded to the blockchain to obtain audit proof.
[0077] Figure 11 A flowchart illustrating the method of uploading operational fingerprints to the blockchain is shown, such as... Figure 11 As shown, this operation fingerprint can be submitted in batches, and a corresponding Merkle tree (a persistent data structure widely used in computer science) can be built at 10-minute intervals to upload the corresponding Merkle root to the blockchain. The blockchain can then return the corresponding transaction receipt and provide audit proof to the client.
[0078] The core logic of smart contracts is as follows: contract EduAudit { struct LogEntry { bytes32 dataHash; uint256 timestamp; address operator; bytes4 eduType; / / Education data type identifier } function submitBatch(bytes32[ ] memory hashes) public { bytes32 root = computeMerkleRoot(hashes); entries[root] = LogEntry( root, block.timestamp, msg.sender, 0x53545244 / / "STRD" Student Status Type Identifier ); } } In step S1020, when the network status is offline, the operation fingerprint is added to the cache queue.
[0079] When the network is offline, the operation fingerprint can be added to the cache queue so that it can be uploaded to the blockchain when the network is restored.
[0080] The page rendering method in this embodiment will be described in detail below with reference to an application scenario.
[0081] Based on the problems existing in related technologies, a browser-side data security solution is proposed.
[0082] This solution can accurately identify various sensitive data formats unique to educational scenarios, including complex student registration codes and grade information; it can intelligently adjust data protection strategies according to different teaching scenarios and user roles; it provides comprehensive security protection while ensuring system operating efficiency; and it establishes a complete data operation audit and tracking system. This solution effectively resolves the long-standing contradiction between data security and ease of use in the education industry, providing reliable technical support for the construction of educational informatization.
[0083] Figure 12 This diagram illustrates the architecture of a page rendering system in an application scenario, such as... Figure 12 As shown, the data input layer can capture network requests and DOM changes through a dual-channel approach.
[0084] At the security engine layer, scene recognition can analyze information such as URL (Uniform Resource Locator) / user role / device type, while the WASM core can handle 90% of the computing load.
[0085] The audit output layer enables secure DOM generation; audit logs are automatically uploaded to the blockchain.
[0086] The system architecture mainly achieves three aspects: a dynamic desensitization engine that adapts to educational scenarios, enabling automatic switching of intelligent desensitization strategies based on context (role / scenario / device); a WASM-JS hybrid computing architecture, achieving high-performance encryption processing on the browser side through a hardware-accelerated secure computing isolation zone; and a full lifecycle audit chain for educational data, integrating differential privacy and blockchain into a verifiable data operation tracking system.
[0087] Figure 13 The diagram illustrates the process flow of an adaptive engine in an educational scenario, as shown below. Figure 13 As shown, user-input requests enable the scene recognition engine to identify exam mode, teacher grading mode, and parent query mode. In exam mode, full-field anonymization and screenshot prevention are supported; in teacher grading mode, key fields are preserved and watermarks are added; and in parent query mode, biometric verification decryption is supported. Furthermore, the engine implements secure DOM rendering and audit trails according to the corresponding strategies.
[0088] Figure 14 The diagram illustrates the interaction of the adaptive engine in an application scenario, such as... Figure 14 As shown, users query the engine for scene characteristics using request data containing context. The engine can then return the corresponding policy ID (Identity Document) from the policy library and execute an anonymization algorithm according to the corresponding policy, returning a secure DOM to the user. In addition, audit trails can also be implemented by the engine submitting hashes to the blockchain.
[0089] Figure 15 The flowchart of the strategy matching method in the application scenario is shown, such as... Figure 15 As shown, path detection is performed based on the requested data to determine the exam strategy when / exam / is included; to determine the teacher strategy or default strategy when / teacher / is included; and to determine the parent strategy in other scenarios.
[0090] This approach, specifically optimized for educational scenarios, is primarily applicable to enhancing exam formats. The detailed implementation is as follows: class ExamProtector { constructor() { this.detectors = [ new DebuggerDetector(), / / Anti-debugging new VirtualMachineDetector(), new ScreenShareDetector({ fpsThreshold: 10, watermarkCheck: true }) ]; } enable() { this.detectors.forEach(d =>d.start()); document.addEventListener('contextmenu', e =>e.preventDefault()); } } In addition, it can also be applied to assist teachers in grading, and the main implementation methods are as follows: interface TeacherPolicy { highlight: { sensitiveRanges: [number, number][ ]; / / The positions of sensitive fields to be highlighted. color: string; }; clipboard: { maxLength: number; / / Limit on the length of copied content format: 'text / plain' | 'text / html'; }; } Table 4 shows a comparison of the advantages of this method with traditional solutions:
[0091] Table 4 A typical application of this method is an intelligent test paper grading system, which is implemented as follows: def auto_grade(answer_sheet): context = get_context() if context.scene == 'exam': # Exam Mode: Hide Student Information sanitize = FullMask() else: # Teacher Mode: Retain the last 4 digits of the student ID number sanitize = PartialMask(keep_tail=4) return { 'score': calculate_score(answer_sheet), 'student_info': sanitize.apply(answer_sheet.student) } This section utilizes three key technologies—scene-aware algorithms, dynamic policy routing, and education-specific de-identification operators—to achieve intelligent and precise protection of educational data security.
[0092] Furthermore, the second aspect concerns the implementation details and processing methods of key technologies in the WASM-JS hybrid computing architecture, such as... Figure 5-8 As shown, it will not be elaborated further here.
[0093] Figure 16 This diagram illustrates the architecture of a full-link auditing system in an application scenario, such as... Figure 16 As shown, the data input section can capture user actions and system events. The audit engine can generate corresponding fingerprints and upload them to the blockchain for evidence storage to support verification services. The output section can support the generation of compliance reports or real-time alerts, depending on the specific circumstances.
[0094] Figure 17 The flowchart illustrates the auditing method in an application scenario, such as... Figure 17 As shown, when a user triggers an action, sensitive behavior detection can be performed, and a corresponding data fingerprint can be generated to initiate a real-time evidence storage request. When the network is online, the data fingerprint and other content can be immediately uploaded to the blockchain; when the network is offline, it can be stored in a local cache queue first.
[0095] Figure 18 A flowchart illustrating the verification method in an application scenario is shown, such as... Figure 18 As shown, during an audit, the auditor can submit a verification request. Furthermore, the verification service can query the blockchain for the uploaded Merkle root, causing the blockchain to return block data to the verification service. Thus, the verification service supports verifying proofs of path and returns the verification result to the auditor.
[0096] This section focuses on the specific design for educational scenarios, primarily involving the tracing of exam cheating. The specific implementation method is as follows: class ExamAudit { logCheatingAttempt(data) { const fingerprint = this._generateFingerprint({ type: 'EXAM_CHEAT', studentId: data.studentId, screenshot: hashImage(data.canvas) }); blockchain.submit(fingerprint, { urgency: 'HIGH', courseCode: 'MATH-101' }); } } In this tracing process, the tracing elements are the cheating behavior type label, screen content hash, and associated course information.
[0097] In addition, it also involves auditing teacher operations, and the specific implementation methods are as follows: interface TeacherAction { actionType: 'VIEW' | 'MODIFY' | 'EXPORT'; target: 'GRADES' | 'PROFILES'; fingerprint: string; context: { IP address: string; deviceId: string; time: number; }; } Specifically, the auditing strategy includes high-frequency access alerts (>5 times / minute), marking operations during extraordinary periods (such as 2 AM), and monitoring the export of sensitive data.
[0098] Table 5 shows a comparison of the effectiveness of this section with traditional auditing approaches:
[0099] Table 5 Therefore, typical application scenarios for this section include tracing the source of leaked student registration information. Figure 19 The flowchart illustrates a method for tracing the source of student registration information leakage in an application scenario, such as... Figure 19 As shown, when student registration information is discovered to be leaked, the data fingerprint of the leaked information can be extracted, allowing for querying within the blockchain. Furthermore, the query can pinpoint the operation records and link them to teacher accounts, thereby confirming the leak path.
[0100] The display method of the traceability results can include operation time: 202X-XX-XX 00:00:00; operation device: teacher's office terminal (IP: 192.168.X.XXX); associated operation: batch export of student records.
[0101] In addition, typical application scenarios for this part can also include grade tampering detection, and the specific implementation method is as follows: / / Grade Modification Audit Rules auditEngine.addRule({ type: 'GRADE_CHANGE', severity: 'CRITICAL', validate: (before, after) =>{ return Math.abs(before - after)>10; / / Threshold for abnormal differences }, action: 'BLOCK_AND_ALERT' }); In this application scenario, the protection effect is demonstrated by a 100% interception rate for abnormal modifications and an average response time of 800ms. Specific performance details are shown in Table 6.
[0102] Table 6 Figure 20 A flowchart illustrating a security verification method in an application scenario is shown, such as... Figure 20 As shown, during penetration testing, when attempting to tamper with logs, if the tampering fails, a blockchain consistency check and confirmation fingerprint verification failure are supported; during denial-of-service attacks, a rate limiting mechanism can be requested if the attack fails.
[0103] Therefore, in terms of resistance to attacks, the log tampering detection rate is 100%; and the integrity of audit evidence is guaranteed by cryptography.
[0104] In the exemplary embodiments disclosed herein, this solution will bring significant technological breakthroughs and market competitive advantages to educational technology products. Compared with traditional solutions, this solution achieves a qualitative leap in three key dimensions: First, at the technical implementation level, through the original browser-side data processing architecture, it not only fully preserves the front-end data manipulation capabilities, but also achieves true "usable but invisible" security protection, completely solving the industry problem of balancing security and functionality. Secondly, in terms of adaptability to educational scenarios, the solution has a built-in intelligent recognition engine that can accurately process various student registration codes and grade data. It also supports automatic switching of protection strategies based on different usage scenarios such as teacher terminals, parent terminals, and examination rooms, to meet the diversified needs of education management. Most importantly, the solution establishes a complete data operation tracking chain, ensuring from a technical perspective that increasingly stringent educational data compliance requirements are met.
[0105] In comparison, the advantages of this solution are concentrated in: a deeper understanding of educational scenarios leading to more accurate data identification capabilities; a dynamic strategy adjustment mechanism enabling more flexible application adaptation; and a system-level audit trail design ensuring more reliable compliance guarantees. This solution is particularly suitable for educational scenarios with high data sensitivity requirements, such as online examinations, student registration management, and parent-school interaction. Its modular design also supports customized adjustments based on the specific needs of different customers, establishing a unique technological barrier for the product in the highly competitive education technology market.
[0106] Furthermore, in an exemplary embodiment of this disclosure, a page rendering apparatus is also provided. Figure 21 A schematic diagram of the page rendering device is shown, such as... Figure 21 As shown, the page rendering device 2100 may include: a scene recognition module 2110, a desensitization processing module 2120, and a page rendering module 2130. Wherein: The scene recognition module 2110 is configured to acquire request data and data to be rendered, and to perform scene recognition processing on the request data to determine the usage scenario; The desensitization processing module 2120 is configured to determine a rendering strategy based on the usage scenario, and perform desensitization processing on the data to be rendered according to the rendering strategy to obtain desensitized data to be rendered. The page rendering module 2130 is configured to render the page using the desensitized data to be rendered.
[0107] In an exemplary embodiment of the present invention, the scene recognition module 2110 is configured as follows: The request data is processed by feature extraction to obtain scene features; The usage scenario is obtained by performing scenario decision processing on the scenario features.
[0108] In one exemplary embodiment of the present invention, the scene features include one or more of path features, device features, time features, and behavioral features.
[0109] In an exemplary embodiment of the present invention, the desensitization processing module 2120 is configured as follows: When the usage scenario is the first usage scenario, the rendering strategy is determined to be the examination strategy; When the usage scenario is the second usage scenario, the rendering strategy is determined to be either the teacher strategy or the default strategy; When the usage scenario is the third usage scenario, the rendering strategy is determined to be the parental strategy.
[0110] In an exemplary embodiment of the present invention, the desensitization processing module 2120 is configured as follows: The request data is subjected to permission verification to obtain the verification result; When the verification result is passed, the rendering strategy is determined to be the teacher strategy; When the verification result is unsuccessful, the rendering strategy is determined to be the default strategy.
[0111] In an exemplary embodiment of the present invention, the page rendering apparatus 2100 is further configured to: In response to a triggering operation applied to the page, a corresponding operation fingerprint is generated; The operation fingerprint is uploaded to the blockchain based on the network status.
[0112] In an exemplary embodiment of the present invention, the page rendering apparatus 2100 is further configured to: When the network status is online, the operation fingerprint is uploaded to the blockchain to obtain audit proof; When the network status is offline, the operation fingerprint is added to the cache queue.
[0113] Regarding the apparatus in the above embodiments, the specific manner in which each module performs its operation has been described in detail in the embodiments related to the method, and will not be elaborated upon here.
[0114] Figure 22 This is a block diagram illustrating an electronic device 2200 according to an exemplary embodiment. For example... Figure 22 As shown, the electronic device 2200 may include: a processor 2201 and a memory 2202. The electronic device 2200 may also include one or more of a multimedia component 2203, an input / output (I / O) interface 2204, and a communication component 2205.
[0115] The processor 2201 controls the overall operation of the electronic device 2200 to complete all or part of the steps in the page rendering method described above. The memory 2202 stores various types of data to support the operation of the electronic device 2200. This data may include, for example, instructions for any application or method operating on the electronic device 2200, and application-related data such as contact data, sent and received messages, images, audio, video, etc. The memory 2202 can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as Static Random Access Memory (SRAM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Erasable Programmable Read-Only Memory (EPROM), Programmable Read-Only Memory (PROM), Read-Only Memory (ROM), magnetic storage, flash memory, magnetic disk, or optical disk. Multimedia component 2203 may include a screen and an audio component. The screen may be, for example, a touchscreen, and the audio component is used to output and / or input audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signals may be further stored in memory 2202 or transmitted via communication component 2205. The audio component also includes at least one speaker for outputting audio signals. I / O interface 2204 provides an interface between processor 2201 and other interface modules, such as a keyboard, mouse, buttons, etc. These buttons may be virtual or physical buttons. Communication component 2205 is used for wired or wireless communication between the electronic device 2200 and other devices. Wireless communication, such as Wi-Fi, Bluetooth, Near Field Communication (NFC), 2G, 3G, 4G, NB-IoT, eMTC, or other 5G technologies, or combinations thereof, is not limited here. Therefore, the corresponding communication component 2205 may include: a Wi-Fi module, a Bluetooth module, an NFC module, etc.
[0116] In an exemplary embodiment, the electronic device 2200 may be implemented by one or more application-specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field-programmable gate arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components to perform the page rendering method described above.
[0117] In another exemplary embodiment, a computer-readable storage medium including program instructions is also provided, which, when executed by a processor, implement the steps of the page rendering method described above. For example, the computer-readable storage medium may be the memory 2202 including the program instructions described above, which may be executed by the processor 2201 of the electronic device 2200 to complete the page rendering method described above.
[0118] Figure 23 This is a block diagram illustrating an electronic device 2300 according to an exemplary embodiment. For example, the electronic device 2300 may be provided as a server. (Refer to...) Figure 23 The electronic device 2300 includes a processor 2322, which may be one or more, and a memory 2332 for storing computer programs executable by the processor 2322. The computer program stored in the memory 2332 may include one or more modules, each corresponding to a set of instructions. Furthermore, the processor 2322 may be configured to execute the computer program to perform the page rendering method described above.
[0119] Additionally, the electronic device 2300 may also include a power supply component 2326 and a communication component 2350. The power supply component 2326 can be configured to perform power management of the electronic device 2300, and the communication component 2350 can be configured to enable communication of the electronic device 2300, such as wired or wireless communication. Furthermore, the electronic device 2300 may also include an input / output (I / O) interface 2358. The electronic device 2300 can operate on an operating system stored in the memory 2332.
[0120] In another exemplary embodiment, a computer-readable storage medium including program instructions is also provided, which, when executed by a processor, implement the steps of the page rendering method described above. For example, the non-transitory computer-readable storage medium may be the memory 2332 mentioned above that includes program instructions, which may be executed by the processor 2322 of the electronic device 2300 to complete the page rendering method described above.
[0121] In another exemplary embodiment, a computer program product is also provided, the computer program product comprising a computer program executable by a programmable device, the computer program having a code portion for performing the page rendering method described above when executed by the programmable device.
[0122] The preferred embodiments of this disclosure have been described in detail above with reference to the accompanying drawings. However, this disclosure is not limited to the specific details of the above embodiments. Within the scope of the technical concept of this disclosure, various simple modifications can be made to the technical solutions of this disclosure, and these simple modifications all fall within the protection scope of this disclosure.
[0123] It should also be noted that the various specific technical features described in the above embodiments can be combined in any suitable manner without contradiction. To avoid unnecessary repetition, this disclosure will not describe the various possible combinations separately.
[0124] Furthermore, various different embodiments of this disclosure can be combined in any way, as long as they do not violate the spirit of this disclosure, they should also be regarded as the content disclosed in this disclosure. < / char>
Claims
1. A page rendering method, characterized in that, The method includes: Obtain the request data and the data to be rendered, and perform scene recognition processing on the request data to determine the usage scenario; A rendering strategy is determined based on the usage scenario, and the data to be rendered is de-identified according to the rendering strategy to obtain the de-identified data to be rendered. The page is rendered using the de-identified data to be rendered.
2. The page rendering method according to claim 1, characterized in that, The process of performing scene recognition processing on the requested data to determine the usage scenario includes: The request data is processed by feature extraction to obtain scene features; The usage scenario is obtained by performing scenario decision processing on the scenario features.
3. The page rendering method according to claim 2, characterized in that, The scene features include one or more of the following: path features, device features, time features, and behavioral features.
4. The page rendering method according to claim 1, characterized in that, The step of determining the rendering strategy based on the usage scenario includes: When the usage scenario is the first usage scenario, the rendering strategy is determined to be the examination strategy; When the usage scenario is the second usage scenario, the rendering strategy is determined to be either the teacher strategy or the default strategy; When the usage scenario is the third usage scenario, the rendering strategy is determined to be the parental strategy.
5. The page rendering method according to claim 4, characterized in that, The determination of whether the rendering strategy is the teacher strategy or the default strategy includes: The request data is subjected to permission verification to obtain the verification result; When the verification result is passed, the rendering strategy is determined to be the teacher strategy; When the verification result is unsuccessful, the rendering strategy is determined to be the default strategy.
6. The page rendering method according to claim 1, characterized in that, The method further includes: In response to a triggering operation applied to the page, a corresponding operation fingerprint is generated; The operation fingerprint is uploaded to the blockchain based on the network status.
7. The page rendering method according to claim 6, characterized in that, Uploading the operation fingerprint to the blockchain based on the network status includes: When the network status is online, the operation fingerprint is uploaded to the blockchain to obtain audit proof; When the network status is offline, the operation fingerprint is added to the cache queue.
8. A page rendering apparatus, characterized in that, include: The scene recognition module is configured to acquire request data and data to be rendered, and to perform scene recognition processing on the request data to determine the usage scenario; The desensitization processing module is configured to determine a rendering strategy based on the usage scenario, and to perform desensitization processing on the data to be rendered according to the rendering strategy to obtain desensitized data to be rendered. The page rendering module is configured to render the page using the de-identified data to be rendered.
9. A non-transitory computer-readable storage medium having a computer program stored thereon, characterized in that, When executed by a processor, the program implements the steps of the method described in any one of claims 1-7.
10. An electronic device, characterized in that, include: A memory on which computer programs are stored; A processor for executing the computer program in the memory to implement the steps of the method according to any one of claims 1-7.