CN112329039A

CN112329039A - Electronic commerce data processing method and electronic commerce system

Info

Publication number: CN112329039A
Application number: CN202011276380.3A
Authority: CN
Inventors: 张�浩
Original assignee: Individual
Current assignee: Individual
Priority date: 2020-02-14
Filing date: 2020-02-14
Publication date: 2021-02-05
Also published as: CN111310207B; CN111310207A; CN112329040A

Abstract

The embodiment of the application provides an electronic commerce data processing method and an electronic commerce system, through recording an order encryption component corresponding to an electronic commerce order, simultaneously acquiring service coverage information of the electronic commerce order in a generating process, establishing an order encryption node sequence corresponding to the service coverage information, and associating each order item information included in the electronic commerce order into the order encryption node sequence according to a preset association sequence, thereby determining at least part of target order encryption nodes in the order encryption node sequence based on the order encryption component corresponding to the electronic commerce order, and carrying out data encryption on the corresponding order item information included in the electronic commerce order according to the target order encryption nodes. Therefore, the service coverage condition of the electronic commerce order in the generating process can be fully considered, so that the covered service can be well adapted in the encryption process, the success rate of service access is improved, and the risk of service access failure is reduced.

Description

Electronic commerce data processing method and electronic commerce system

Technical Field

The present application relates to the field of electronic commerce technologies, and in particular, to an electronic commerce data processing method and an electronic commerce system.

Background

In the process of business transaction of the electronic commerce terminal, the electronic commerce order is the final result of the business transaction. An e-commerce order often includes various order item information in the e-commerce transaction process, and the order item information often needs to be specially encrypted in a server to avoid information leakage so as to influence the security of an e-commerce platform. In the conventional scheme, usually, fixed encryption nodes are used for encrypting the order item information, however, the inventor researches show that in the generation process of an e-commerce order, not only a single service is involved, but a great deal of covered services may be accessed, for different services, according to the conventional scheme, it is difficult to adapt all services in the specific encryption process, and although effective encryption is realized, great difficulty may be caused to service access during later information reading, and even a part of services cannot be accessed directly.

Disclosure of Invention

In order to overcome at least the above disadvantages in the prior art, an object of the present application is to provide an e-commerce data processing method and an e-commerce system, which can fully consider the service coverage condition of an e-commerce order in the generation process, so that the covered service can be well adapted in the encryption process, thereby improving the success rate of service access and reducing the risk of service access failure.

In a first aspect, the present application provides an e-commerce data processing method applied to a server, where the server is communicatively connected to a plurality of e-commerce terminals, and the method includes:

when an electronic commerce order generated by any electronic commerce terminal is received, determining and recording an order encryption component corresponding to the electronic commerce order according to a preset corresponding relation between an electronic commerce order service and an order encryption component and the electronic commerce order service to which the electronic commerce order belongs;

acquiring service coverage information of the electronic commerce order in a generating process, establishing an order encryption node sequence corresponding to the service coverage information, and associating each order item information included in the electronic commerce order into the order encryption node sequence according to a preset association sequence, wherein the service coverage information is used for representing a target service accessed by the electronic commerce order in the generating process and service calling information corresponding to the target service, the service calling information comprises one or more combinations of a service calling interface, a service calling link and a service calling service provider, the order encryption node sequence comprises a plurality of order encryption nodes, and each order encryption node is pre-adapted with at least one encryption key certificate of the corresponding service;

and determining at least part of target order encryption nodes in the order encryption node sequence based on an order encryption component corresponding to the electronic commerce order, and encrypting data of corresponding order item information included in the electronic commerce order according to the target order encryption nodes.

In a possible design of the first aspect, the step of obtaining service coverage information of the e-commerce order in a generation process and establishing an order encryption node sequence corresponding to the service coverage information includes:

calling service access information of the electronic commerce order in a generating process from the electronic commerce terminal, analyzing the service access information, and determining a service access bar range of the service access information, wherein the service access bar range of the service access information comprises a plurality of service access bars of different types;

taking the service access column with service association in the service access column range of the service access information as a service access column to form at least two service access columns;

acquiring at least one service access configuration form corresponding to the at least two service access columns respectively, and analyzing to obtain a combination relation between service calling information and service generating information corresponding to each service access configuration form;

taking the combination relation of service calling information and service generating information corresponding to one service access configuration form as a service access strategy, and processing each service access column according to at least one service access strategy to form at least one sub-service access column;

traversing each service access configuration form from a target service access configuration form in each service access configuration form until all service access configuration forms are traversed;

in the traversal process of the service access configuration form, traversing each sub-service access column from a target sub-service access column in each sub-service access column of the service access column, selecting target service calling information from a corresponding combination relation of the service access configuration form aiming at the traversed current sub-service access column, acquiring corresponding target service generating information, and establishing a corresponding relation among the current sub-service access column, the target service calling information and at least one target service generating information until all the sub-service access columns are traversed; the service calling information corresponding to each sub-service access column of the service access column is different, and the service generating information corresponding to each sub-service access column of the service access column is different;

generating a service calling sequence of the service access column under the service access configuration form according to the service calling information corresponding to each sub-service access column and the corresponding service generation information;

after traversing all the service access configuration forms, acquiring a service calling sequence of the service access column under each service access configuration form;

counting service calling sequences of the service access columns under the service access strategies to form a service calling array of the service access information as the service coverage information;

respectively acquiring encryption key certificates of each target service in the service coverage information under each service access strategy;

and establishing an order encryption node sequence corresponding to the service coverage information according to the encryption key certificate of each target service in the service coverage information under each service access strategy.

In a possible design of the first aspect, the step of generating, according to the service invocation information corresponding to each sub-service access bar and the corresponding service generation information, a service invocation sequence of the service access bar under the service access configuration form includes:

acquiring an initial service calling node array between a first service access segment and a preset marking segment, wherein the first service access segment participates in the service calling and service generating process by each sub-service access bar, according to the service calling information corresponding to each sub-service access bar and the corresponding service generating information, and performing conversion processing on the first service access segment based on the initial service calling node array to obtain a converted first service access segment;

determining a service calling node by using a recording path of the service calling information in the converted first service access segment, determining a service generating node by using a recording path of an initial service access segment associated with the corresponding service generating information in the first service access segment, and searching for a service in the service generating node of the first service access segment according to the service calling node;

if the accessible service at the current set time is found in the service generating node of the first service access segment, taking the initial service access segment as a second service access segment;

determining a common service access fragment between the first service access fragment and the second service access fragment, and generating a service calling sequence of the service access column under the service access configuration form based on access process information of each access node on the common service access fragment.

In a possible design of the first aspect, the step of associating each order item information included in the e-commerce order into the order encryption node sequence according to a preset association sequence includes:

regarding each order item information, taking the order item information as a related mark object, wherein an item database in the related mark object is business service record information contained in the order item information;

establishing an order incidence matrix of the incidence mark objects according to a project database in all the incidence mark objects, determining an incidence path of the order incidence matrix, and obtaining an incidence principle of a first incidence mark object in the incidence path, wherein the weight of the order incidence matrix is the data volume of business service record information;

when the association principle of each associated marker object behind the first associated marker object is sequentially screened according to the associated marker object serial number, screening the associated marker object and the association principle of each associated marker object behind the associated marker object, reestablishing the order association matrix of the associated marker object according to the screened association principle, determining the association path of the reestablished order association matrix, and obtaining the association principle of the associated marker object in the association path of the reestablished order association matrix;

and after the screening association principles of all the associated marked objects are obtained, taking the path formed by the screening association principles of all the associated marked objects as the association path of the order encryption node sequence, and associating each associated marked object into the order encryption node sequence according to the association path of the order encryption node sequence.

In a possible design of the first aspect, the step of determining, in the order encryption node sequence, at least part of target order encryption nodes based on an order encryption component corresponding to the e-commerce order includes:

operating an order encryption component corresponding to the electronic commerce order to determine encryption element information for each order encryption node in the order encryption node sequence, and determining feature index information between encryption key features of each order encryption node according to the encryption element information;

constructing encryption element information of each order encryption node into an encryption element matrix according to the encryption key characteristics and the characteristic index information;

extracting a main matrix unit output node of a main encryption key characteristic and an auxiliary matrix unit output node in an auxiliary encryption key characteristic according to the encryption element matrix, and sequentially merging a merged encryption element matrix formed by the main matrix unit output node and the auxiliary matrix unit output node;

converting each combined encryption element matrix into an encryption element sequence with the same encryption key characteristic type, analyzing key word index information and ciphertext index information between each encryption element sequence element to obtain a corresponding index information sequence, and fusing the index information sequences to construct a fused encryption element sequence from the encryption element sequences;

determining header information of characteristic index information of different encryption key characteristic types among matrix unit output nodes in a fusion encryption element sequence of the encryption element information, and distributing element paths for the encryption element information according to the header information;

sequentially traversing each element object of the fusion encryption element sequence, and dividing each element object according to the incidence relation among the element objects to obtain the element object hierarchy of the encryption element information;

respectively determining instruction information of an encryption component instruction containing each order encryption node and range information of an encryption range containing each order encryption node according to the element object level of the encryption element information, wherein the instruction information of the encryption component instruction containing each order encryption node and the range information of the encryption range containing each order encryption node are respectively configured with different element object levels in a one-to-one correspondence manner;

according to instruction information containing an encryption component instruction of each order encryption node and range information containing an encryption range of each order encryption node, performing index search on each encryption service information related to each order encryption node, and determining an order encryption behavior corresponding to each order encryption node;

determining an encryption process queue of each order encryption node according to the order encryption behavior, extracting the cryptograph data of the order encryption behavior and extracting a cryptograph association set of the cryptograph data associated with the encryption process queue;

generating a plurality of dense spectrum sub-fragments from the dense spectrum fragments in the dense spectrum associated bits according to a preset dense spectrum mapping relation according to at least two associated dense spectrum associated bits in the dense spectrum associated set, calculating fragment offsets between all dense spectrum fragments in the next dense spectrum associated bit and all dense spectrum fragments in the last dense spectrum associated bit, and obtaining a corresponding preset dense spectrum mapping relation table according to the obtained fragment offsets;

according to the preset dense spectrum mapping relation table, acquiring a dense spectrum sub-segment which is matched in dense spectrum mapping relation and has the segment offset between each dense spectrum segment of the two dense spectrum sub-segments smaller than the maximum continuous segment offset of the order encryption behavior in the segment offset to form a dense spectrum associated bitmap;

and when the distribution interval of the password spectrum associated bitmap is matched with the encryption interval corresponding to the order encryption component corresponding to the electronic commerce order, determining that the corresponding order encryption node in the order encryption node sequence is a target order encryption node.

In a possible design of the first aspect, the step of determining an encryption process queue of each order encryption node according to the order encryption behavior includes:

acquiring an encrypted instruction stream under the order encryption behavior, and processing the encrypted instruction stream to obtain a plurality of encrypted running process sequences corresponding to a plurality of encrypted instructions;

determining an encryption related operation process and an encryption non-related operation process of the plurality of encryption operation process sequences, determining the proportion of the encryption related operation process in the encryption operation process, determining the operation times of the encryption related operation process according to the proportion, and dividing the encryption related operation process into a plurality of encryption related operation sub-processes according to the operation times;

determining a locking encryption mark point of each encryption related operation sub-process of each encryption operation process in the encryption operation process sequence processed currently aiming at each encryption operation process sequence, and generating an encryption mark value offset variation graph of each locking encryption mark point according to the encryption mark values of a plurality of encryption operation processes contained in the current encryption operation process sequence of each locking encryption mark point;

for each encryption related operation sub-process, determining whether the encryption related operation sub-process currently processed contains locking encryption mark points with encryption mark values changing periodically or not according to an encryption mark value offset change diagram of a plurality of locking encryption mark points contained in the encryption related operation sub-process currently processed;

if the encryption related operation sub-process currently processed contains a locking encryption mark point with an encryption mark value periodically changed, marking the encryption related operation sub-process currently processed as a selected encryption related operation sub-process;

if the encryption related operation sub-process currently processed does not contain the locking encryption mark point with the encryption mark value periodically changed, marking the encryption related operation sub-process currently processed as an unselected encryption related operation sub-process;

splicing the encryption related operation sub-processes with the association relation into candidate encryption processes according to the process association aiming at the marked selected multiple encryption related operation sub-processes;

determining a plurality of reference encrypted marking points of which the encrypted marking values periodically change in the plurality of encrypted marking points in the candidate encryption process, and determining the encrypted marking value change frequency of each reference encrypted marking point;

weighting and calculating the encryption mark value change frequency of the plurality of reference encryption mark points in the candidate encryption process to obtain the encryption mark value change frequency of the currently processed encryption operation process sequence, and screening out at least one encryption operation process sequence which accords with a preset change frequency according to the encryption mark value change frequency of each encryption operation process sequence;

and taking the at least one encryption operation process sequence which accords with the preset change frequency as an encryption process queue of each order encryption node.

In a possible design of the first aspect, the step of encrypting, according to the target order encryption node, data of corresponding order item information included in the e-commerce order includes:

generating an encryption key certificate and encryption register information when the target order encryption node encrypts the corresponding order item information according to the determined target order encryption node;

identifying the service record information corresponding to the order item information to obtain a plurality of service identification fields, determining a service code corresponding to each service identification field, and determining a corresponding service code matrix according to the service codes;

identifying the encryption key certificate and the encryption registration information to the service coding matrix to obtain service codes, determining the code matching degree between the service codes and each service code in the service coding matrix, and determining the encryption index parameters of the service codes according to the encryption key certificate of the service code corresponding to the maximum value of the code matching degree;

and determining to perform data encryption on the order item information according to the encryption index parameter so as to enable the encrypted order item information to perform service access based on the encryption index parameter.

In a second aspect, an embodiment of the present application further provides an electronic commerce data processing apparatus, which is applied to a server, where the server is communicatively connected to a plurality of electronic commerce terminals, and the apparatus includes:

the electronic commerce system comprises a determining module, a processing module and a processing module, wherein the determining module is used for determining and recording an order encryption component corresponding to an electronic commerce order according to a preset corresponding relation between an electronic commerce order service and an order encryption component and the electronic commerce order service to which the electronic commerce order belongs when the electronic commerce order generated by any electronic commerce terminal is received;

the method comprises the steps of establishing an association module, acquiring service coverage information of an electronic commerce order in a generating process, establishing an order encryption node sequence corresponding to the service coverage information, and associating each order item information included in the electronic commerce order into the order encryption node sequence according to a preset association sequence, wherein the service coverage information is used for representing a target service accessed by the electronic commerce order in the generating process and service calling information corresponding to the target service, the service calling information comprises one or more combinations of a service calling interface, a service calling link and a service calling facilitator, the order encryption node sequence comprises a plurality of order encryption nodes, and each order encryption node is pre-adapted with at least one encryption key certificate of the corresponding service;

and the encryption module is used for determining at least part of target order encryption nodes in the order encryption node sequence based on the order encryption component corresponding to the electronic commerce order, and carrying out data encryption on corresponding order item information included in the electronic commerce order according to the target order encryption nodes.

In a third aspect, an embodiment of the present application further provides an electronic commerce system, where the electronic commerce system includes a server and a plurality of electronic commerce terminals communicatively connected to the server;

the electronic terminal is used for sending the generated electronic commerce order to the server;

the server is used for determining and recording an order encryption component corresponding to an electronic commerce order according to a preset corresponding relation between an electronic commerce order service and an order encryption component and the electronic commerce order service to which the electronic commerce order belongs when the electronic commerce order generated by any electronic commerce terminal is received;

the server is used for acquiring service coverage information of the electronic commerce order in a generating process, establishing an order encryption node sequence corresponding to the service coverage information, and associating each order item information included in the electronic commerce order into the order encryption node sequence according to a preset association sequence, wherein the service coverage information is used for representing a target service accessed by the electronic commerce order in the generating process and service calling information corresponding to the target service, the service calling information comprises one or more combinations of a service calling interface, a service calling link and a service calling service provider, the order encryption node sequence comprises a plurality of order encryption nodes, and each order encryption node is pre-adapted with at least one encryption key certificate of the corresponding service;

and the server is used for determining at least part of target order encryption nodes in the order encryption node sequence based on the order encryption component corresponding to the electronic commerce order, and carrying out data encryption on corresponding order item information included in the electronic commerce order according to the target order encryption nodes.

In a fourth aspect, the embodiments of the present application further provide a server, where the server includes a processor, a machine-readable storage medium, and a network interface, where the machine-readable storage medium, the network interface, and the processor are connected through a bus system, the network interface is configured to be communicatively connected to at least one e-commerce terminal, the machine-readable storage medium is configured to store programs, instructions, or codes, and the processor is configured to execute the programs, instructions, or codes in the machine-readable storage medium to perform the e-commerce data processing method in the first aspect or any one of the possible designs in the first aspect.

In a fifth aspect, an embodiment of the present application provides a computer-readable storage medium, where instructions are stored, and when the instructions are detected on a computer, the instructions cause the computer to perform the method for processing e-commerce data in the first aspect or any one of the possible designs of the first aspect.

Based on any one of the above aspects, the method includes recording an order encryption component corresponding to an electronic commerce order, obtaining service coverage information of the electronic commerce order in a generating process, establishing an order encryption node sequence corresponding to the service coverage information, associating each order item information included in the electronic commerce order into the order encryption node sequence according to a preset association sequence, determining at least part of target order encryption nodes in the order encryption node sequence based on the order encryption component corresponding to the electronic commerce order, and performing data encryption on the corresponding order item information included in the electronic commerce order according to the target order encryption nodes. Therefore, the service coverage condition of the electronic commerce order in the generating process can be fully considered, so that the covered service can be well adapted in the encryption process, the success rate of service access is improved, and the risk of service access failure is reduced.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.

Fig. 1 is a schematic application scenario diagram of an electronic commerce system according to an embodiment of the present application;

FIG. 2 is a flowchart illustrating an electronic commerce data processing method according to an embodiment of the present disclosure;

FIG. 3 is a functional block diagram of an electronic commerce data processing apparatus according to an embodiment of the present disclosure;

fig. 4 is a block diagram schematically illustrating a structure of a server for implementing the above-described e-commerce data processing method according to an embodiment of the present application.

Detailed Description

The present application will now be described in detail with reference to the drawings, and the specific operations in the method embodiments may also be applied to the apparatus embodiments or the system embodiments. In the description of the present application, "at least one" includes one or more unless otherwise specified. "plurality" means two or more. For example, at least one of A, B and C, comprising: a alone, B alone, a and B in combination, a and C in combination, B and C in combination, and A, B and C in combination. In this application, "/" means "or, for example, A/B may mean A or B; "and/or" herein is merely an association describing an associated object, and means that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone.

FIG. 1 is an interaction diagram of an electronic commerce system 10 provided by one embodiment of the present application. The electronic commerce system 10 may include a server 100 and an electronic commerce terminal 200 communicatively connected to the server 100, and the server 100 may include a processor for executing an instruction operation therein. The electronic commerce system 10 shown in FIG. 1 is only one possible example, and in other possible embodiments, the electronic commerce system 10 may include only a portion of the components shown in FIG. 1 or may include other components.

In some embodiments, the server 100 may be a single server or a group of servers. The set of servers may be centralized or distributed (e.g., server 100 may be a distributed system). In some embodiments, the server 100 may be local or remote to the e-commerce terminal 200. For example, the server 100 may access information stored in the electronic commerce terminal 200 and a database, or any combination thereof, via a network. As another example, the server 100 may be directly connected to at least one of the e-commerce terminal 200 and a database to access information and/or data stored therein. In some embodiments, the server 100 may be implemented on a cloud platform; by way of example only, the cloud platform may include a private cloud, a public cloud, a hybrid cloud, a community cloud (community cloud), a distributed cloud, an inter-cloud, a multi-cloud, and the like, or any combination thereof.

In some embodiments, the server 100 may include a processor. The processor may process information and/or data related to the service request to perform one or more of the functions described herein. A processor may include one or more processing cores (e.g., a single-core processor (S) or a multi-core processor (S)). Merely by way of example, a Processor may include a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), an Application Specific Instruction Set Processor (ASIP), a Graphics Processing Unit (GPU), a Physical Processing Unit (PPU), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA), a Programmable Logic Device (PLD), a controller, a microcontroller Unit, a Reduced Instruction Set computer (Reduced Instruction Set computer), a microprocessor, or the like, or any combination thereof.

The network may be used for the exchange of information and/or data. In some embodiments, one or more components in the e-commerce system 10 (e.g., the server 100, the e-commerce terminal 200, and the database) may send information and/or data to other components. In some embodiments, the network may be any type of wired or wireless network, or combination thereof. Merely by way of example, Network 130 may include a wired Network, a Wireless Network, a fiber optic Network, a telecommunications Network, an intranet, the internet, a Local Area Network (LAN), a Wide Area Network (WAN), a Wireless Local Area Network (WLAN), a WLAN, a Metropolitan Area Network (MAN), a Wide Area Network (WAN), a Public Switched Telephone Network (PSTN), a bluetooth Network, a ZigBee Network, a Near Field Communication (NFC) Network, or the like, or any combination thereof. In some embodiments, the network may include one or more network access points. For example, the network may include wired or wireless network access points, such as base stations and/or network switching nodes, through which one or more components of the e-commerce system 10 may connect to the network to exchange data and/or information.

The aforementioned database may store data and/or instructions. In some embodiments, the database may store data assigned to the e-commerce terminal 200. In some embodiments, the database may store data and/or instructions for the exemplary methods described herein. In some embodiments, the database may include mass storage, removable storage, volatile Read-write Memory, or Read-Only Memory (ROM), among others, or any combination thereof. By way of example, mass storage may include magnetic disks, optical disks, solid state drives, and the like; removable memory may include flash drives, floppy disks, optical disks, memory cards, zip disks, tapes, and the like; volatile read-write Memory may include Random Access Memory (RAM); the RAM may include Dynamic RAM (DRAM), Double data Rate Synchronous Dynamic RAM (DDR SDRAM); static RAM (SRAM), Thyristor-Based Random Access Memory (T-RAM), Zero-capacitor RAM (Zero-RAM), and the like. By way of example, ROMs may include Mask Read-Only memories (MROMs), Programmable ROMs (PROMs), Erasable Programmable ROMs (PERROMs), Electrically Erasable Programmable ROMs (EEPROMs), compact disk ROMs (CD-ROMs), digital versatile disks (ROMs), and the like. In some embodiments, the database may be implemented on a cloud platform. By way of example only, the cloud platform may include a private cloud, a public cloud, a hybrid cloud, a community cloud, a distributed cloud, across clouds, multiple clouds, or the like, or any combination thereof.

In some embodiments, a database may be connected to a network to communicate with one or more components in the e-commerce system 10 (e.g., server 100, e-commerce terminal 200, etc.). One or more components in e-commerce system 10 may access data or instructions stored in a database via a network. In some embodiments, the database may be directly connected to one or more components of the e-commerce system 10 (e.g., the server 100, the e-commerce terminal 200, etc.), or in some embodiments, the database may be part of the server 100.

In this embodiment, the e-commerce terminal 200 may be any electronic terminal for performing e-commerce transactions, and the e-commerce transactions may be transactions of any physical product or virtual product, and the embodiment is not limited in detail herein.

To solve the technical problem in the foregoing background, fig. 2 is a flowchart illustrating an e-commerce data processing method provided in an embodiment of the present application, which can be executed by the server 100 shown in fig. 1, and the e-commerce data processing method is described in detail below.

Step S110, when receiving an electronic commerce order generated by any electronic commerce terminal 200, determining and recording an order encryption component corresponding to the electronic commerce order according to a preset correspondence between an electronic commerce order service and an order encryption component and the electronic commerce order service to which the electronic commerce order belongs.

Step S120, acquiring service coverage information of the electronic commerce order in the generating process, establishing an order encryption node sequence corresponding to the service coverage information, and associating each order item information included in the electronic commerce order into the order encryption node sequence according to a preset association sequence.

Step S130, based on the order encryption component corresponding to the e-commerce order, determining at least part of target order encryption nodes in the order encryption node sequence, and performing data encryption on corresponding order item information included in the e-commerce order according to the target order encryption nodes.

In this embodiment, corresponding order encryption components may be configured in advance according to different specific e-commerce order services (e.g., an entity order service, a virtual order service, an enterprise order service, a personal order service, etc.), and the order encryption components may be used as extensible components on the e-commerce platform to perform update operations (e.g., add, delete, etc.) at any time. For example, the e-commerce platform may be installed in the e-commerce terminal 200 in the form of software, or may also be run in the form of web page code in the web page frame, so that the order encryption component may be configured specifically according to different running environments, and a specific configuration mode is the prior art and will not be described in detail herein.

In this embodiment, the service coverage information may be used to indicate a target service accessed in a generation process of the e-commerce order and service invocation information corresponding to the target service. Optionally, the service call information may include one or more of a service call interface (API), a service call link (URL), and a service call facilitator (e.g., a cloud service provider). Furthermore, the sequence of order encryption nodes comprises a plurality of order encryption nodes, each of which is pre-adapted with an encryption key certificate of at least one corresponding service.

In this embodiment, the encryption key certificate may be used to represent a legal authentication certificate during the operation process of the service, and may be legally accessed and read when having the encryption key certificate, and perform an encryption operation.

Based on the steps, the embodiment can fully consider the service coverage condition of the e-commerce order in the generation process, so that the covered service can be well adapted in the encryption process, the success rate of service access is improved, and the risk of service access failure is reduced.

In a possible design, regarding step S120, considering that the e-commerce order is generated in the process of being taken as a page for interacting with the user, there are different types of service access fields, and these service access fields can be used not only for recording related service access information (for example, an automatically generated order identification record, information manually input by the user, and the like) but also for distinguishing different service access types.

In detail, in this embodiment, the service access information of the e-commerce order in the generation process may be called from the e-commerce terminal 200, and the service access information is analyzed to determine the service access bar range of the service access information, where the service access bar range of the service access information includes a plurality of different types of service access bars.

On this basis, the service access column with service association in the service access column range of the service access information can be used as one service access column to form at least two service access columns, then at least one service access configuration form corresponding to at least two service access columns is obtained, and the combination relationship between the service calling information and the service generating information corresponding to each service access configuration form is obtained through analysis.

Then, the combination relationship between the service calling information and the service generating information corresponding to one service access configuration form can be used as a service access policy, each service access column is processed according to at least one service access policy to form at least one sub-service access column, and then each service access configuration form is traversed from the target service access configuration form in each service access configuration form until all service access configuration forms are traversed.

It should be noted that, in the traversal process of the service access configuration form, each sub-service access column is traversed from a target sub-service access column in each sub-service access column of the service access column, target service invocation information is selected from a corresponding combination relationship of the service access configuration form for the traversed current sub-service access column, corresponding target service generation information is obtained, and a corresponding relationship between the current sub-service access column, the target service invocation information, and at least one target service generation information is established until all the sub-service access columns are traversed. The service calling information corresponding to each sub-service access column of the service access column is different, and the service generating information corresponding to each sub-service access column of the service access column is different.

And then, generating a service calling sequence of the service access column under the service access configuration form according to the service calling information corresponding to each sub-service access column and the corresponding service generating information, and acquiring the service calling sequence of the service access column under each service access configuration form after all the service access configuration forms are traversed. Therefore, the service calling sequence of each service access column under each service access strategy can be counted, and a service calling array of the service access information is formed and used as the service coverage information.

Then, the encryption key certificate of each target service in the service coverage information under each service access policy can be respectively obtained, and an order encryption node sequence corresponding to the service coverage information is established according to the encryption key certificate of each target service in the service coverage information under each service access policy.

It should be further noted that, in the process of generating the service invocation sequence of the service access bar under the service access configuration form according to the service invocation information and the corresponding service generation information corresponding to each sub-service access bar, the embodiment may obtain, according to the service invocation information and the corresponding service generation information corresponding to each sub-service access bar, an initial service invocation node array between a first service access fragment and a preset mark fragment, where each sub-service access bar participates in the service invocation and service generation processes, and perform conversion processing on the first service access fragment based on the initial service invocation node array, so as to obtain the converted first service access fragment.

And then, determining a service calling node according to a recording path of the service calling information in the converted first service access segment, determining a service generating node according to a recording path of an initial service access segment associated with the corresponding service generating information in the first service access segment, and searching for a service in the service generating node of the first service access segment according to the service calling node.

If the accessible service at the current set time is found in the service generating node of the first service access fragment, the initial service access fragment is used as the second service access fragment, then the common service access fragment between the first service access fragment and the second service access fragment is determined, and a service calling sequence of a service access column under a service access configuration form is generated based on the access process information of each access node on the common service access fragment.

In one possible design, for step S120, in order to effectively adapt in the association process, for each order item information, the order item information may be used as an association tag object, and an item database in the association tag object is business service record information included in the order item information.

Then, according to the item database in all the associated mark objects, establishing an order association matrix of the associated mark objects, determining an association path of the order association matrix, and obtaining an association principle of a first associated mark object in the association path, wherein the weight of the order association matrix is the data volume of the business service record information.

And then, when the association principle screening is carried out on each associated marker object behind the first associated marker object in sequence according to the associated marker object serial number, the associated marker object and the association principle of each associated marker object behind the associated marker object are screened, the order association matrix of the associated marker object is reestablished according to the screened association principle, the association path of the reestablished order association matrix is determined, and the association principle of the associated marker object in the association path of the reestablished order association matrix is obtained.

Therefore, after the screening association principles of all the associated marked objects are obtained, the paths formed by the screening association principles of all the associated marked objects are used as the association paths of the order encryption node sequence, and all the associated marked objects are associated into the order encryption node sequence according to the association paths of the order encryption node sequence.

In a possible design, for step S130, in order to avoid the problem of encryption duplication during the subsequent encryption operation, the present embodiment may further operate an order encryption component corresponding to the e-commerce order to determine encryption element information for each order encryption node in the order encryption node sequence, and determine feature index information between encryption key features of each order encryption node according to the encryption element information.

And then, constructing the encryption element information of each order encryption node into an encryption element matrix according to the encryption key characteristics and the characteristic index information, extracting a main matrix unit output node of the main encryption key characteristics and an auxiliary matrix unit output node in the auxiliary encryption key characteristics according to the encryption element matrix, and sequentially merging a merged encryption element matrix formed by the main matrix unit output node and the auxiliary matrix unit output node.

Then, each merged encryption element matrix can be converted into an encryption element sequence of the same encryption key characteristic type, the keyword index information and the ciphertext index information between each encryption element sequence element are analyzed to obtain a corresponding index information sequence, and the index information sequences are fused to construct a fused encryption element sequence from the encryption element sequences.

Then, the header information of the feature index information of different encryption key feature types among matrix unit output nodes in the fusion encryption element sequence of the encryption element information can be determined, element paths are distributed to the encryption element information according to the header information, so that each element object of the fusion encryption element sequence is traversed sequentially, each element object is divided according to the incidence relation among the element objects, and the element object hierarchy of the encryption element information is obtained.

On the basis, the instruction information of the encryption component instruction containing each order encryption node and the range information of the encryption range containing each order encryption node can be respectively determined according to the element object level of the encryption element information, wherein the instruction information of the encryption component instruction containing each order encryption node and the range information of the encryption range containing each order encryption node are respectively configured in advance with different element object levels.

Then, according to the instruction information of the encryption component instruction containing each order encryption node and the range information containing the encryption range of each order encryption node, index search is carried out on each encryption service information related to each order encryption node, order encryption behavior corresponding to each order encryption node is determined, then, according to the order encryption behavior, an encryption process queue of each order encryption node is determined, and the secret spectrum data of the order encryption behavior and a secret spectrum association set of the secret spectrum data association encryption process queue are extracted, then, according to at least two secret spectrum association bits associated in the secret spectrum association set, a plurality of secret spectrum sub-segments are generated by the secret spectrum segments in the secret spectrum association bits according to a preset secret spectrum mapping relation, and segment offsets between all the secret spectrum segments in the next secret spectrum association bit and all the secret spectrum segments in the last secret spectrum association bit are calculated, and obtaining a corresponding preset dense spectrum mapping relation table according to the obtained deviation of each segment.

Therefore, according to the preset dense spectrum mapping relation table, the dense spectrum associated bitmap is formed by the dense spectrum sub-segments which are matched in the dense spectrum mapping relation and the segment offset between the dense spectrum sub-segments of the two dense spectrum sub-segments is smaller than the maximum continuous segment offset of the order encryption behavior in the segment offset.

And then, distributing the associated bits in each password spectrum associated bitmap to obtain a distributed interval of each password spectrum associated bitmap, and determining that the corresponding order encryption node in the order encryption node sequence is the target order encryption node when the distributed interval of the password spectrum associated bitmap is matched with the encryption interval corresponding to the order encryption component corresponding to the electronic commerce order according to the matching relation between the distributed interval of the password spectrum associated bitmap and the encryption interval corresponding to the order encryption component corresponding to the electronic commerce order.

It should be noted that, in the process of determining the encryption process queue of each order encryption node according to the order encryption behavior, in order to further avoid the situation of encryption repetition, an encryption instruction stream under the order encryption behavior may be further obtained, the encryption instruction stream is processed to obtain a plurality of encryption operation process sequences corresponding to a plurality of encryption instructions, then an encryption related operation process and an encryption non-related operation process of the plurality of encryption operation process sequences are determined, a proportion of the encryption related operation process in the encryption operation process is determined, the operation times of the encryption related operation process are determined according to the proportion, and the encryption related operation process is divided into a plurality of encryption related operation sub-processes according to the operation times.

And then, aiming at each encryption running process sequence, determining a locking encryption mark point of each encryption related running sub-process of each encryption running process in the encryption running process sequence processed currently, and generating an encryption mark value offset variation graph of each locking encryption mark point according to the encryption mark values of a plurality of encryption running processes contained in the current encryption running process sequence by each locking encryption mark point.

Then, for each encryption related operation sub-process, according to the encryption mark value offset change diagram of a plurality of locking encryption mark points contained in the currently processed encryption related operation sub-process, whether the currently processed encryption related operation sub-process contains locking encryption mark points with periodically changed encryption mark values is determined.

For example, if the currently processed encryption related operation sub-process includes a lock encryption flag point whose encryption flag value periodically changes, the currently processed encryption related operation sub-process is marked as the selected encryption related operation sub-process.

As another example. And if the encryption related operation sub-process currently processed does not contain the locking encryption mark point with the periodically changed encryption mark value, marking the encryption related operation sub-process currently processed as the unselected encryption related operation sub-process.

And then, aiming at the marked selected plurality of encryption related operation sub-processes, splicing the encryption related operation sub-processes with the association relationship into candidate encryption according to the process association, determining a plurality of reference encryption mark points with encryption mark values changing periodically in the candidate encryption process, and determining the encryption mark value change frequency of each reference encryption mark point.

On the basis, the encryption mark value change frequency of a plurality of reference encryption mark points in the candidate encryption process is calculated in a weighting mode, the encryption mark value change frequency of the encryption operation process sequence processed currently is obtained, at least one encryption operation process sequence which accords with the preset change frequency is screened out according to the encryption mark value change frequency of each encryption operation process sequence, and therefore the at least one encryption operation process sequence which accords with the preset change frequency can be used as the encryption process queue of each order encryption node.

In a possible design, further referring to step S130, in this embodiment, according to a determined target order encryption node, an encryption key certificate and encryption registration information when the target order encryption node encrypts corresponding order item information are generated, then service record information corresponding to the order item information is subjected to identification processing to obtain a plurality of service identification fields, a service code corresponding to each service identification field is determined, and a corresponding service code matrix is determined according to the service code.

On the basis, the encryption key certificate and the encryption register information can be identified to the service coding matrix to obtain service codes, the code matching degree between each service code in the service coding matrix and the service code is determined, and the encryption index parameter of each service code is determined according to the encryption key certificate of the service code corresponding to the maximum value of the code matching degree.

Therefore, data encryption can be performed on the order item information according to the encryption index parameter, so that the encrypted order item information can be accessed to the service based on the encryption index parameter.

Fig. 3 is a schematic diagram of functional modules of an electronic commerce data processing apparatus 300 according to an embodiment of the present application, and the embodiment can divide the functional modules of the electronic commerce data processing apparatus 300 according to the above method embodiment. For example, the functional blocks may be divided for the respective functions, or two or more functions may be integrated into one processing block. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, the division of the modules in the present application is schematic, and is only a logical function division, and there may be another division manner in actual implementation. For example, in the case of dividing each function module by corresponding functions, the electronic commerce data processing apparatus 300 shown in fig. 3 is only a schematic diagram of an apparatus. The e-commerce data processing apparatus 300 may include a determining module 310, an association establishing module 320, and an encrypting module 330, and the functions of the functional modules of the e-commerce data processing apparatus 300 are described in detail below.

The determining module 310 is configured to, when an electronic commerce order generated by any electronic commerce terminal 200 is received, determine and record an order encryption component corresponding to the electronic commerce order according to a preset correspondence between an electronic commerce order service and an order encryption component and an electronic commerce order service to which the electronic commerce order belongs.

The association establishing module 320 is configured to acquire service coverage information of an e-commerce order in a generation process, establish an order encryption node sequence corresponding to the service coverage information, and associate each order item information included in the e-commerce order into the order encryption node sequence according to a preset association sequence, where the service coverage information is used to indicate a target service accessed by the e-commerce order in the generation process and service invocation information corresponding to the target service, the service invocation information includes one or more combinations of a service invocation interface, a service invocation link, and a service invocation service provider, the order encryption node sequence includes a plurality of order encryption nodes, and each order encryption node is pre-adapted with at least one encryption key certificate of a corresponding service.

The encryption module 330 is configured to determine at least part of target order encryption nodes in the order encryption node sequence based on an order encryption component corresponding to the e-commerce order, and perform data encryption on corresponding order item information included in the e-commerce order according to the target order encryption nodes.

Further, fig. 4 is a schematic structural diagram of a server 100 for performing the above-mentioned e-commerce data processing method according to an embodiment of the present application. As shown in FIG. 4, the server 100 may include a network interface 110, a machine-readable storage medium 120, a processor 130, and a bus 140. The processor 130 may be one or more, and one processor 130 is illustrated in fig. 4 as an example. The network interface 110, the machine-readable storage medium 120, and the processor 130 may be connected by a bus 140 or otherwise, as exemplified by the connection by the bus 140 in fig. 4.

The machine-readable storage medium 120 is used as a computer-readable storage medium for storing software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the e-commerce data processing method in the embodiment of the present application (for example, the determination module 310, the association establishment module 320, and the encryption module 330 of the e-commerce data processing apparatus 300 shown in fig. 3). The processor 130 detects the software program, instructions and modules stored in the machine-readable storage medium 120, so as to execute various functional applications and data processing of the terminal device, that is, to implement the above-mentioned e-commerce data processing method, which is not described herein again.

The machine-readable storage medium 120 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the machine-readable storage medium 120 may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The non-volatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable PROM (EEPROM), or a flash Memory. Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory. By way of example, but not limitation, many forms of RAM are available, such as Static random access memory (Static RAM, SRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic random access memory (Synchronous DRAM, SDRAM), Double Data rate Synchronous Dynamic random access memory (DDR SDRAM), Enhanced Synchronous SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and direct memory bus RAM (DR RAM). It should be noted that the memories of the systems and methods described herein are intended to comprise, without being limited to, these and any other suitable memory of a publishing node. In some examples, the machine-readable storage medium 120 may further include memory located remotely from the processor 130, which may be connected to the server 100 over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The processor 130 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method embodiments may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 130. The processor 130 may be a general-purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, or discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor.

The server 100 can perform information interaction with other devices (e.g., the electronic commerce terminal 200) through the network interface 110. Network interface 110 may be a circuit, bus, transceiver, or any other device that may be used to exchange information. Processor 130 may send and receive information using network interface 110.

In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.

Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

It will be apparent to those skilled in the art that various changes and modifications may be made in the embodiments of the present application without departing from the spirit and scope of the application. Thus, to the extent that such expressions and modifications of the embodiments of the application fall within the scope of the claims and their equivalents, the application is intended to embrace such alterations and modifications.

Claims

1. An electronic commerce data processing method, applied to a server which is in communication connection with a plurality of electronic commerce terminals, the electronic commerce terminals being any electronic terminals for executing electronic commerce transactions, the electronic commerce transactions being transactions of any physical products or virtual products, the method comprising:

when an electronic commerce order generated by any electronic commerce terminal is received, determining and recording an order encryption component corresponding to the electronic commerce order according to a preset corresponding relation between an electronic commerce order service and an order encryption component and the electronic commerce order service to which the electronic commerce order belongs, wherein the order encryption component is used as an extensible component on an electronic commerce platform to perform updating operation at any time, and the electronic commerce platform is installed in the electronic commerce terminal in a software mode or runs in a webpage frame in a webpage code mode;

acquiring service coverage information of the electronic commerce order in a generating process, establishing an order encryption node sequence corresponding to the service coverage information, and associating each order item information included in the electronic commerce order into the order encryption node sequence according to a preset association sequence, wherein the service coverage information is used for representing a target service accessed by the electronic commerce order in the generating process and service calling information corresponding to the target service, the service calling information comprises one or more combinations of a service calling interface, a service calling link and a service calling service provider, the order encryption node sequence comprises a plurality of order encryption nodes, each order encryption node is pre-adapted with at least one encryption key certificate of the corresponding service, and the encryption key certificate is used for representing a legal authentication certificate when the service runs, wherein, legal access and reading can be carried out and the encryption operation can be carried out under the condition of having the encryption key certificate;

2. The method for processing e-commerce data of claim 1, wherein the step of obtaining service coverage information of the e-commerce order in a generation process and establishing an order encryption node sequence corresponding to the service coverage information comprises:

3. The method for processing e-commerce data of claim 2, wherein the step of generating the service call sequence of the service access column under the service access configuration form according to the service call information corresponding to each sub-service access column and the corresponding service generation information comprises:

4. The method for processing e-commerce data of claim 1, wherein the step of associating each order item information included in the e-commerce order into the order encryption node sequence according to a preset association sequence comprises:

5. The method as claimed in any one of claims 1 to 4, wherein the step of determining at least a part of the target order encryption nodes in the order encryption node sequence based on the order encryption component corresponding to the e-commerce order comprises:

6. The method of claim 5, wherein said step of determining an encryption process queue for each order encryption node based on said order encryption activity comprises:

7. The method as claimed in any one of claims 1 to 6, wherein the step of encrypting data of corresponding order item information included in the e-commerce order according to the target order encryption node comprises:

8. An electronic commerce system, characterized in that, the electronic commerce system comprises a server and a plurality of electronic commerce terminals which are connected with the server in a communication way, the electronic commerce terminals are any electronic terminals which are used for executing electronic commerce transactions, and the electronic commerce transactions are transactions of any physical products or virtual products;

the server is used for determining and recording an order encryption component corresponding to an electronic commerce order according to a preset corresponding relation between an electronic commerce order service and an order encryption component and the electronic commerce order service to which the electronic commerce order belongs when receiving the electronic commerce order generated by any electronic commerce terminal, wherein the order encryption component is used as an extensible component on an electronic commerce platform to perform updating operation at any time, and the electronic commerce platform is installed in the electronic commerce terminal in a software mode or runs in a webpage frame in a webpage code mode;

the server is configured to acquire service coverage information of the e-commerce order in a generation process, establish an order encryption node sequence corresponding to the service coverage information, and associate each order item information included in the e-commerce order into the order encryption node sequence according to a preset association sequence, where the service coverage information is used to indicate a target service accessed by the e-commerce order in the generation process and service invocation information corresponding to the target service, the service invocation information includes one or more combinations of a service invocation interface, a service invocation link, and a service invocation service provider, the order encryption node sequence includes a plurality of order encryption nodes, each order encryption node is pre-adapted with an encryption key certificate of at least one corresponding service, and the encryption key certificate is used to indicate a legal authentication certificate during a service operation process, wherein, legal access and reading can be carried out and the encryption operation can be carried out under the condition of having the encryption key certificate;