Summary of the invention
To guarantee that in order making validated user gets access to the fail safe of super code, to reduce potential safety hazard, the embodiment of the invention provides a kind of generation, authentication method and system, equipment of super code.Described technical scheme is as follows:
On the one hand, provide a kind of generation method of super code, described method comprises:
Receive solicited message, described request information is carried the device identification of equipment;
Adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification.
On the one hand, provide a kind of authentication method of super code, described method comprises:
Subscriber equipment sends solicited message, and described request information is carried the device identification of described subscriber equipment;
Described subscriber equipment receives super code, the super code generating algorithm of described super code by selecting, generate according to system time and described device identification, described super code generating algorithm adopts 14 kinds of unidirectional super code computational methods of 2*7, wherein, the product ID end numeral odevity decision that laterally provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm;
After described subscriber equipment obtains described super code, obtain the device identification of self and the system time of current time, system time according to described current time is selected the super code generating algorithm, by the super code generating algorithm of selecting, according to the system time and the described device identification of described current time, generate authentication password;
Judge whether described authentication password and described super code mate, if then described super code authentication is passed through.
On the one hand, provide a kind of super code generating apparatus again, described device comprises:
Receiver module is used for the solicited message that receiving equipment sends, and described request information is carried the device identification of described equipment;
Generation module, be used for after described receiver module receives request message, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification.
On the one hand, provide a kind of super code Verification System again, described system comprises: super code generating apparatus and authenticating device, and wherein, described super code generating apparatus comprises:
Receiver module is used to receive solicited message, and described request information is carried the device identification of described authenticating device;
Generation module, be used for after described receiver module receives request message, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate super code according to described system time and described device identification;
Sending module is used to send the super code that described generation module generates;
Wherein, described authenticating device comprises:
Acquisition module is used to obtain the super code that described super code generating apparatus generates;
Generation module, be used to obtain the device identification of self and the system time of current time, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate authentication password according to the system time and the described device identification of described current time;
Authentication module is used to judge whether the authentication password of described generation module generation and the super code that described acquisition module obtains mate, if then described super code authentication is passed through.
On the one hand, also provide a kind of authenticating device again, described equipment comprises:
Acquisition module is used to obtain super code;
Generation module, be used to obtain the device identification of self and the system time of current time, adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm, select the super code generating algorithm, by the super code generating algorithm of selecting,, generate authentication password according to the system time and the described device identification of described current time;
Authentication module is used to judge whether the authentication password of described generation module generation and the super code that described acquisition module obtains mate, if then described super code authentication is passed through.
The beneficial effect of the technical scheme that the embodiment of the invention provides is:
By with the sign of system time and equipment self as the foundation that generates super code, fully guaranteed the fail safe of the super code that validated user obtains, reduced potential safety hazard.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
When equipment managers such as fire compartment wall are forgotten entry password etc. similarly situation are taken place, by the sequence number that dispatches from the factory to the equipment that this hope login is provided with clothes equipment, with clothes equipment according to above-mentioned dispatch from the factory sequence number and the system time received (as the date on the same day of receiving etc.), after the super code algorithm computation, generate super code and transmission, the keeper uses this super code that obtains, and logins.Wherein, it is as follows to generate the method for this super code with clothes equipment:
Receive solicited message, solicited message is carried the device identification of equipment;
Select the super code generating algorithm according to system time,,, generate super code according to system time and device identification by the super code generating algorithm of selecting.
Wherein, after generating this super code, can also generate an effective time, be used for this super code is carried out the qualification of rights of using this effective time for this super code with clothes equipment.
When concrete the application, the said equipment sign is specifically as follows Equipment Serial Number etc., is used for unique identification and goes out equipment.
Wherein, after the keeper of equipment such as fire compartment wall got access to super code, facility was logined with this super code, and when login, equipment need authenticate this super code, and wherein, the method for the authentication of super code is as follows:
After equipment is received super code, obtain the device identification of self and the system time of current time, select the super code generating algorithm according to the system time of current time, by the super code generating algorithm of selecting, according to the system time and the device identification of current time, generate authentication password;
Whether authentication password and super code that judgment device self generates mate, if then the super code authentication is passed through.
Wherein, when equipment except receiving super code, when also having received the effective time of this super code, whether effective according to judging super code effective time, if then obtain the device identification of self and the system time of current time, system time according to current time is selected the super code generating algorithm, by the super code generating algorithm of selecting,, generate authentication password according to the system time and the device identification of current time; Judge whether authentication password and super code mate, if then the super code authentication is passed through.
Wherein, after equipment received super code (perhaps receiving super code and effective time), equipment self can also be set the authentication whether self allows to carry out super code, if then carry out corresponding authenticating step.
The generation method of the super code that provides at the embodiment of the invention and utilize the method for this super code authentication to be elaborated respectively below.
Embodiment 1
Referring to Fig. 1, the embodiment of the invention provides a kind of generation method of super code, and method thes contents are as follows:
101: the user obtains the equipment mark information of wishing login, as the sequence number of equipment etc.
Wherein, because for the equipment of each regular production, have one product ID at its Shi Douhui that dispatches from the factory, and this product ID is a uniquely identified, the mode of this product ID by label can be attached to equipment surface, also can be embedded in the equipment by modes such as softwares; Correspondingly, the user can be by checking the mode of label, and perhaps the mode that reads by product software gets access to the sequence number of this equipment, when the user is this equipment of Telnet, can obtain the sequence number of this equipment by corresponding other indirect mode.
102: the user wherein, comprises equipment mark information and the device authentication information that is used for the Authentication devices identity to sending solicited message with clothes equipment in the solicited message, specifically comprise sequence number, the time of purchase of equipment, buys user's name or the like.
Wherein, the content of specifically carrying in the authorization information, can be provided with according to prior concrete needs with clothes equipment, for example the information of registering when buying this equipment according to the user is set the content that authorization information is specifically carried, as userspersonal information, time buying or the like, the embodiment of the invention does not limit content-form concrete in the authorization information.
103: after receiving the solicited message that the user sends with clothes equipment,, judge whether this equipment is legal, if then execution in step 104 according to carrying device authentication information in the solicited message; Otherwise, execution in step 106.
Wherein, receive the solicited message that the user sends with clothes equipment after, judge whether legal purpose mainly is in order to confirm whether this user really has this equipment to this equipment.
104: with clothes equipment according to the sequence number in the solicited message of obtaining and the same day system time, select the super code generating algorithm, generate super code.
Wherein, the embodiment of the invention when generating super code, be with the sequence number of equipment and the same day system time as being input as example, wherein, system time specifically can carry out determining of span as required: get the date as system time, promptly be accurate to Year/Month/Day; When can be as accurate as, i.e. Year/Month/Day/time or the like; Perhaps system time can also be the running time of system's self-starting use, for example for the equipment of some low side, equipment self can't provide the function of system data, just can correspondingly the system time of mentioning in the embodiment of the invention be defined as the running time of having been experienced since system's self-starting is used this moment.Correspondingly, utilize super code to carry out in the super code verification process, equipment changes when generating the super code of self accordingly, promptly needs the running time of sequence number and equipment of the input as the super code of input calculating equipment self; No matter be to adopt system data or system operation time or the input of the time of other kind, as long as guarantee that it is dynamically to change in time that super code is obtained in generation, all in the scope that the embodiment of the invention contained.
Wherein, when selecting the super code algorithm, in advance can provide multiple super code computational algorithm selective use with clothes equipment, can be when selecting according to the temporal regularity of system time, as week rule (Monday corresponding first super code computational algorithm, Tuesday the corresponding second super code algorithm or the like), perhaps according to the date rule on the same day (as odevity etc., as No. 3 correspondence first super code computational algorithms, No. 4 correspondence second super code computational algorithms or the like) etc. mode is selected employed super code computational algorithm, thereby has guaranteed the dynamic and the confidentiality of the super code that generates.In order further how this step 104 to be generated super code be elaborated, see for details hereinafter:
By pre-installing a plurality of folk prescriptions to the cryptographic calculations algorithm, so-called folk prescription is to being exactly can not instead release the input parameter that calculates super code according to the super code (being the output of algorithm) that calculates, according to the algorithm matrix of two dimension.For example can adopt 14 kinds of unidirectional super code computational methods of 2*7, wherein, laterally the product ID end numeral odevity decision that provides according to the user is to adopt the algorithm of first row or the algorithm of second row; Then again according to the same day system time be that what day to decide be which corresponding row algorithm; The algorithm of determining according to both is imported current system time and product ID total data at last, produces a string character visible string (wherein, this character string similarly is a random string In the view of the user), promptly is required super code.Certainly, the selection of super code algorithm can be simpler.For example, can be what day to decide algorithm only according to current date.
Wherein, in this step 104, use the fail safe of this super code in order further to guarantee the user, can also set effective time for the super code that generates, promptly subscriber equipment can only have the rights of using of this super code in the effective time of setting.Present embodiment is when generating super code, and be that example describes the effective time that generates this super code.
105: with the super code and the effective time that generate, send to the user with clothes equipment.
106: return error message with clothes equipment to the user, refusal provides service.Since with the clothes device authentication subscriber equipment be the disabled user, so refuse to provide the generation service of super code for it.
In sum, when the user gets access to the super code that returns with clothes equipment, just can utilize this super code logging device, when login, equipment can authenticate super code, correspondingly, referring to Fig. 2, the embodiment of the invention also provides a kind of authentication method of super code, and wherein, this authentication method is as follows:
201: equipment obtains the super code of user's input.
202: equipment judges self whether to allow to carry out the super code authentication, if then execution in step 203; Otherwise, execution in step 207.
Wherein, equipment is for security consideration, can set the super code authentication that self allows to carry out limited number of time, for example, the equipment of being set at is only to have allowed to carry out a super code authentication since the self-starting, correspondingly, when this equipment authenticates for carrying out for the first time super code at this moment, then can continue execution in step 203; Otherwise, execution in step 207.
203. equipment is judged the super code receive whether in effective time, if then execution in step 204, otherwise, execution in step 207.
204: equipment obtains sequence number and the system time of this moment of self, selects the super code algorithm, generates the super code of self, this self the super code authentication password of saying so accurately, and its effect is to be used for verifying the super code that the user imports.
Wherein, the super code algorithm that use the inside of equipment self and be consistent with the super code algorithm that clothes equipment provides gets final product, and does not need concrete algorithm is limited.
205: equipment judges whether the authentication password that this super code and equipment self generate mates, if then execution in step 206 according to the super code that obtains; Otherwise, execution in step 207.
Wherein, when judging whether authentication password and super code mate, whether the character string that can be by judging authentication password and the character string of super code fit like a glove and determine whether coupling.
206: equipment is accepted user's login, the user is carried out the mandate of rights of using.
Wherein, when the user is carried out the mandate of rights of using, can authorize user power user's authority, as check, create and delete the authority etc. of keeper's account, the concrete authority of setting is specified according to the equipment needs.
Wherein, being set at of equipment self only allowed to carry out a super code authentication since the self-starting, then when proceeding to this step, need equipment self also can be set not allow to reuse super code when the user be carried out the mandate of rights of using.
207: the login of equipment refusing user's.
Wherein, also can generate the checking user name when in step 204, generating authentication password, correspondingly, in step 201, when obtaining super code, also obtain the username information of user input, when the user name of super code and authentication password coupling and user's input and checking user that equipment self generates are mated, equipment is accepted user's login, the user is carried out the mandate of rights of using.
The generation method of the super code that the invention described above embodiment provides is unified into into super code by equipment mark information is correlated with temporal information, and by this super code being generated the mode of effective time, has guaranteed the fail safe of super code.Simultaneously, the authentication method of the super code that the embodiment of the invention provides is by the super code that obtains, when carrying out device logs, the authentication password of using equipment self to generate authenticates this super code, has reduced potential safety hazard, has improved the satisfaction of user to the equipment supplier.
Embodiment 2
Referring to Fig. 3, the embodiment of the invention provides a kind of super code generating apparatus, and device comprises:
Receiver module 301 is used for the solicited message that receiving equipment sends, and solicited message is carried the device identification of equipment;
Generation module 302 is used for after receiver module 301 receives request message, selects the super code generating algorithm according to system time, by the super code generating algorithm of selecting, according to system time and device identification, generates super code.
Wherein, further, generation module 302 also is used to generate the effective time of super code, is used for this super code is carried out the qualification of rights of using effective time, and when super code used in effective time, then super code is effectively to use.
Further, above-mentioned solicited message also comprises: device authentication information; Correspondingly, device comprises that also authentication module is used for the authorization information according to equipment, and whether Authentication devices is legal.
The super code generating apparatus that the embodiment of the invention provides, equipment identification information and system time are carried out related generation super code, reduced potential safety hazard, and the super code that generates rights of using have been set, once effective etc. as this super code, fully guarantee the fail safe of the super code that validated user obtains, reduced potential safety hazard.
Embodiment 3
Referring to Fig. 4, the embodiment of the invention provides a kind of super code Verification System, and system comprises: super code generating apparatus 401 and authenticating device 402, and wherein, super code generating apparatus 401 comprises:
Receiver module 4011 is used to receive solicited message, and solicited message is carried the device identification of authenticating device 402;
Generation module 4012 is used for after receiver module 4011 receives request message, selects the super code generating algorithm according to system time, by the super code generating algorithm of selecting, according to system time and device identification, generates super code;
Sending module 4013 is used to send the super code that generation module 4012 generates;
Wherein, authenticating device 402 comprises:
Acquisition module 4021 is used to obtain the super code that super code generating apparatus 401 generates; In the specific implementation, can be with behind the super code that gets access to above-mentioned super code generating apparatus transmission by the customer administrator, this super code that will obtain again is input to the form of the authenticating device of waiting for that login enters, makes authenticating device get access to this super code.
Generation module 4022, be used to obtain the device identification of self and the system time of current time, select the super code generating algorithm according to the system time of current time, by the super code generating algorithm of selecting, according to the system time and the device identification of current time, generate authentication password;
Authentication module 4023 is used to judge whether the authentication password of generation module 4022 generations and the super code that acquisition module 4021 obtains mate, if then the super code authentication is passed through.
Wherein, further, the generation module 4012 of super code generating apparatus 401 also is used to generate the effective time of super code; Be used for this super code is carried out the qualification of rights of using effective time, be used for effective time using in effective time when super code, then super code is effectively to use.
The sending module 4013 of super code generating apparatus 401 also is used to send the effective time of super code;
Correspondingly,
The acquisition module 4021 of authenticating device 402 also is used to obtain the effective time of super code;
Authenticating device 402 also comprises:
Effective judge module, be used for according to acquisition module obtain effective time, judge that super code that acquisition module 4021 obtains is whether in effective time, if then super code is effective.
Further, authenticating device 402 also comprises:
Judge module is used for whether allowing to carry out the authentication of super code according to the configuration determination of equipment self after acquisition module 4021 obtains super code.
The super code Verification System that the embodiment of the invention provides, equipment identification information and system time are carried out related generation super code, reduced potential safety hazard, and the super code that generates set rights of using, once effective etc. as this super code, and based on the super code that generates, carry out login authentication, fully guaranteed the fail safe of the super code that validated user obtains, reduced potential safety hazard, improved the satisfaction of user the equipment supplier.
Embodiment 4
Referring to Fig. 5, the embodiment of the invention provides a kind of authenticating device, and equipment comprises:
Acquisition module 501 is used to obtain super code;
Generation module 502, be used to obtain the device identification of self and the system time of current time, select the super code generating algorithm according to the system time of current time, by the super code generating algorithm of selecting, according to the system time and the device identification of current time, generate authentication password;
Authentication module 503 is used to judge whether the authentication password of generation module 502 generations and the super code that acquisition module 501 obtains mate, if then the super code authentication is passed through.
Further, acquisition module 502 also is used to obtain the effective time of super code;
Correspondingly, authenticating device also comprises:
Effective judge module is used for according to judging that super code is whether in effective time, if then super code is effective effective time.
Further, authenticating device also comprises judge module, is used for whether allowing to carry out the authentication of super code according to the configuration determination of equipment self after acquisition module 501 receives super code.
The authenticating device that the embodiment of the invention provides, equipment identification information and system time are carried out related generation authentication password, utilize authentication password, the super code that obtains is authenticated, reduced potential safety hazard, fully guaranteed the fail safe of super code, reduced potential safety hazard, improved the satisfaction of user the equipment supplier.
One of ordinary skill in the art will appreciate that all or part of flow process that realizes in the foregoing description method, be to instruct relevant hardware to finish by computer program, described program can be stored in the computer read/write memory medium, this program can comprise the flow process as the embodiment of above-mentioned each side method when carrying out.Wherein, described storage medium can be magnetic disc, CD, read-only storage memory body (Read-Only Memory, ROM) or at random store memory body (Random Access Memory, RAM) etc.
The above only is specific embodiments of the invention;, for those skilled in the art, not all under the prerequisite that does not break away from the principle of the invention in order to restriction the present invention; any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.