CN102281142A - User identity identification system - Google Patents
User identity identification system Download PDFInfo
- Publication number
- CN102281142A CN102281142A CN2011102178861A CN201110217886A CN102281142A CN 102281142 A CN102281142 A CN 102281142A CN 2011102178861 A CN2011102178861 A CN 2011102178861A CN 201110217886 A CN201110217886 A CN 201110217886A CN 102281142 A CN102281142 A CN 102281142A
- Authority
- CN
- China
- Prior art keywords
- certificate server
- user
- client
- usb key
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a user identity identification system. A method of the system comprises the following steps: a user inserts a USB KEY, and a client sends an authentication request to the certificate server; the certificate server receives the request and generates a random string X; the certificate server sends X to the client; the client carries out operation on information +X in the USB KEY with a first algorithm, and an operation result is Rh;the client sends Rh to the certificate server; the certificate server carries out operation on the information +X in the stored user USB KEY with the first algorithm, and an operation result is Rh1; the certificate server carries out comparison between Rh and Rh1, and if Rh and Rh1 are consistent, verification is successful; a comparison result is sent to an application server, and the application server determines whether the user can log in or not according to the comparison result. According to the invention, a system security problem brought by a tradition login mode of 'username + password' is solved, and security and accuracy of identity authentication are ensured.
Description
Technical field
The present invention relates to information security field, particularly a kind of user identity identification system.
Background technology
Along with the continuous development of the Internet and information technology, carry out beyond doubt more cost-effective working method of information exchange by network, its utilization saves more for enterprise and client provide, the working space of efficient and better services.People begin to cause people's close attention to the safety issue of information in the utilization network, the demand for security of network also more and more presents.A little less than the fail safe very of the identification authentication mode of " user name+password " that current many application systems are all used, the user name and password easily is stolen and causes loss; And the authentication mode user of " user name+password " uses also very inconveniently, and the user usually needs to remember complicated the user name and password.
Summary of the invention
Goal of the invention: the problem and shortage at above-mentioned prior art exists the purpose of this invention is to provide a kind of safer user identity identification system.
Technical scheme: for achieving the above object, the technical solution used in the present invention is an a kind of user identity identification system, comprises the steps:
(1) user inserts USB KEY, and client is sent authentication request to certificate server;
(2) certificate server is received request, generates a random string X;
(3) certificate server is issued client with X;
(4) client is carried out computing to the information+X among the USB KEY with first algorithm, and operation result is Rh;
(5) client sends to certificate server with Rh;
(6) certificate server carries out computing to the information+X among the user USB KEY of storage with first algorithm, and operation result is Rh1;
(7) certificate server compares Rh and Rh1, if unanimity is then for being proved to be successful;
(8) result that will contrast sends to application server, judges according to the result who contrasts whether this user can login by application server.
Described first algorithm can be the MD5 algorithm.
Information among the described USB KEY can be digital certificate.
In the described step (1), when client is sent authentication request to certificate server, the information among user name, password and the user USB KEY also can be sent to certificate server; In the described step (2), certificate server is at first judged username and password, if the step below the correct then continuation, otherwise subsequent step is no longer carried out in the refusing user's login.
Beneficial effect: the invention provides based on the safer of USB KEY and identification authentication mode easily, eliminated the security of system problem that traditional login mode of " user name+password " brings, guarantee the fail safe and the accuracy of authentication; System of the present invention installs and uses all very simple: the instrument of digital certificate this " complexity " is hidden in the system backstage, and the user does not need understanding just can easily use about any knowledge of CA (Certificate Authority, certificate granting).Installing of system, common keeper just can finish to specifications, greatly reduces technical threshold.
Embodiment
Below in conjunction with specific embodiment, further illustrate the present invention, should understand these embodiment only is used to the present invention is described and is not used in and limit the scope of the invention, after having read the present invention, those skilled in the art all fall within the application's claims institute restricted portion to the modification of the various equivalent form of values of the present invention.
The present invention includes following steps:
(1) user imports username and password, and inserts USB KEY, and client is sent authentication request to certificate server, and automatically user name, the password of user's input and the digital certificate that is stored among the USB KEY is issued certificate server;
(2) after certificate server is received authentication request, at first username and password that receives and the correct information that is stored in are in advance wherein compared, if correctly then proceed following step, otherwise following step is no longer carried out in the refusing user's login;
(3) certificate server generates a random string X, and X is issued client;
(4) client is carried out computing to the digital certificate+X among the USB KEY with the MD5 algorithm, and operation result is Rh;
(5) client sends to certificate server with Rh;
(6) certificate server carries out computing to the digital certificate+X among the user USB KEY of storage with the MD5 algorithm, and operation result is Rh1;
(7) certificate server compares Rh and Rh1, if unanimity is then for being proved to be successful;
(8) result that will contrast sends to application server, judges according to the result who contrasts whether this user can login by application server.
Claims (4)
1. a user identity identification system is characterized in that, comprises the steps:
(1) user inserts USB KEY, and client is sent authentication request to certificate server;
(2) certificate server is received request, generates a random string X;
(3) certificate server is issued client with X;
(4) client is carried out computing to the information+X among the USB KEY with first algorithm, and operation result is Rh;
(5) client sends to certificate server with Rh;
(6) certificate server carries out computing to the information+X among the user USB KEY of storage with first algorithm, and operation result is Rh1;
(7) certificate server compares Rh and Rh1, if unanimity is then for being proved to be successful;
(8) result that will contrast sends to application server, judges according to the result who contrasts whether this user can login by application server.
2. according to the described user identity identification of claim 1 system, it is characterized in that: described first algorithm is the MD5 algorithm.
3. according to the described user identity identification of claim 1 system, it is characterized in that: the information among the described USB KEY is digital certificate.
4. according to the described user identity identification of claim 1 system, it is characterized in that: in the described step (1), when client is sent authentication request to certificate server, the information among user name, password and the user USB KEY is also sent to certificate server; In the described step (2), certificate server is at first judged username and password, if the step below the correct then continuation, otherwise subsequent step is no longer carried out in the refusing user's login.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102178861A CN102281142A (en) | 2011-08-01 | 2011-08-01 | User identity identification system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102178861A CN102281142A (en) | 2011-08-01 | 2011-08-01 | User identity identification system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102281142A true CN102281142A (en) | 2011-12-14 |
Family
ID=45106340
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011102178861A Pending CN102281142A (en) | 2011-08-01 | 2011-08-01 | User identity identification system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102281142A (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103166761A (en) * | 2013-02-05 | 2013-06-19 | 清华大学深圳研究生院 | Fingerprint lock, lock end device and key of fingerprint lock, and identity authentication method |
| CN104639562A (en) * | 2015-02-27 | 2015-05-20 | 飞天诚信科技股份有限公司 | Work method of authentication pushing system and equipment |
| CN105847240A (en) * | 2016-03-17 | 2016-08-10 | 西安法士特汽车传动有限公司 | Login method for integrated calibration system of vehicle-mounted controller |
| CN106850235A (en) * | 2017-04-08 | 2017-06-13 | 普拉斯旺(深圳)商贸有限公司 | A kind of identity identifying method |
| WO2017107956A1 (en) * | 2015-12-23 | 2017-06-29 | 北京奇虎科技有限公司 | Data processing method, client and server |
| CN107528689A (en) * | 2017-09-18 | 2017-12-29 | 上海动联信息技术股份有限公司 | A kind of password amending method based on Ukey |
| CN107612913A (en) * | 2017-09-20 | 2018-01-19 | 贵州恒昊软件科技有限公司 | A kind of on-line bid system and method |
| CN109145543A (en) * | 2018-09-03 | 2019-01-04 | 湖北文理学院 | A kind of identity identifying method |
| CN109388940A (en) * | 2018-09-20 | 2019-02-26 | 斑马网络技术有限公司 | Vehicle system access method, device, server and engineering USB flash disk |
| CN109409046A (en) * | 2018-09-26 | 2019-03-01 | 北京天地和兴科技有限公司 | A kind of secure log authentication method of industrial safety system |
| CN109889548A (en) * | 2019-04-01 | 2019-06-14 | 中国工商银行股份有限公司 | The authentication method of Web site based on U-shield device, apparatus and system |
| CN110084706A (en) * | 2019-04-04 | 2019-08-02 | 国美金控投资有限公司 | It is a kind of that guarantor's verifying System and method for is prolonged based on block chain |
| CN110278080A (en) * | 2019-07-11 | 2019-09-24 | 珠海格力电器股份有限公司 | Method, system and the computer readable storage medium of data transmission |
-
2011
- 2011-08-01 CN CN2011102178861A patent/CN102281142A/en active Pending
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103166761B (en) * | 2013-02-05 | 2015-11-04 | 清华大学深圳研究生院 | Fingerprint Lock and identity identifying method |
| CN103166761A (en) * | 2013-02-05 | 2013-06-19 | 清华大学深圳研究生院 | Fingerprint lock, lock end device and key of fingerprint lock, and identity authentication method |
| CN104639562B (en) * | 2015-02-27 | 2018-03-13 | 飞天诚信科技股份有限公司 | A kind of system of pushing certification and the method for work of equipment |
| CN104639562A (en) * | 2015-02-27 | 2015-05-20 | 飞天诚信科技股份有限公司 | Work method of authentication pushing system and equipment |
| WO2017107956A1 (en) * | 2015-12-23 | 2017-06-29 | 北京奇虎科技有限公司 | Data processing method, client and server |
| CN105847240A (en) * | 2016-03-17 | 2016-08-10 | 西安法士特汽车传动有限公司 | Login method for integrated calibration system of vehicle-mounted controller |
| CN106850235A (en) * | 2017-04-08 | 2017-06-13 | 普拉斯旺(深圳)商贸有限公司 | A kind of identity identifying method |
| CN107528689A (en) * | 2017-09-18 | 2017-12-29 | 上海动联信息技术股份有限公司 | A kind of password amending method based on Ukey |
| CN107612913A (en) * | 2017-09-20 | 2018-01-19 | 贵州恒昊软件科技有限公司 | A kind of on-line bid system and method |
| CN109145543A (en) * | 2018-09-03 | 2019-01-04 | 湖北文理学院 | A kind of identity identifying method |
| CN109388940A (en) * | 2018-09-20 | 2019-02-26 | 斑马网络技术有限公司 | Vehicle system access method, device, server and engineering USB flash disk |
| CN109409046A (en) * | 2018-09-26 | 2019-03-01 | 北京天地和兴科技有限公司 | A kind of secure log authentication method of industrial safety system |
| CN109889548A (en) * | 2019-04-01 | 2019-06-14 | 中国工商银行股份有限公司 | The authentication method of Web site based on U-shield device, apparatus and system |
| CN110084706A (en) * | 2019-04-04 | 2019-08-02 | 国美金控投资有限公司 | It is a kind of that guarantor's verifying System and method for is prolonged based on block chain |
| CN110278080A (en) * | 2019-07-11 | 2019-09-24 | 珠海格力电器股份有限公司 | Method, system and the computer readable storage medium of data transmission |
| CN110278080B (en) * | 2019-07-11 | 2020-10-02 | 珠海格力电器股份有限公司 | Method, system and computer readable storage medium for data transmission |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102281142A (en) | User identity identification system | |
| CN109741500B (en) | Temporary password setting and verification method for intelligent lock | |
| CN101867929B (en) | Authentication method, system, authentication server and terminal equipment | |
| CN102281138B (en) | Method and system for improving safety of verification code | |
| CN109450959A (en) | A kind of multiple-factor identity identifying method based on threat level | |
| CN105827573B (en) | System, method and the relevant apparatus of internet of things equipment strong authentication | |
| CN1832401A (en) | Method for protecting safety of account number cipher | |
| TW200629085A (en) | Method and system for securely provisioning a client device | |
| CN110661800A (en) | Multi-factor identity authentication method supporting guarantee level | |
| WO2016035015A1 (en) | System, method and process for detecting advanced and targeted attacks with the recoupling of kerberos authentication and authorization | |
| CN102457491B (en) | Dynamic identity authenticating method and system | |
| CN109347831A (en) | A kind of double authentication safety access system and method based on UKey certification | |
| CN109285256A (en) | Computer room based on block chain authentication enter permission give method | |
| CN102571874B (en) | On-line audit method and device in distributed system | |
| CN104703180A (en) | Implicit multiple authentication method based on mobile Internet and intelligent terminal | |
| CN102694776A (en) | Authentication system and method based on dependable computing | |
| CN103428191A (en) | Single sign on method based on combination of CAS framework and fingerprint | |
| CN102413146A (en) | Client authorized logon method based on dynamic codes | |
| CN102938116A (en) | Full-link protection and management method for ensuring safety of transaction | |
| CN106933605A (en) | A kind of intelligent progress recognizing control method and system | |
| CN105187409B (en) | A kind of device authorization system and its authorization method | |
| CN110971609A (en) | Anti-cloning method of DRM client certificate, storage medium and electronic equipment | |
| CN101212369A (en) | Internet based method for verifying terminal use for application system | |
| CN102821106A (en) | Electronic document non-repudiation method | |
| CN112804236A (en) | User identity authentication system based on online network application program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20111214 |