CN105450658A - System login method and device - Google Patents
System login method and device Download PDFInfo
- Publication number
- CN105450658A CN105450658A CN201510944172.9A CN201510944172A CN105450658A CN 105450658 A CN105450658 A CN 105450658A CN 201510944172 A CN201510944172 A CN 201510944172A CN 105450658 A CN105450658 A CN 105450658A
- Authority
- CN
- China
- Prior art keywords
- user
- login
- management server
- account
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a system login method. The method comprises the following steps that: user information is input at a system front end; the system front end transmits the user information to a permission management server, and the permission management server verifies the user information and transmits a verification result to the system front end; and if the verification succeeds, a connection channel is established between the system front end and a system background server to perform data interaction. Compared with the prior art, the system login method is characterized in that an account password and permission information of a user are stored through the permission management server, and the user information is verified from the permission management server firstly when the user logs into a system. When the password of the user leaks, a service provider can cut off a link between the permission server and an actual system in time, and operation corresponding to an account cannot be acquired from the permission server, so that the account does not exist relative to the system. Meanwhile, the invention also provides a system login device for implementing the method.
Description
Technical field
The present invention relates to a kind of system login method, particularly a kind of system login method ensureing user information safety; The invention still further relates to a kind of device for realizing said system login method.
Background technology
Existing system, in login process, all needs user to input account and password, after verifying, just can log in system background server.Refer to Fig. 1, it is the connection diagram of existing system login.During existing system login, user is first by the personal information such as front end login interface input user account and password etc. of system.Then, by the login interface of front end, this user profile is transferred to background server to verify.After background server has been verified, if be proved to be successful, then send data to front end, carry out data interaction.
But due in existing login system, because the secret key of login of system and data are all stored in same server, like this when the log-on message of user occurs to leak, now the illegal people logged in can arbitrarily operate in systems in which.And now, can only be carried out the modes such as the amendment of password can be avoided by user.
Summary of the invention
The invention reside in the shortcoming and deficiency that overcome prior art, a kind of safe system login method and device are provided.
The present invention is realized by following technical scheme: a kind of system login method, comprises the following steps:
In system front end input user profile;
This user profile is sent to right management server by system front end, is carried out the checking of user profile, and the result is sent to system front end by this right management server;
If be proved to be successful, then connected passage by this system front end and system background server, carry out data interaction.
Compared to prior art, the account number cipher of user and authority information, by use right management server, store by the present invention, during logging in system by user, first carry out the checking of user profile from right management server.In time there is user cipher and reveal, service provider can cut off linking of permission server and real system in time, even if so now there has been account number cipher to carry out login system, due to operation corresponding to this account cannot be obtained from permission server, this account is exactly non-existent concerning system, also just can not login system, therefore can improve the fail safe of system.
As a further improvement on the present invention, described in the step of system front end input user profile, described user profile comprises user's login account and login password.
As a further improvement on the present invention, the described checking carrying out user profile by this right management server is sent in the step of system front end, and whether described right management server comprises mating user's login account and password verifies and the identity corresponding to the account of user is verified.
As a further improvement on the present invention, the identity that the account of described user is corresponding is respectively keeper's identity and operator's identity.
As a further improvement on the present invention, after described system front end receives the identity information of right management server transmission, give user different operating rights according to identity information.
Present invention also offers a kind of system login device, comprise system front end, right management server and system background server;
Described system front end comprises:
Receiver module, for receiving the information of user's input;
Information sending module, for being sent to right management server by user profile;
Transfer of data sets up module, transmits with the data interaction of system background server for setting up;
Described right management server comprises:
Authentication module, for the checking to user profile, and is sent to system front end by the result.
Compared to prior art, the account number cipher of user and authority information, by use right management server, store by the present invention, during logging in system by user, first carry out the checking of user profile from right management server.In time there is user cipher and reveal, service provider can cut off linking of permission server and real system in time, even if so now there has been account number cipher to carry out login system, due to operation corresponding to this account cannot be obtained from permission server, this account is exactly non-existent concerning system, also just can not login system, therefore can improve the fail safe of system.
As a further improvement on the present invention, the user profile that described receiver module receives comprises user's login account and login password.
As a further improvement on the present invention, whether described authentication module comprises mating user's login account and password and to verify and the identity corresponding to the account of user is verified.
As a further improvement on the present invention, the identity that the account of described user is corresponding is respectively keeper's identity and operator's identity.
As a further improvement on the present invention, described system front end also comprises authority and gives module, for giving user different operating rights according to subscriber identity information.
In order to understand better and implement, describe the present invention in detail below in conjunction with accompanying drawing.
Accompanying drawing explanation
Fig. 1 is the connection diagram of system login in prior art.
Fig. 2 is the flow chart of steps of login method of the present invention.
Fig. 3 is the connection diagram of login system of the present invention.
Fig. 4 is the connection block diagram of system front end of the present invention.
Embodiment
Easily cause unsafe situation to solve in prior art user when login system, therefore, the invention provides a kind of system login method for solving the problem and system, the present invention is described in detail below.
Refer to Fig. 2, it is the flow chart of steps of system login method of the present invention.The invention provides a kind of system login method, comprise the following steps:
S1: in system front end input user profile.
Concrete, in this step, described user profile comprises user's login account and login password.
S2: this user profile is sent to right management server by system front end, is carried out the checking of user profile, and the result is sent to system front end by this right management server.
In this step, whether described right management server comprises mating user's login account and password and to verify and the identity corresponding to the account of user is verified.Wherein, the identity that the account of described user is corresponding is respectively keeper's identity and operator's identity.
Wherein, in described right management server, be provided with database, for storing the corresponding relation of user account password, and the identity information of this user.And the identity information of user includes keeper's identity and operating personnel's identity.Described right management server is verified user profile, if matched in user authentication information and database, then returns the information that is proved to be successful to system front end.And if do not match in user profile and database, then return checking unsuccessful information to system front end, now login failed for user.Meanwhile, the identity information of user is also returned to system front end.
S3: if be proved to be successful, then to be connected passage by this system front end and system background server, carry out data interaction.
After described system front end receives the identity information of right management server transmission, give user different operating rights according to identity information.Such as: if user is keeper, then this keeper is given to the authority of every operation.If user is operator, then give to user the authority that permission operates some interfaces.
Please refer to Fig. 3 and Fig. 4, it is respectively the connection block diagram of present system entering device and the connection block diagram of system front end.Present invention also offers a kind of system login device, comprise system front end 1, right management server 2 and system background server 3.
Described system front end 1 comprises receiver module 11, information sending module 12, transfer of data sets up module 13 and authority gives module 14.
Described receiver module 11, for receiving the information of user's input.The user profile that described receiver module receives comprises user's login account and login password.
Described information sending module 12, for being sent to right management server 2 by user profile;
Described transfer of data sets up module 13, transmits with the data interaction of system background server 3 for setting up;
Authority gives module 14, for giving user different operating rights according to subscriber identity information.
Described right management server 2 comprises: authentication module, for the checking to user profile, and the result is sent to system front end.Whether described authentication module comprises mating user's login account and password verifies and the identity corresponding to the account of user is verified.The identity that the account of described user is corresponding is respectively keeper's identity and operator's identity.
Below the course of work of system login device of the present invention is introduced:
First, user is in the information of system front end input user login; Described system front end can be the equipment such as computer terminal or mobile terminal; Then, the receiver module in system front end receives the information of user, and by information sending module, user profile is sent to right management server.
Database is provided with in described right management server, for storing the corresponding relation of user account password, and the identity information of this user.And the identity information of user includes keeper's identity and operating personnel's identity.Described right management server is verified user profile, if matched in user authentication information and database, then returns the information that is proved to be successful to system front end.And if do not match in user profile and database, then return checking unsuccessful information to system front end, now login failed for user.Meanwhile, the identity information of user is also returned to system front end.
Meanwhile, in right management server, only retain the personally identifiable information of user.Such as: as " zhangsanhenhaoji.com – keeper ".And the operation retained in system front end corresponding to concrete power limit mark, as " all page/all operations of pipe reason person – ", " behaviour work person – some pages/some operations ", do not retain concrete account information.
Finally, after the identity information that system front end receives right management server and authorization information, the identity information according to user gives different operating rights to user.Such as: if user is keeper, then this keeper is given to the authority of every operation.If user is operator, then give to user the authority that permission operates some interfaces.Meanwhile, this system front end and system background server carry out data cube computation, carry out data interaction.
Compared to prior art, the account number cipher of user and authority information, by use right management server, store by the present invention, during logging in system by user, first carry out the checking of user profile from right management server.In time there is user cipher and reveal, service provider can cut off linking of permission server and real system in time, even if so now there has been account number cipher to carry out login system, due to operation corresponding to this account cannot be obtained from permission server, this account is exactly non-existent concerning system, also just can not login system, therefore can improve the fail safe of system.
In addition, the way of example that the present invention also has other to be out of shape, such as all can be stored in same right management server by the account number cipher of multiple system, can economize on resources like this, also can provide the fail safe of system cloud gray model.
The present invention is not limited to above-mentioned execution mode, if do not depart from the spirit and scope of the present invention to various change of the present invention or distortion, if these are changed and distortion belongs within claim of the present invention and equivalent technologies scope, then the present invention is also intended to comprise these changes and distortion.
Claims (10)
1. a system login method, comprises the following steps:
In system front end input user profile;
This user profile is sent to right management server by system front end, is carried out the checking of user profile, and the result is sent to system front end by this right management server;
If be proved to be successful, then connected passage by this system front end and system background server, carry out data interaction.
2. system login method according to claim 1, is characterized in that: described in the step of system front end input user profile, described user profile comprises user's login account and login password.
3. system login method according to claim 2, it is characterized in that: the described checking carrying out user profile by this right management server is sent in the step of system front end, whether described right management server comprises mating user's login account and password verifies and the identity corresponding to the account of user is verified.
4. system login method according to claim 3, is characterized in that: the identity that the account of described user is corresponding is respectively keeper's identity and operator's identity.
5. system login method according to claim 4, is characterized in that: described system front end gives user different operating rights according to identity information after receiving the identity information that right management server sends.
6. a system login device, is characterized in that: comprise system front end, right management server and system background server;
Described system front end comprises:
Receiver module, for receiving the information of user's input;
Information sending module, for being sent to right management server by user profile;
Transfer of data sets up module, transmits with the data interaction of system background server for setting up;
Described right management server comprises:
Authentication module, for the checking to user profile, and is sent to system front end by the result.
7. system login device according to claim 6, is characterized in that: the user profile that described receiver module receives comprises user's login account and login password.
8. system login device according to claim 7, is characterized in that: whether described authentication module comprises mating user's login account and password verifies and the identity corresponding to the account of user is verified.
9. system login device according to claim 8, is characterized in that: the identity that the account of described user is corresponding is respectively keeper's identity and operator's identity.
10. system login device according to claim 9, is characterized in that: described system front end also comprises authority and gives module, for giving user different operating rights according to subscriber identity information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510944172.9A CN105450658B (en) | 2015-11-26 | 2015-12-16 | A kind of system login method and device |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2015108449066 | 2015-11-26 | ||
| CN201510844906 | 2015-11-26 | ||
| CN201510944172.9A CN105450658B (en) | 2015-11-26 | 2015-12-16 | A kind of system login method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105450658A true CN105450658A (en) | 2016-03-30 |
| CN105450658B CN105450658B (en) | 2019-06-11 |
Family
ID=55560435
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510944172.9A Active CN105450658B (en) | 2015-11-26 | 2015-12-16 | A kind of system login method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105450658B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106060044A (en) * | 2016-05-31 | 2016-10-26 | 乐视控股(北京)有限公司 | Divided server system and communication method based on the same |
| CN106250731A (en) * | 2016-07-21 | 2016-12-21 | 广东芬尼克兹节能设备有限公司 | A kind of user authority control method and system |
| CN109492382A (en) * | 2018-10-22 | 2019-03-19 | 黄超 | A kind of single input frame login validation method |
| CN110378087A (en) * | 2019-07-24 | 2019-10-25 | 四川爱创科技有限公司 | Self-service terminal management method and system |
| CN112086099A (en) * | 2019-06-14 | 2020-12-15 | 上海观轶教育科技有限公司 | Student-leaving teaching guidance management system and method |
| CN112738084A (en) * | 2020-12-28 | 2021-04-30 | 放宠(无锡)网络科技有限公司 | User login system and method |
| TWI727396B (en) * | 2019-07-24 | 2021-05-11 | 鴻齡科技股份有限公司 | Verification system and verification method |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007128134A (en) * | 2005-11-01 | 2007-05-24 | Dainippon Printing Co Ltd | Card authentication system |
| US20080034411A1 (en) * | 2006-08-03 | 2008-02-07 | Fujitsu Limited | Login administration method and server |
| CN101478571A (en) * | 2009-01-19 | 2009-07-08 | 北京中星微电子有限公司 | Network video monitoring system and system user authentication method thereof |
| US20110023099A1 (en) * | 2008-03-31 | 2011-01-27 | Seunghyun Kim | User terminal with identity selector and method for identity authentication using identity selector of the same |
| CN102143188A (en) * | 2011-04-10 | 2011-08-03 | 上海擎龙通信技术有限公司 | Control system based on cloud computing encryption storage service |
| CN102480354A (en) * | 2010-11-30 | 2012-05-30 | 北大方正集团有限公司 | Unified authentication service system and method for unified authentication |
| CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
| CN103916366A (en) * | 2012-12-31 | 2014-07-09 | 中国移动通信集团公司 | Login method, maintenance terminal, data management service equipment and login system |
| CN104135389A (en) * | 2014-08-14 | 2014-11-05 | 华北电力大学句容研究中心 | SSH protocol operation and maintenance auditing system and method based on proxy technology |
| CN104243458A (en) * | 2014-09-01 | 2014-12-24 | 广州博冠信息科技有限公司 | Secure online game logging-in method and system |
-
2015
- 2015-12-16 CN CN201510944172.9A patent/CN105450658B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007128134A (en) * | 2005-11-01 | 2007-05-24 | Dainippon Printing Co Ltd | Card authentication system |
| US20080034411A1 (en) * | 2006-08-03 | 2008-02-07 | Fujitsu Limited | Login administration method and server |
| US20110023099A1 (en) * | 2008-03-31 | 2011-01-27 | Seunghyun Kim | User terminal with identity selector and method for identity authentication using identity selector of the same |
| CN101478571A (en) * | 2009-01-19 | 2009-07-08 | 北京中星微电子有限公司 | Network video monitoring system and system user authentication method thereof |
| CN102480354A (en) * | 2010-11-30 | 2012-05-30 | 北大方正集团有限公司 | Unified authentication service system and method for unified authentication |
| CN102143188A (en) * | 2011-04-10 | 2011-08-03 | 上海擎龙通信技术有限公司 | Control system based on cloud computing encryption storage service |
| CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
| CN103916366A (en) * | 2012-12-31 | 2014-07-09 | 中国移动通信集团公司 | Login method, maintenance terminal, data management service equipment and login system |
| CN104135389A (en) * | 2014-08-14 | 2014-11-05 | 华北电力大学句容研究中心 | SSH protocol operation and maintenance auditing system and method based on proxy technology |
| CN104243458A (en) * | 2014-09-01 | 2014-12-24 | 广州博冠信息科技有限公司 | Secure online game logging-in method and system |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106060044A (en) * | 2016-05-31 | 2016-10-26 | 乐视控股(北京)有限公司 | Divided server system and communication method based on the same |
| CN106250731A (en) * | 2016-07-21 | 2016-12-21 | 广东芬尼克兹节能设备有限公司 | A kind of user authority control method and system |
| CN109492382A (en) * | 2018-10-22 | 2019-03-19 | 黄超 | A kind of single input frame login validation method |
| CN109492382B (en) * | 2018-10-22 | 2022-08-23 | 黄超 | Single input box login verification method |
| CN112086099A (en) * | 2019-06-14 | 2020-12-15 | 上海观轶教育科技有限公司 | Student-leaving teaching guidance management system and method |
| CN110378087A (en) * | 2019-07-24 | 2019-10-25 | 四川爱创科技有限公司 | Self-service terminal management method and system |
| TWI727396B (en) * | 2019-07-24 | 2021-05-11 | 鴻齡科技股份有限公司 | Verification system and verification method |
| US11341772B2 (en) | 2019-07-24 | 2022-05-24 | Fulian Precision Electronics (Tianjin) Co., Ltd. | Device verification system and device verification method |
| CN112738084A (en) * | 2020-12-28 | 2021-04-30 | 放宠(无锡)网络科技有限公司 | User login system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105450658B (en) | 2019-06-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105450658A (en) | System login method and device | |
| CN108768988B (en) | Block chain access control method, block chain access control equipment and computer readable storage medium | |
| CN106789015B (en) | Intelligent power distribution network communication safety system | |
| CN111783068B (en) | Device authentication method, system, electronic device and storage medium | |
| CN104202338B (en) | A kind of safety access method being applicable to enterprise-level Mobile solution | |
| CN105262717A (en) | Network service security management method and device | |
| CN105187431A (en) | Log-in method, server, client and communication system for third party application | |
| CN104125565A (en) | Method for realizing terminal authentication based on OMA DM, terminal and server | |
| CN102868702B (en) | System login device and system login method | |
| CN103297403A (en) | Method and system for achieving dynamic password authentication | |
| CN111884811B (en) | Block chain-based data evidence storing method and data evidence storing platform | |
| CN105915338A (en) | Key generation method and key generation system | |
| CN103067402A (en) | Method and system for digital certificate generation | |
| CN104735065A (en) | Data processing method, electronic device and server | |
| CN103888938A (en) | PKI private key protection method of dynamically generated key based on parameters | |
| CN105262748A (en) | Wide area network user terminal identity authentication method and system | |
| CN106060073B (en) | Channel key machinery of consultation | |
| CN101202631A (en) | System and method for identification authentication based on cipher key and timestamp | |
| CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
| CN103780580A (en) | Method, server and system for providing capability access strategy | |
| CN103905194A (en) | Identity traceability authentication method and system | |
| CN105072132A (en) | Validation method, validation system and communication device | |
| KR20180054775A (en) | Method and system for providing security against initial contact establishment of mobile devices and devices | |
| CN105554018A (en) | Network real name verification method | |
| CN106027475A (en) | Secret key obtaining method and identity card information transmission method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 510535 3, 1 building, 90 ho he road, Luogang District, Guangzhou, Guangdong. Applicant after: Guangzhou Duoyi Network Co., Ltd. Address before: 510535 3, 1 building, 90 ho he road, Luogang District, Guangzhou, Guangdong. Applicant before: Guangzhou Baiyun Bio-Tech Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |