CN105827624B - A kind of authentication system - Google Patents

A kind of authentication system Download PDF

Info

Publication number
CN105827624B
CN105827624B CN201610269359.8A CN201610269359A CN105827624B CN 105827624 B CN105827624 B CN 105827624B CN 201610269359 A CN201610269359 A CN 201610269359A CN 105827624 B CN105827624 B CN 105827624B
Authority
CN
China
Prior art keywords
client
management server
access
code
vpn
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610269359.8A
Other languages
Chinese (zh)
Other versions
CN105827624A (en
Inventor
周迪
赵子华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Uniview Technologies Co Ltd
Original Assignee
Zhejiang Uniview Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Uniview Technologies Co Ltd filed Critical Zhejiang Uniview Technologies Co Ltd
Priority to CN201610269359.8A priority Critical patent/CN105827624B/en
Publication of CN105827624A publication Critical patent/CN105827624A/en
Application granted granted Critical
Publication of CN105827624B publication Critical patent/CN105827624B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a kind of authentication systems, applied to video surveillance network, including management server and client, the client includes the first client and the second client, first client accesses management server, corresponding access ID is generated by management server, and whether has been authorized to management server queries access ID, management server is directly logged in after being authorized;Second client carries access ID connection management server, establishes access ID, the second client and the binding relationship for monitoring user name in the management server, authorizes to the first client.Authentication system of the invention authorizes the first client by fingerprint identification by the second client mobile terminal, and complicated username and password is inputted when not needing to log in every time, user is facilitated and logs in different clients.

Description

A kind of authentication system
Technical field
The invention belongs to the authentication systems in safety verification technical field more particularly to a kind of video surveillance network.
Background technique
Video monitoring is the important component of safety and protection system, and video monitoring is intuitive with it, accurate, in time and information It is abundant in content and be widely used in many occasions.In recent years, with computer, network and image procossing, transmission technology fly Speed development, the universalness trend of video monitoring are more and more obvious.
With popularizing for the development of mobile communication technology, especially 3G/4G technology, the Information Mobile Service of high bandwidth is video prison The realization of control on mobile terminals provides condition, and more and more users begin to use visitor of the mobile terminal as video monitoring Family end.User is in the video recording or fact for needing to check video monitoring system, it is only necessary to log in video monitoring by mobile terminal The management server of system can be realized video recording and check and live monitoring.
In the prior art, the authentication of video monitoring system mainly passes through username and password and is logged in and tested Card.In certain video monitoring systems, management server can't be directly accessed, could be accessed after needing the dialing by VPN Network also needs to input at this time the username and password of VPN dialing.And for needing the video of repeatedly input username and password The operation of monitoring system, user is comparatively laborious.Password is arranged too simple, is easy to be hypothesized by illegal invasion, and if close The excessively complexity of code setting, and be not easy to remember and input.
Summary of the invention
The object of the present invention is to provide a kind of authentication system, it is cumbersome to avoid prior art Password Input, is not easy to The technical issues of login, can quickly and safely access video monitoring system.
To achieve the goals above, technical solution of the present invention is as follows:
A kind of authentication system is applied to video surveillance network, including management server and client, the client Including the first client and the second client, in which:
First client, the condition code for carrying itself accesses management server, according to the anti-of management server Feedforward information shows corresponding graphic code, which includes the access ID that management server is generated according to described document information, and to Whether management server queries access ID has been authorized, and management server is directly logged in after being authorized;
Second client, the graphic code shown for scanning the first client carry the condition code of the second client And the access ID connection management server in the graphic code, in the management server without access ID, the second client When the binding relationship of condition code and monitoring user name, user's input monitoring username and password is prompted, is initiated to management server It logs in, records access ID in the management server after being verified, the second client features code is tied up with monitoring user name Determine relationship, and establishes the binding relationship of subscriber identity information Yu access ID on a second client;It deposits in the management server In the binding relationship of access ID, the second client features code and monitoring user name, the response message of management server is received, Subscriber identity information is inputted according to prompt, the authorization for carrying access ID and the second client features code is sent to management server Information;
Management server, for when receiving the second client carrying condition code and accessing the connection of ID, inquiring itself to be The no binding relationship with access ID, condition code and monitoring user name is sent out when there are the binding relationship to the second client Send response message, after the authorization message for receiving the second client, judge authorization message whether with the access ID of record, the second visitor Family end condition code is consistent with the monitoring binding relationship of user name, and the first client is authorized to log in if consistent;If there is no The binding relationship then notifies that the second client input monitoring username and password is logged in, after being verified, record access ID, the second client features code and the binding relationship for monitoring user name.
Further, first client is also used to the access ID of record management server return, manages in secondary access When managing server, access ID access management server is carried, and show that the graphic code with access ID supplies the second client Scanning.
The management server is also used to receive the access that the first client carries access ID, is receiving the second client After authorization message, judge authorization message whether with record access ID, the second client features code and monitoring user name binding Relationship consistency authorizes the first client to log in if consistent.
Further, first client is also used to when management server does not obtain the authorization of the second client, It inputs VPN username and password and carries out VPN connection;When management server obtains the authorization of the second client, directly according to pipe It manages the VPN username and password that server returns and carries out VPN connection.
The graphic code also includes the management server after management server address, VPN user name and password, VPN dialing Address.
Second client is also used to carry out VPN dialing according to the VPN user name and password that include in graphic code, with pipe Reason server establishes VPN connection.
Further, the access ID and logging state that the management server is also used to record the first client are as use The access ID of first client and management are issued the second client using the management server IP address and port numbers of trace by trace End, the second client retain the access ID of the first client and manage the management server IP address and port numbers for using trace.
Second client, which is also used to send to management server, disconnects request, and the access ID is sent to pipe Reason uses the management server IP address and port numbers of trace, and the management server receives carrying disconnecting for ID of access and asks After asking, terminate and all business of corresponding first client.
A kind of authentication system proposed by the present invention is generated according to pc client condition code by management server and is accessed ID, and by the second client mobile terminal log in management server, in the management server generate access ID, mobile terminal and The binding relationship for monitoring user name, authorizes the first client by fingerprint identification by mobile terminal, realizes in PC client Exempt from password login in end.Authentication system of the invention inputs complicated username and password when not needing to log in every time, convenient User logs in different clients.
Detailed description of the invention
Fig. 1 is video surveillance network of embodiment of the present invention structural schematic diagram;
Fig. 2 is authentication system structural schematic diagram of the present invention.
Specific embodiment
Technical solution of the present invention is described in further details with reference to the accompanying drawings and examples, following embodiment is not constituted Limitation of the invention.
As shown in Figure 1, video surveillance network includes management server, client and headend equipment etc..Client can be with It is pc client or mobile terminal client terminal, client through client software or browser log on to management server, lead to Entire video monitoring system is accessed after crossing authentication vs. authorization, client also can directly access the junior that management server is managed and set Standby (IPC, storage).
For Large Scale Video Monitoring System, video management server VM can be used as the management service in the present embodiment Device.And for the small-sized group network system of NVR+IPC, it is believed that NVR is the role of the management server in the present embodiment.Especially Ground, it is also assumed that the video monitoring system of single IPC composition, IPC oneself is exactly the role of management server.And the present embodiment Headend equipment be often referred to web camera IPC.In the present embodiment, management server only adds by taking video management server as an example Other equipment under management server administration are only described by taking IPC as an example with description.
As shown in Fig. 2, a kind of authentication system of the present embodiment, is applied to video surveillance network, including management server And client, client include the first client and the second client.
In the present embodiment, the first client is pc client or other clients being fixedly mounted, large screen display visitor Family end etc., and the second client is mobile terminal or Intelligent flat computer etc..Overall thought of the invention is management server According to the condition code of the first client, generates the corresponding access ID of the first client and return to the first client, the second client Realize the binding of access ID and the second client, by logging in management server so as to authorize by the second client First client exempts from password login management server.
The first client, the second client and management server are explained in detail individually below:
First client, the condition code for carrying itself accesses management server, according to the feedback letter of management server Breath, shows corresponding graphic code, which includes the access ID that is generated according to described document information of management server, and to management Server inquires whether access ID has been authorized, and management server is directly logged in after being authorized.
To be mounted with client software on PC as the first client, when pc client accesses management server, Pc client can generate unique condition code according to the feature of PC, such as raw according to MAC Address, random number, login user name At unique condition code.It, can be according to browser version, operating system, meter if pc client directlys adopt Web browser The unique condition code of the generations such as calculation machine name.
After the unique condition code of pc client is submitted to management server, management server generates random number again, will be with Calculated result after machine number and unique condition code of submission progress hash algorithm is returned to as the access ID of the first client Pc client.Pc client retains this access ID, and subsequent access is by this access ID and unique condition code together as first The distinguishing identifier of client.
It is easily understood that for different management servers, according to the hash algorithm of management server, for same The access ID that pc client generates may be the same or different.But for same management server, for a PC visitor The access ID at family end, generation is unique.However after the condition code on PC changes, different access ID will be generated, this In repeat no more.
For example, the corresponding condition code of pc client is random number 12938, when accessing management server for the first time, carrying should Random number 12938, management server obtain access ID 32309 after being calculated.Management server generates two dimensional code or directly will Access ID returns to pc client, and pc client saves this access ID to local cookie as subsequent access ID.
The present embodiment graphic code is two dimensional code, or other graphic codes that can identify such as bar code.In the first visitor The graphic code shown on the end of family, can have management server to directly generate, and then be handed down to the first client, or by the first visitor The information that family end is issued according to management server generates in the first client.
It include following information in two dimensional code: the first client corresponding access ID (such as 32309), management server Location.It is the situation for multiple management servers that management server address is carried in two dimensional code, in order to distinguish logged in pipe Reason server can not also carry the information for only having the video surveillance network of a management server.
After the first client two-dimensional code display, begin to constantly whether obtain to management server queries access ID To the authorization of the second client, while page display monitors the input interface of username and password, convenient for user in the second client Manual login on end.After user carries out confirmation authorization on a second client, the first client can be completed logged Journey logins successfully, and does not need to manually enter username and password.
It is easily understood that accessing management server in the first client, management server is according to the spy of the first client Levy code generate access ID after, the first client save access ID, it is subsequent need to access management server when, it is only necessary to carry Access ID initiates to access to management server, and shows that the graphic code with access ID supplies the second client scan.
And all in the private network of user, the user in public network needs to connect by VPN many video monitoring systems at present Enter management server, therefore the first client is when accessing management server, it is also necessary to pass through VPN dialing foundation and management service The VPN connection of device.In such a system, downloading VPN dialup client can be prompted when directly accessing management server, is then led to It just can connect to management server after crossing VPN dialup client input VPN username and password, again the use of input monitoring system It just can be carried out complete access after name in an account book password.
Specifically, the first client is also used to when management server does not obtain the authorization of the second client, inputs VPN Username and password carries out VPN connection;When management server obtains the authorization of the second client, directly according to management server The VPN username and password of return carries out VPN connection.
Similarly, the second client, which is also required to establish VPN with management server, connect, therefore in the present embodiment two dimensional code, Management server address after also carrying VPN user name, password, VPN dialing.
I.e. management server is established after VPN connect with the first client, and above- mentioned information are generated and are returned in two dimensional code To the first client, or it is directly returned to the first client, two dimensional code is generated by the first client.Second client is accessing When management server, it is also desirable to VPN dialing is carried out according to the VPN user name and password that include in graphic code, with management server Establish VPN connection.
Second client, the graphic code shown for scanning the first client, carry the second client condition code and Access ID connection management server in the graphic code, in the management server without access ID, the second client features When code and the binding relationship of monitoring user name, user's input monitoring username and password is prompted, initiates to log in management server, The binding for recording access ID, the second client features code and monitoring user name in the management server after being verified is closed System, and the binding relationship of subscriber identity information Yu access ID is established on a second client;Existing in the management server should When accessing ID, the second client features code and monitoring the binding relationship of user name, the response message of management server is received, according to Prompt input subscriber identity information sends the authorization letter for carrying access ID and the second client features code to management server Breath.
For the present embodiment by taking the mobile terminal for being equipped with client software is the second client as an example, mobile terminal passes through surface sweeping The two dimensional code that first client is shown, the corresponding access ID of available first client, management server address, further Ground can also obtain VPN username and password.So as to access management server, if management server in private network, needs Access is realized by VPN connection, then first establishes VPN connection also according to obtained VPN username and password.In two dimensional code VPN username and password can not included, be manually entered by user oneself.
When the second client first scan two dimensional code, access ID, mobile terminal features are also generated not in the second client The binding relationship of code and monitoring user name, is also not present corresponding binding relationship in the management server.Therefore it needs to carry out Primary binding, i.e. when the second client connection management server, the second client carries the condition code of access ID and itself, such as The IMEI sequence number of mobile terminal, management server, which can inquire, itself does not access ID, the second client features code and monitoring The binding relationship of user name, then return to connection failure.Second Client-Prompt input monitoring username and password, to management service Device initiate log in, after being verified in the management server record access ID, the second client features code and monitoring user name Binding relationship.
Simultaneously in the second client, the access ID of the first client is saved, and user is prompted to input subscriber identity information (such as fingerprint or face or retina, the present embodiment is by taking fingerprint as an example) binds the access ID of preservation, while the second client End saves address and the VPN username and password of connection monitoring server.To by needing to carry access ID access management When server, need to input subscriber identity information to be confirmed, ensure that be user operation, improve safety.
After the second client successfully logs in management server, record access ID, the second client are special in management server It levies code and monitors the binding relationship of user name, there is access ID in the management server at this time and closed with the binding for monitoring user name System, therefore management server sends response message to the second client, i.e., shows that " user will be in pc client in the second client Log in ", prompt input subscriber identity information (such as fingerprint) to be authorized.Once user inputs fingerprint, just to management server Send the authorization message for carrying access ID and the second client features code.
It is easily understood that interacted in the second client for the first time with management server, after having completed binding, the When the secondary two dimensional code for scanning the first client again, only need to input subscriber identity information, so that it may call binding access ID and Second client features code initiates to access to management server, and whether management server searches itself after receiving access There is existing binding relationship, at this time there is binding relationship, sends and respond to the second client, notify that the second client is awarded Power.
In authorization, in the second client, it is also desirable to which user inputs subscriber identity information, sends and carries to management server The authorization message of access ID and the second client features code.
Management server, for when receiving the second client carrying condition code and accessing the connection of ID, inquiring itself to be The no binding relationship with access ID, condition code and monitoring user name notifies the second client when there are the binding relationship Authorized, after the authorization message for receiving the second client, judge authorization message whether access ID, the second client with record It holds condition code consistent with the monitoring binding relationship of user name, the first client is authorized to log in if consistent;If there is no this Binding relationship then notifies that the second client is logged in, after being verified, record access ID, the second client features code and Monitor the binding relationship of user name.
Management server generates the access ID of corresponding first client after the access for receiving the first client, and starts Inquire the authorization whether access ID obtains the second client.After the authorization for obtaining the second client, just directly authorization first Client logins successfully.Register is carried out without inputting username and password in the first client.
It is easily understood that the second client needs to carry out after completing to bind for the first time when encountering the first client again When login, the two dimensional code of the first client need to be only scanned, is connected by carrying access ID after fingerprint identification with the condition code of itself Management server, and management server queries send response message to the second client to there are binding relationships, i.e., in the second visitor Family end is shown " user will log in pc client ", and input subscriber identity information (such as fingerprint) is prompted to be authorized.Once with Family inputs fingerprint, and the authorization message for carrying access ID and the second client features code is just sent to management server.Management service Device after the authorization message for receiving the second client, judge authorization message whether access ID with record, the second client features Code is consistent with the monitoring binding relationship of user name, and the first client is authorized to log in if consistent.
It should be noted that needing to re-start binding, binding procedure is identical, here not when access ID changes It repeats again.
The process realized is described below by specific embodiment, wherein subscriber identity information is by taking fingerprint as an example.
PC accesses management server by browser for the first time, carries condition code 12938;
Backward reference ID 32309 after management server is calculated;
PC browser saves this access ID to local cookie as subsequent access ID;
PC browser accesses management server, and what management server discovery PC was directly accessed is the public network of management server Location prompts user's downloading and installation VPN dialer software;
After user installation VPN dialer software, input VPN dial user name and password, VPN access management clothes after logging in again Business device;
Management server discovery client has dialled, the management server address after jumping to dialing, completes VPN and steps on Land;
PC browser shows the two dimensional code generated at this time, includes following information in two dimensional code: access ID32309, management take Management server address after business device address, VPN user name, password, VPN dialing;
Whether PC browser has been authorized to management server queries;
Mobile terminal as the second client sweeps two dimensional code, obtains access ID32309, management server address, VPN use Management server address after name in an account book, password, VPN dialing;
Mobile terminal is attempted with management server address connection management server, and due to not carrying out VPN dialing, connection is lost It loses;
Management server address attempts to dial using the VPN user name that carries in two dimensional code, password, after dial-up success It is again coupled to management server, carries access ID32309 and mobile phone unique identification, such as IMEI;
Whether management server address binds monitoring user to management server queries ID32309+IMEI, returns to failure;
Management server address prompts input monitoring username and password, after input monitoring username and password, management The server authentication user name password correctness;
Management server will access ID32309 and monitoring user name binding, record management server monitoring after being verified Binding relationship between user name-access ID-IMEI;
After mobile terminal logs in management server, access ID is saved, and user is prompted to input fingerprint to the access ID of preservation It is bound, while mobile terminal saves address and the VPN user/password (if any) of connection management server;
Management server discovery has had at this time to access the mobile terminal that ID32309 is logged in, and sends and rings to mobile terminal Answer message " user will log in pc client ";
Mobile terminal shows " user will log in pc client ", and prompts input fingerprint authorization;
After user inputs fingerprint, mobile terminal sends the authorization letter for carrying access ID32309 and IMEI to management server Breath, after management server receives, inquiry with save record it is consistent be considered as authorize pass through;
Whether PC browser has been authorized to management server queries, is learnt that authorization passes through, is jumped to and login successfully Interface.
It should be noted that subsequent user is logged in same PC again, directlys adopt the access ID 32309 saved and visit Ask management server, and the second client sends to carry to management server and visit by scanning the two-dimensional code, and by fingerprint identification Ask that the access of ID 32309, management server queries discovery have corresponding binding relationship, respond to the second client, second Client is confirmed by fingerprint, is sent authorization messages and is authorized, after management server receives authorization messages, completes to award Power.Therefore in subsequent login, the login of the first client can be completed by fingerprint identification for mobile terminal.
And in subsequent login process, does not need mobile terminal completion and is connect with the monitoring business of monitoring server, Only access need to be sent and receive response, do not need input monitoring username and password, the case where not establishing monitoring connection The lower login realized to the first client confirms, realizes that process is fast.
Subsequent user is logged in another PC, and the ID of pc client access at this time will change.Mobile terminal is needed to sweep at this time Two dimensional code is retouched, same treatment process is completed after realizing binding again again, realizes and log in, which is not described herein again.
The present embodiment authentication system can also remember after user leaves from PC and forget to close important video, can To be initiated to nullify the request of the end PC login by mobile terminal.
For this purpose, access ID and logging state that the present embodiment management server is also used to record the first client are as use The access ID of first client and management are issued the second client using the management server IP address and port numbers of trace by trace End, the second client retain the access ID of the first client and manage the management server IP address and port numbers for using trace.
When needing to close the connection of the first client by the second client, disconnected to management server transmission The access ID is sent to management and is received using the management server IP address and port numbers, management server of trace by request Carry access ID disconnect request after, terminate and all business of corresponding first client.
Usual VPN is bigger to the expense of management server, therefore second client of the present embodiment is also logining successfully Afterwards, VPN connection is actively disconnected.Or management server end actively disconnects and connecting with the VPN of the second client, to reduce VPN pairs The expense of server.
The above embodiments are merely illustrative of the technical solutions of the present invention rather than is limited, without departing substantially from essence of the invention In the case where mind and its essence, those skilled in the art make various corresponding changes and change in accordance with the present invention Shape, but these corresponding changes and modifications all should fall within the scope of protection of the appended claims of the present invention.

Claims (7)

1. a kind of authentication system is applied to video surveillance network, including management server and client, which is characterized in that The client includes the first client and the second client, in which:
First client, the condition code for carrying itself accesses management server, according to the feedback letter of management server Breath, shows corresponding graphic code, which includes the access ID that is generated according to described document information of management server, and to management Server inquires whether access ID has been authorized, and management server is directly logged in after being authorized;
Second client, the graphic code shown for scanning the first client, carry the second client condition code and Access ID connection management server in the graphic code, in the management server without access ID, the second client features When code and the binding relationship of monitoring user name, user's input monitoring username and password is prompted, initiates to log in management server, The binding for recording access ID, the second client features code and monitoring user name in the management server after being verified is closed System, and the binding relationship of subscriber identity information Yu access ID is established on a second client;Existing in the management server should When accessing ID, the second client features code and monitoring the binding relationship of user name, the response message of management server is received, according to Prompt input subscriber identity information sends the authorization letter for carrying access ID and the second client features code to management server Breath;
Management server, for inquiring whether itself has when receiving the second client carrying condition code and accessing the connection of ID There are access ID, condition code and the binding relationship for monitoring user name, when there are the binding relationship, send and ring to the second client Answer message, after the authorization message for receiving the second client, judge authorization message whether access ID with record, the second client Condition code is consistent with the monitoring binding relationship of user name, and the first client is authorized to log in if consistent;It is tied up if there is no this Determine relationship, then notifies that the second client input monitoring username and password is logged in, after being verified, record access ID, The binding relationship of second client features code and monitoring user name;
The access ID that first client is also used to record management server return takes in secondary access management server Management server is accessed with access ID, and shows that the graphic code with access ID supplies the second client scan.
2. authentication system according to claim 1, which is characterized in that the management server is also used to receive first Client carry access ID access, after the authorization message for receiving the second client, judge authorization message whether with record It is consistent with the monitoring binding relationship of user name to access ID, the second client features code, authorizes the first client to step on if consistent Record.
3. authentication system according to claim 1, which is characterized in that first client is also used to take in management When business device does not obtain the authorization of the second client, input VPN username and password carries out VPN connection;It is obtained in management server To the second client authorization when, directly according to management server return VPN username and password carry out VPN connection.
4. authentication system according to claim 3, which is characterized in that the graphic code also includes management server Management server address after location, VPN user name and password, VPN dialing.
5. authentication system according to claim 4, which is characterized in that second client is also used to according to figure The VPN user name and password for including in code carry out VPN dialing, establish VPN with management server and connect.
6. authentication system according to claim 1, which is characterized in that the management server is also used to record first The access ID and logging state of client, which are used as, uses trace, and the access ID of the first client and management are used to the management of trace Server ip address and port numbers issue the second client, and the second client retains the access ID of the first client and management uses The management server IP address and port numbers of trace.
7. authentication system according to claim 6, which is characterized in that second client is also used to management service Device transmission disconnects request, and the access ID is sent to the management server IP address and port numbers that management uses trace, The management server receive carry access ID disconnect request after, terminate and all business of corresponding first client.
CN201610269359.8A 2016-04-26 2016-04-26 A kind of authentication system Active CN105827624B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610269359.8A CN105827624B (en) 2016-04-26 2016-04-26 A kind of authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610269359.8A CN105827624B (en) 2016-04-26 2016-04-26 A kind of authentication system

Publications (2)

Publication Number Publication Date
CN105827624A CN105827624A (en) 2016-08-03
CN105827624B true CN105827624B (en) 2019-10-18

Family

ID=56527640

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610269359.8A Active CN105827624B (en) 2016-04-26 2016-04-26 A kind of authentication system

Country Status (1)

Country Link
CN (1) CN105827624B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108206851B (en) * 2016-12-20 2021-04-27 英业达科技有限公司 Cross-platform downloading system and method based on two-dimensional bar code
CN106790168B (en) * 2016-12-29 2020-09-22 苏州浪潮智能科技有限公司 Communication preprocessing method, client and server
CN108322366B (en) * 2017-01-17 2021-10-01 阿里巴巴集团控股有限公司 Method, device and system for accessing network
US10637872B2 (en) * 2017-02-23 2020-04-28 Synamedia Limited Behavior-based authentication
CN107528842A (en) * 2017-08-21 2017-12-29 合肥丹朋科技有限公司 Website method for generating cipher code and device
CN108055259B (en) * 2017-12-08 2021-01-05 锐捷网络股份有限公司 Account management method and device
WO2019143492A1 (en) 2018-01-22 2019-07-25 Apple Inc. Secure login with authentication based on a visual representation of data
CN108390892B (en) * 2018-03-31 2020-10-09 深圳忆联信息系统有限公司 Control method and device for security access of remote storage system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023919A (en) * 2012-12-26 2013-04-03 百度在线网络技术(北京)有限公司 Two-dimensional code based login control method and two-dimensional code based login control system
CN104283896A (en) * 2014-10-28 2015-01-14 用友软件股份有限公司 Login method, login system and terminal

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102377737B (en) * 2010-08-10 2016-02-10 中兴通讯股份有限公司 The system and method for the interactive email access protocol server of a kind of many account access
CN103516674B (en) * 2012-06-21 2016-10-12 棣南股份有限公司 Quickly and the method for network device online and control device
CN103516514B (en) * 2012-06-21 2016-10-12 棣南股份有限公司 The establishing method of account access rights and control device
CN103427995B (en) * 2013-08-02 2017-01-25 北京星网锐捷网络技术有限公司 User authentication method, SSL (security socket layer) VPN (virtual private network) server and SSL VPN system
CN105515846B (en) * 2015-12-01 2019-10-18 浙江宇视科技有限公司 Client-based NVR configuration method and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103023919A (en) * 2012-12-26 2013-04-03 百度在线网络技术(北京)有限公司 Two-dimensional code based login control method and two-dimensional code based login control system
CN104283896A (en) * 2014-10-28 2015-01-14 用友软件股份有限公司 Login method, login system and terminal

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
扫码登录是如何实现的?;耗子吴;《URL:http://www.jianshu.com/p/7f072ac61763》;20150823;正文,图"微信扫码界面"、图"扫码登录完整流程" *

Also Published As

Publication number Publication date
CN105827624A (en) 2016-08-03

Similar Documents

Publication Publication Date Title
CN105827624B (en) A kind of authentication system
CN104158824B (en) Genuine cyber identification authentication method and system
CN106330816A (en) Method and system for logging in cloud desktop
WO2014201636A1 (en) Identity login method and device
CN105704116A (en) Method for binding intelligent device through binding code
CN105591744A (en) Network real-name authentication method and system
KR101358346B1 (en) Method for auto log-in and system for the same
CN103780641B (en) Access method, home gateway and the system of cloud desktop
CN104008325A (en) Mobile phone Wi-Fi network-connecting real name identity authentication platform and method based on two-dimension codes
CN101217482A (en) A method traversing NAT sending down strategy and a communication device
WO2017088634A1 (en) Third-party application authentication method, authentication server, terminal and management server
CN106230594B (en) A method of user authentication is carried out based on dynamic password
CN108881309A (en) Access method, device, electronic equipment and the readable storage medium storing program for executing of big data platform
CN111194035B (en) Network connection method, device and storage medium
CN109819053A (en) Applied to the springboard machine system and its control method under mixing cloud environment
CN108092988A (en) Unaware Certificate Authority network system and method based on dynamic creation temporary password
CN110336870A (en) Method for building up, device, system and the storage medium in telecommuting O&M channel
CN113271299B (en) Login method and server
CN106453349A (en) An account number login method and apparatus
CN103475491A (en) Remote maintenance system which is logged in to safely without code and achieving method
CN114079971A (en) Service flow management and control method, system, DPI node and storage medium
CN107690140A (en) WAP authentication method, apparatus and system
CN108781367B (en) Method for reducing Cookie injection and Cookie replay attacks
CN107770117A (en) A kind of safe network access control method
CN101232379B (en) Method for implementing system login, information technology system and communication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant