CN106302539A - A kind of embedded type WEB safety certifying method - Google Patents
A kind of embedded type WEB safety certifying method Download PDFInfo
- Publication number
- CN106302539A CN106302539A CN201610891037.7A CN201610891037A CN106302539A CN 106302539 A CN106302539 A CN 106302539A CN 201610891037 A CN201610891037 A CN 201610891037A CN 106302539 A CN106302539 A CN 106302539A
- Authority
- CN
- China
- Prior art keywords
- safety
- code
- algorithm
- user
- web
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Abstract
The invention discloses a kind of embedded type WEB safety certifying method, be applied to embedded system, comprise the steps: S1, the user data obtaining user's input and equipment condition code;User data includes user name and user cipher;S2, according to user data and equipment condition code, calculate safety code;S3, safety code and user name are sent to service end;S4, service end, according to user name, obtain the prestored user data corresponding with user name;Service end obtains equipment condition code;S5, calculate safety verification code according to prestored user data and equipment condition code;S6, judge that safety code is the most consistent with safety verification code;S7, according to the result process Remote Visit and Control request.It is an advantage of the current invention that user name and user cipher to be encrypted by security algorithm, and the safety code of encryption is transmitted to service end, make user name and user cipher no longer plaintext transmission, be difficult to crack, it is achieved that the safe access control of embedded device.
Description
Technical field
The present invention relates to WEB safety verification technology, particularly relate to a kind of embedded type WEB safety certifying method.
Background technology
Introducing WEB management at increasing embedded product, WEB management has the advantages such as the most visual, logical
Cross the WEB server of a built-in lightweight in embedded product, then by IP and http protocol, it is possible to realize embedded
The remote management and control of equipment.In order to realize the safe access control of equipment, it is generally required to input WEB login username and user
Password, just can obtain the arthorization after service end is verified, it is allowed to embedded device is controlled management operation.
Login username and the user cipher of the most a lot of embedded devices are plaintext transmission, it is easy to intercepted and captured by people, thus cause
, by unauthorized access, even there is loss and the harm that can not estimate in embedded device.
Summary of the invention
In order to overcome the deficiencies in the prior art, it is an object of the invention to provide a kind of embedded type WEB safety certifying method,
It can realize the safe access control of embedded device.
The purpose of the present invention realizes by the following technical solutions:
A kind of embedded type WEB safety certifying method, is applied to embedded system, comprises the steps:
S1, WEB front-end obtain user data and the equipment condition code of user's input;User data includes user name;
S2, WEB front-end, according to user data and equipment condition code, obtain safety code by security algorithm;
Safety code and user name are sent to service end by S3, WEB front-end;
S4, service end obtain the prestored user data corresponding with user name according to user name, and obtain equipment condition code;
S5, service end, according to prestored user data and equipment condition code, obtain safety verification code by safety verification algorithm;
S6, service end judge that safety code is the most consistent with safety verification code, and send the result to WEB front-end;
S7, WEB front-end process Remote Visit and Control request according to the result.
As preferably, described security algorithm includes bcrypt algorithm.
As preferably, described security algorithm also includes MD5 algorithm, first passes through bcrypt algorithm by special to user data and equipment
Levy code to be encrypted and obtain the first safety code, then by MD5 algorithm the first safety code is encrypted and obtains safety code.
The first safety code calculated through bcrypt algorithm is longer, can be compressed into by safety code by MD5 algorithm
Shorter safety code.
As preferably, described safety verification algorithm includes bcrypt algorithm.
As preferably, described safety verification algorithm also includes MD5 algorithm, first passes through bcrypt algorithm and by user data and sets
Standby condition code is encrypted and obtains the first safety verification code, then is encrypted the first safety verification code by MD5 algorithm and obtains
Safety verification code.
The first safety code calculated through bcrypt algorithm is longer, can be compressed into by safety code by MD5 algorithm
Shorter safety code.
As preferably, the result includes being verified instruction and authentication failed instructs, particularly as follows: work as WEB front-end in S7
Receive and be verified instruction, asked by Remote Visit and Control;When WEB front-end receives authentication failed instruction, and refusal is remotely
Access request.
As preferably, after S7 refuses remote access request, return S1.
As preferably, before S1, also comprise the steps: that S0, WEB front-end receive Remote Visit and Control request instruction.
As preferably, equipment condition code includes the MAC Address of embedded system, product type, product type and product version
This.
As preferably, equipment condition code includes the product type of 6 characters, the product type of 6 characters, 4 characters
Product version and the MAC Address of 12 characters.
Compared to existing technology, the beneficial effects of the present invention is: by security algorithm, user name and user cipher are carried out
Encryption, and the safety code of encryption is transmitted to service end, make user name and user cipher no longer plaintext transmission, be difficult to crack, real
Show the safe access control of embedded device.
Accompanying drawing explanation
Fig. 1 is the flow chart of a kind of embedded type WEB safety certifying method of the present invention.
Detailed description of the invention
Below, in conjunction with accompanying drawing and detailed description of the invention, the present invention is described further:
A kind of embedded type WEB safety certifying method, is applied to embedded system, and embedded system includes WEB front-end kimonos
Business end;As it is shown in figure 1, specifically include following steps:
Step 10, WEB front-end receive Remote Visit and Control request instruction.
Step 11, WEB front-end obtain the user data of user's input, and user data includes user name and user cipher.
Step 12, WEB front-end obtain equipment condition code;Equipment condition code includes the embedded device at embedded system place
MAC Address, product type, product type and product version, equipment condition code is the character string of 28 characters, including 6
The product type of character, the product type of 6 characters, the product version of 4 characters and the MAC Address of 12 characters.
Step 13, WEB front-end, according to user data and equipment condition code, calculate safety code by security algorithm;Described peace
Full algorithm includes bcrypt algorithm and MD5 algorithm, first passes through bcrypt algorithm and user data and equipment condition code is encrypted
Being calculated the first safety code, the first safety code is the password string of 60 bytes;By MD5 algorithm, the first safety code is entered again
Row computations obtains safety code, and safety code is the password string of 32 characters (128).
Safety code and user name are sent to service end by step 14, WEB front-end.
Step 20, service end send, according to WEB front-end, the user name of coming, and obtain prestore corresponding with user name in service end
User data;Service end internal memory has the prestored user data of all system users, prestored user data include prestored user name and
Prestored user password.
Step 21, service end obtain the equipment condition code corresponding with embedded device, and equipment condition code includes embedded system
The system MAC Address of embedded device at place, embedded device model, embedded device type and embedded device version etc.
Information.
Step 22, service end, according to prestored user data and equipment condition code, calculate safety by safety verification algorithm and test
Card code;Described safety verification algorithm includes bcrypt algorithm and MD5 algorithm, first pass through bcrypt algorithm by prestored user data and
Equipment condition code is encrypted and is calculated the first safety verification code, and the first safety verification code is the password string of 60 bytes;
Being encrypted the first safety verification code by MD5 algorithm and be calculated safety verification code, safety verification code is 32 characters
The password string of (128).
The first safety code calculated through bcrypt algorithm is longer, can be compressed into by safety code by MD5 algorithm
Shorter safety code.
Bcrypt algorithm is the algorithm designed exclusively for password storage, and bcrypt algorithm is to calculate based on Blowfish encryption
Method deforms, and bcrypt algorithm more can bear the risk strengthened and bring along with computing capability than PBKDF2, and bcrypt also has
Function library support widely.
It is the most consistent with safety verification code that step 23, service end judge that WEB front-end sends the safety code come, and checking is tied
Fruit sends to WEB front-end, and the result includes being verified instruction and authentication failed instructs.
Step 30, when WEB front-end receive service end send be verified instruction, asked by Remote Visit and Control;
When WEB front-end receives the authentication failed instruction that service end sends, refuse remote access request, and return step 11.
Embedded type WEB safety certification device, including:
Receiver module, is located at WEB front-end, is used for receiving Remote Visit and Control request instruction.
First acquisition module, is located at WEB front-end, and for obtaining the user data of user's input, user data includes user
Name and user cipher.
Second acquisition module, is located at WEB front-end, is used for obtaining equipment condition code, and equipment condition code includes embedded system
The MAC Address of the embedded device at place, embedded device model, embedded device type and embedded device version etc. are believed
Breath.
First security module, is located at WEB front-end, for according to user data and equipment condition code, by security algorithm meter
Calculate safety code;Described security algorithm includes bcrypt algorithm and MD5 algorithm, first passes through bcrypt algorithm by user data and equipment
Condition code is encrypted and is calculated the first safety code, and the first safety code is the password string of 60 bytes;Again by MD5 algorithm
Being encrypted the first safety code and be calculated safety code, safety code is the password string of 32 characters (128).
Sending module, is located at WEB front-end, for sending safety code and user name to service end.
3rd acquisition module, is located at service end, for sending, according to WEB front-end, the user name of coming, obtain in service end with
The prestored user data that user name is corresponding;Service end internal memory has the prestored user data of all system users, prestored user data
Including prestored user name and prestored user password.
4th acquisition module, is located at service end, is used for obtaining equipment condition code.Equipment condition code includes embedded system institute
The MAC Address of embedded device, embedded device model, embedded device type and embedded device version etc. letter
Breath.
Second security module, is located at service end, for according to prestored user data and equipment condition code, passes through security algorithm
Calculate safety verification code;Described security algorithm includes bcrypt algorithm and MD5 algorithm, first passes through bcrypt algorithm by prestored user
Data and equipment condition code are encrypted and are calculated the first safety verification code, and the first safety verification code is the close of 60 bytes
Sequence;Being encrypted the first safety verification code by MD5 algorithm and be calculated safety verification code, safety verification code is 32 words
The password string of symbol (128).
Authentication module, is located at service end, for the safety code and the safety verification code that judge WEB front-end to send to come whether
Causing, and send the result to WEB front-end, the result includes being verified instruction and authentication failed instructs.
Feedback module, is located at WEB front-end, for being verified instruction, by remotely visiting when receive that service end sends
Ask control request, and when receiving the authentication failed instruction that service end sends, refuse remote access request, and return first and obtain
Delivery block.
It will be apparent to those skilled in the art that can technical scheme as described above and design, make other various
Corresponding change and deformation, and all these change and deformation all should belong to the protection domain of the claims in the present invention
Within.
Claims (10)
1. an embedded type WEB safety certifying method, is applied to embedded system, it is characterised in that comprise the steps:
S1, WEB front-end obtain user data and the equipment condition code of user's input;User data includes that user name and user are close
Code;
S2, WEB front-end, according to user data and equipment condition code, obtain safety code by security algorithm;
Safety code and user name are sent to service end by S3, WEB front-end;
S4, service end obtain the prestored user data corresponding with user name according to user name, and obtain equipment condition code;
S5, service end, according to prestored user data and equipment condition code, obtain safety verification code by safety verification algorithm;
S6, service end judge that safety code is the most consistent with safety verification code, and send the result to WEB front-end;
S7, WEB front-end process Remote Visit and Control request according to the result.
2. embedded type WEB safety certifying method as claimed in claim 1, it is characterised in that
Described security algorithm includes bcrypt algorithm.
3. embedded type WEB safety certifying method as claimed in claim 2, it is characterised in that
Described security algorithm also includes MD5 algorithm, user data and equipment condition code is encrypted by bcrypt algorithm
To the first safety code, then by MD5 algorithm the first safety code is encrypted and obtains safety code.
4. embedded type WEB safety certifying method as claimed in claim 1, it is characterised in that
Described safety verification algorithm includes bcrypt algorithm.
5. embedded type WEB safety certifying method as claimed in claim 4, it is characterised in that
Described safety verification algorithm also includes MD5 algorithm, first passes through bcrypt algorithm and user data and equipment condition code is carried out
Encryption obtains the first safety verification code, then is encrypted the first safety verification code by MD5 algorithm and obtains safety verification code.
6. embedded type WEB safety certifying method as claimed in claim 1, it is characterised in that
The result includes being verified instruction and authentication failed instructs, particularly as follows: be verified when WEB front-end receives in S7
Instruction, is asked by Remote Visit and Control;When WEB front-end receives authentication failed instruction, refuse remote access request.
7. embedded type WEB safety certifying method as claimed in claim 6, it is characterised in that
S1 is returned after S7 refuses remote access request.
8. embedded type WEB safety certifying method as claimed in claim 1, it is characterised in that
Also comprise the steps: before S1
S0, WEB front-end receive Remote Visit and Control request instruction.
9. embedded type WEB safety certifying method as claimed in claim 1, it is characterised in that
Equipment condition code includes the MAC Address of embedded system, product type, product type and product version.
10. embedded type WEB safety certifying method as claimed in claim 9, it is characterised in that
Equipment condition code includes the product type of 6 characters, the product type of 6 characters, the product version of 4 characters and 12
The MAC Address of character.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610891037.7A CN106302539A (en) | 2016-10-12 | 2016-10-12 | A kind of embedded type WEB safety certifying method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610891037.7A CN106302539A (en) | 2016-10-12 | 2016-10-12 | A kind of embedded type WEB safety certifying method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106302539A true CN106302539A (en) | 2017-01-04 |
Family
ID=57718128
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610891037.7A Pending CN106302539A (en) | 2016-10-12 | 2016-10-12 | A kind of embedded type WEB safety certifying method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106302539A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107077558A (en) * | 2017-02-09 | 2017-08-18 | 深圳市汇顶科技股份有限公司 | Authentication method, authentication device and electronic equipment based on biological characteristic |
| CN109409045A (en) * | 2018-09-21 | 2019-03-01 | 天津海泰方圆科技有限公司 | Browser automated log on account number safety guard method and device |
| CN111191214A (en) * | 2018-11-14 | 2020-05-22 | 珠海格力电器股份有限公司 | Embedded processor and data protection method |
| CN111865904A (en) * | 2020-06-04 | 2020-10-30 | 河南中医药大学 | Safe user online state control method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103078863A (en) * | 2013-01-08 | 2013-05-01 | 青岛海信宽带多媒体技术有限公司 | Method, device and system for login authentication |
| CN104618384A (en) * | 2015-02-13 | 2015-05-13 | 成都中科合迅科技有限公司 | Single authentication method based on AD (Access Device) server |
| CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
| CN105577611A (en) * | 2014-10-10 | 2016-05-11 | 广州联奕信息科技有限公司 | Computer safety realization method and computer safety realization device based on hardware and server authentication |
-
2016
- 2016-10-12 CN CN201610891037.7A patent/CN106302539A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103078863A (en) * | 2013-01-08 | 2013-05-01 | 青岛海信宽带多媒体技术有限公司 | Method, device and system for login authentication |
| CN105577611A (en) * | 2014-10-10 | 2016-05-11 | 广州联奕信息科技有限公司 | Computer safety realization method and computer safety realization device based on hardware and server authentication |
| CN104618384A (en) * | 2015-02-13 | 2015-05-13 | 成都中科合迅科技有限公司 | Single authentication method based on AD (Access Device) server |
| CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107077558A (en) * | 2017-02-09 | 2017-08-18 | 深圳市汇顶科技股份有限公司 | Authentication method, authentication device and electronic equipment based on biological characteristic |
| CN107077558B (en) * | 2017-02-09 | 2020-03-31 | 深圳市汇顶科技股份有限公司 | Authentication method and authentication device based on biological characteristics and electronic equipment |
| CN109409045A (en) * | 2018-09-21 | 2019-03-01 | 天津海泰方圆科技有限公司 | Browser automated log on account number safety guard method and device |
| CN111191214A (en) * | 2018-11-14 | 2020-05-22 | 珠海格力电器股份有限公司 | Embedded processor and data protection method |
| CN111191214B (en) * | 2018-11-14 | 2022-03-22 | 珠海格力电器股份有限公司 | Embedded processor and data protection method |
| CN111865904A (en) * | 2020-06-04 | 2020-10-30 | 河南中医药大学 | Safe user online state control method and device |
| CN111865904B (en) * | 2020-06-04 | 2022-08-23 | 河南中医药大学 | Safe user online state control method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106789015B (en) | Intelligent power distribution network communication safety system | |
| CN109712278A (en) | Intelligent door lock identity identifying method, system, readable storage medium storing program for executing and mobile terminal | |
| CN105516195B (en) | A kind of security certification system and its authentication method based on application platform login | |
| CN105847247A (en) | Authentication system and working method thereof | |
| CN102868702B (en) | System login device and system login method | |
| CN107124433A (en) | Internet of things system, internet of things equipment access method, access authorization methods and equipment | |
| CN106936790A (en) | The method that client and server end carries out two-way authentication is realized based on digital certificate | |
| CN104410622A (en) | Safety authentication method, client side and system for logging in Web system | |
| CN106302539A (en) | A kind of embedded type WEB safety certifying method | |
| CN108024243B (en) | A kind of eSIM is caught in Network Communication method and its system | |
| CN106790034A (en) | A kind of internet of things equipment certification and the method for secure accessing | |
| CN106302550A (en) | A kind of information security method for intelligent substation automatization and system | |
| CN102624687A (en) | Networking program user authentication method based on mobile terminal | |
| CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
| CN104754571A (en) | User authentication realizing method, device and system thereof for multimedia data transmission | |
| CN103905194A (en) | Identity traceability authentication method and system | |
| CN105991559B (en) | A kind of user security login method based on image encryption technology | |
| CN107465649A (en) | Control method of electronic device, terminal and control system | |
| CN104270347B (en) | The methods, devices and systems of security control | |
| CN105450658A (en) | System login method and device | |
| CN107172027A (en) | Certificate management method, storage device, storage medium and device | |
| CN106789069A (en) | A kind of zero-knowledge status authentication method | |
| CN109726578B (en) | Dynamic two-dimensional code anti-counterfeiting solution | |
| CN107819766A (en) | Safety certifying method, system and computer-readable recording medium | |
| CN103179564B (en) | Based on the network application login method of mobile terminal authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| CB02 | Change of applicant information |
Address after: 510000 Guangzhou City, Guangzhou province high tech Industrial Development Zone, Science City Road, No. fourth, B3 District, layer 406, unit, unit 162 Applicant after: Guangzhou core communications Polytron Technologies Inc Address before: 510000 Guangzhou City, Guangzhou province high tech Industrial Development Zone, Science City Road, No. fourth, B3 District, layer 406, unit, unit 162 Applicant before: Guangzhou V-Solution Electronic Technology Co., Ltd |
|
| CB02 | Change of applicant information | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170104 |
|
| RJ01 | Rejection of invention patent application after publication |