CN107911335B - Method, device and system for checking Uniform Resource Identifier (URI) - Google Patents

Method, device and system for checking Uniform Resource Identifier (URI) Download PDF

Info

Publication number
CN107911335B
CN107911335B CN201710883109.8A CN201710883109A CN107911335B CN 107911335 B CN107911335 B CN 107911335B CN 201710883109 A CN201710883109 A CN 201710883109A CN 107911335 B CN107911335 B CN 107911335B
Authority
CN
China
Prior art keywords
uri
item
application program
verified
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710883109.8A
Other languages
Chinese (zh)
Other versions
CN107911335A (en
Inventor
徐萌阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuba Co Ltd
Original Assignee
Wuba Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuba Co Ltd filed Critical Wuba Co Ltd
Priority to CN201710883109.8A priority Critical patent/CN107911335B/en
Publication of CN107911335A publication Critical patent/CN107911335A/en
Application granted granted Critical
Publication of CN107911335B publication Critical patent/CN107911335B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
    • G06F16/9566URL specific, e.g. using aliases, detecting broken or misspelled links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a method, a device and a system for checking Uniform Resource Identifiers (URIs). The method for checking the URI provided by the invention comprises the following steps: the method comprises the steps that when a target application program calls a third-party application program to load a target file, a URI to be verified transmitted to an interface of the third-party application program is obtained; the URI package to be verified comprises first verification information; generating second verification information according to preset rules corresponding to the terminal by using information corresponding to a naming mechanism item, a host name item and a path item of an access resource in the URI to be verified; and if the second verification information is consistent with the first verification information, obtaining a result that the URI to be verified passes the verification. The method, the device and the system for verifying the URI reduce the consumption of the terminal performance, obtain the reliable verification result and avoid the phenomenon that the target application programs on other terminals cannot normally run after the verification method of the target application program on one terminal is cracked.

Description

Method, device and system for checking Uniform Resource Identifier (URI)
Technical Field
The present invention relates to communications engineering technologies, and in particular, to a method, an apparatus, and a system for checking a uniform resource identifier URI.
Background
Because the code of an Application program (APP for short) runs locally at a terminal that is away from the server supervision, if an Application program needs to call a third-party Application program to load a certain target file, the URI of the target file needs to be transmitted to an interface of the third-party Application program, so that the third-party Application program obtains the target file according to the URI and loads the target file. However, in the process of transmitting the URI of the target file to the interface of the third-party application program, the URI of the target file may be maliciously intercepted and tampered, so that the running result of the application program is not expected, and even the phenomenon that the application program is crashed or the user information is tampered may occur. Therefore, it is important to obtain the URI being transferred in the process of transferring the URI of the target file to the interface of the third-party application program to check the validity of the URI.
In the prior art, a scheme for checking the URI is that a terminal uploads an acquired URI being transmitted to a server, and the server checks the validity of the URI. However, in this scheme, the acquired URI being transmitted needs to be uploaded to the server, and the verification result returned by the server is received, which increases the consumption of the mobile phone performance. And the check result returned by the server is also easy to be maliciously intercepted or tampered, so that the terminal cannot receive the check result or receives an error check result, and the use experience of a user is influenced.
Disclosure of Invention
The invention provides a method, a device and a system for checking a Uniform Resource Identifier (URI), which are used for overcoming the technical problems that the consumption for checking the performance of a URI mobile phone is high and the checking result is unreliable in the prior art.
In a first aspect, this embodiment provides a method for checking a uniform resource identifier URI, which is applied to a terminal, and includes:
the method comprises the steps that when a target application program calls a third-party application program to load a target file, a URI to be verified transmitted to an interface of the third-party application program is obtained; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource;
generating second verification information according to the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified and a preset rule corresponding to the terminal;
and judging whether the second verification information is consistent with the first verification information corresponding to the first verification information item, if so, obtaining a result that the URI to be verified passes the verification.
In the method, the generating second verification information according to the information included in the naming mechanism item, the host name item, and the path item of the access resource in the URI to be verified according to the preset rule corresponding to the terminal includes:
respectively adopting an MD5 algorithm to encrypt information corresponding to a naming mechanism item, a host name item and a path item of the access resource in the URI to be verified to obtain MD5 values corresponding to the items;
for each corresponding MD5 value, extracting characters at least two positions corresponding to the intercepted digits in the MD5 value according to the intercepted digits corresponding to the MD5 value to obtain a pre-fetching character string, wherein the intercepted digits are used for indicating the positions of the extracted characters in the MD5 value, and the intercepted digits are issued by a server according to the international equipment identity (IMEI) of the terminal;
and combining the prefetched character strings to obtain second verification information.
As described above, before the obtaining of the URI to be verified transferred to the interface of the third party application when the target application calls the third party application to load the target file, the method further includes:
after acquiring the installation package of the target application program from the server, sending an international equipment identification code (IMEI) to the server;
and receiving an intercepted number set which is returned by the server according to the IMEI and comprises the intercepted numbers corresponding to the to-be-verified URI.
As described above, before the obtaining of the URI to be verified transferred to the interface of the third party application when the target application calls the third party application to load the target file, the method further includes:
generating an original URI of the target file, wherein the original URI comprises a naming mechanism item, a host name item and a path item of an access resource;
generating third verification information according to the preset rule by using the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the original URI;
combining the naming mechanism item, the host name item, the path item and the third verification information of the access resource in the original URI to obtain a URI to be transmitted;
and if the URI to be verified passes the verification, the URI to be verified is the same as the URI to be transmitted.
In a second aspect, the present invention further provides a method for checking a uniform resource identifier URI, which is applied to a server, and includes:
acquiring a source code of a target application program and a URI (Uniform resource identifier) check code corresponding to the target application program;
weaving the URI verification code into a Software Development Kit (SDK) by adopting a section-oriented programming (AOP) to obtain a processed SDK;
and obtaining an installation package of the target application program according to the source code of the target application program and the processed SDK, so that the terminal verifies whether the obtained URI to be verified is legal or not according to a URI verification code in the installation package and a preset rule corresponding to the terminal, wherein the URI to be verified is a URI transmitted to an interface of a third party application program when the target application program calls the third party application program to load a target file.
The method as described above, further comprising:
receiving an international equipment identification code IMEI sent by a terminal;
and sending the intercepted numbers corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified to the terminal according to the IMEI.
In a third aspect, the present invention further provides an apparatus for checking a uniform resource identifier URI, applied to a terminal, including:
the system comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a URI to be verified transmitted to an interface of a third-party application program when the target application program calls the third-party application program to load a target file; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource;
the verification information generation module is used for generating second verification information according to the preset rule corresponding to the terminal by using the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified;
and the judging module is used for judging whether the second verification information is consistent with the first verification information corresponding to the first verification information item, and if so, obtaining a result that the URI to be verified passes the verification.
In the foregoing apparatus, the verification information generating module is specifically configured to:
respectively adopting an MD5 algorithm to encrypt information corresponding to a naming mechanism item, a host name item and a path item of the access resource in the URI to be verified to obtain MD5 values corresponding to the items;
for each corresponding MD5 value, extracting characters at positions corresponding to the intercepted numbers in the MD5 value according to the intercepted numbers corresponding to the MD5 value to obtain a pre-fetching character string, wherein the intercepted numbers are used for indicating the positions of the extracted characters in the MD5 value, and the intercepted numbers are issued by a server according to the international equipment identity (IMEI) of the terminal;
and combining the prefetched character strings to obtain second verification information.
In a fourth aspect, the present invention further provides an apparatus for verifying a uniform resource identifier URI, which is applied to a server, and includes:
the system comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a source code of a target application program and a URI (Uniform resource identifier) check code corresponding to the target application program;
the weaving module is used for weaving the URI verification code into a Software Development Kit (SDK) by adopting a section-oriented programming (AOP) to obtain a processed SDK;
and the installation package generation module is used for obtaining an installation package of the target application program according to the source code of the target application program and the processed SDK, so that the terminal verifies whether the obtained URI to be verified is legal or not according to the URI verification code in the installation package and a preset rule corresponding to the terminal, and the URI to be verified is the URI transmitted to an interface of a third party application program when the target application program calls the third party application program to load a target file.
In a fifth aspect, the present invention further provides a system for verifying a uniform resource identifier URI, including: the apparatus of the third aspect, and the apparatus of the fourth aspect.
The method for checking the uniform resource identifier URI provided by the invention comprises the following steps: the method comprises the steps that when a target application program calls a third-party application program to load a target file, a URI to be verified transmitted to an interface of the third-party application program is obtained; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource; generating second verification information according to preset rules corresponding to the terminal by using information corresponding to a naming mechanism item, a host name item and a path item of an access resource in the URI to be verified; and judging whether the second verification information is consistent with the first verification information included in the first verification information item, if so, obtaining a result that the URI to be verified passes the verification. The method for checking the uniform resource identifier URI reduces the consumption of the terminal performance, obtains reliable checking results, and avoids the phenomenon that target application programs on other terminals cannot normally run after the checking method of the target application program on one terminal is cracked.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a diagram of one possible system architecture provided by the present invention;
FIG. 2 is a flowchart of a first embodiment of a method for verifying a uniform resource identifier URI provided in the present invention;
FIG. 3 is a flowchart of a second embodiment of a method for verifying a uniform resource identifier URI provided in the present invention;
FIG. 4 is a flowchart of a third embodiment of a method for verifying a uniform resource identifier URI provided in the present invention;
FIG. 5 is a flowchart of a fourth embodiment of a method for checking a uniform resource identifier URI provided in the present invention;
FIG. 6 is a schematic structural diagram of a first apparatus for verifying a uniform resource identifier URI according to the present invention;
FIG. 7 is a schematic structural diagram of a second embodiment of an apparatus for verifying a uniform resource identifier URI provided in the present invention
FIG. 8 is a schematic structural diagram of a third embodiment of an apparatus for verifying a uniform resource identifier URI provided in the present invention;
fig. 9 is a schematic structural diagram of a fourth embodiment of the apparatus for checking a uniform resource identifier URI according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
FIG. 1 is a diagram of one possible system architecture provided by the present invention; referring to fig. 1, the system architecture diagram of the present invention includes: a server 11 and a terminal 12. The server 11 stores the international equipment identity IMEI of each terminal, and may also store an intercepted number set used when verifying the uniform resource identifier URI corresponding to each IMEI.
Specifically, after the target application is installed, the terminal 12 obtains the intercepted number set corresponding to the IMEI of the terminal from the server. When the URI is verified, the terminal 12 acquires the URI to be verified, which is transmitted to an interface of the third-party application program when the target application program calls the third-party application program to load the target file; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource; the terminal 12 generates second verification information according to the name mechanism item, the host name item and the path item of the intercepted digit set and the accessed resource, obtains a result that the URI to be verified passes the verification if the second verification information is the same as the first verification information, and sends the URI to be verified that passes the verification to an interface of a third-party application program so that the third-party application program loads a target file. In the invention, the interaction with the server is not carried out in the process of starting to verify the uniform resource identifier URI, the performance consumption of the terminal is low, the verification result is reliable, and the use experience of a user is improved.
The method for checking a URI according to the present invention will be described in detail below with reference to specific examples.
Fig. 2 is a flowchart of a first embodiment of a method for checking a uniform resource identifier URI, where as shown in fig. 2, the method of this embodiment may include:
step S201, when a target application program calls a third party application program to load a target file, obtaining a URI to be verified transmitted to an interface of the third party application program; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource;
step S202, generating second verification information according to the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified according to a preset rule corresponding to the terminal;
step S203, determining whether the second verification information is consistent with the first verification information corresponding to the first verification information item, and if so, obtaining a result that the URI to be verified passes the verification.
Specifically, the execution body in the present embodiment may be the terminal 12 in the architecture diagram shown in fig. 1.
The target application in this embodiment refers to an application that is running and needs to call a third-party application to load a certain file stored on the terminal. Obviously, the target application is an application installed on the terminal. The target file in this embodiment is a file stored on the terminal, which is loaded by the target application program and needs to call the third-party application program.
For example, the target application program is a 'dripping express train', when a passenger finishes a journey of taking the 'dripping express train', a payment page is displayed to the user, a file corresponding to the payment page is a target file, and if the payment mode selected by the user is 'WeChat payment', the 'WeChat' is a third-party application program. When the passenger pays, the 'drip express' application program calls a third-party application program 'WeChat' to load a file corresponding to the paid page so as to finish payment. When the 'dripping express delivery' application program calls the 'WeChat' third-party application program to load the file corresponding to the paid page, the URI of the file needs to be sent to the 'WeChat' interface of the third-party application program, so that the third-party application program finds the file through the URI and loads the file, and after the loading is finished, the payment operation is finished. The URI generally includes a naming mechanism item, a host name item, and a path item for accessing the resource, such as the following URI: file:// app.58.com/data/user/0/com.wuba/files/rn/7/7_103.bundle, where file is information corresponding to the naming scheme item of the access resource, that is, the access resource is a file, app.58.com is information corresponding to the host name item, that is, the host name for storing the access resource, and data/user/0/com.wuba/files/rn/7/7_103.bundle is information corresponding to the path item, that is, the name of the access resource. Every resource (document, image, video, etc.) available on the web can be located through a URI.
Therefore, if the URI sent by the interface of the third party application "WeChat" is an illegal URI, such as the URI of a document corresponding to a page on which a cheater cheats money, when the third party application "WeChat" loads the document according to the illegal URI, the money of the passenger is cheated by the cheater. Therefore, it is important to obtain the URI sent to the interface of the third-party application program at this time and verify the validity of the URI.
The specific flow of checking the URI in the present embodiment will be described in detail below.
For step S101, when the terminal acquires a target application program and calls a third party application program to load a target file stored on the terminal, the terminal transmits a URI to be verified to an interface of the third party application program; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource.
At this time, the URI to be verified acquired by the terminal is the URI being transferred into the interface of the third party application. The URI to be verified comprises a naming mechanism item, a host name item and a path item of the access resource, and also comprises a first verification information item, wherein the first verification information item comprises first verification information.
Generating second verification information for the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified in the steps S202 to S203 according to a preset rule corresponding to the terminal; and after the second verification information is obtained, judging whether the second verification information is consistent with the first verification information corresponding to the first verification information item, if so, obtaining a result that the URI to be verified passes the verification. And if the second verification information is inconsistent with the first verification information, the URI to be verified is an illegal URI, and at the moment, the transmission of the URI to be verified to an interface of the third-party application program should be stopped in time.
That is, the preset rule is different for different terminals. The benefits of this are: even if the A code (including the source code and the check code) corresponding to the target application program installed on the terminal A is decompiled, the cheater knows the preset rule (namely, the check method) corresponding to the target application program and the check code, so that the cheater can verify the illegal URI; however, since the preset rule for generating the second verification information on the terminal B is different from the preset rule for generating the second verification information on the terminal a, that is, the verification method corresponding to the target application installed on the terminal B is different from the verification method corresponding to the target application installed on the terminal a, a cheater can only lock the cheating scope in the target application installed on the terminal a, and the target application installed on the terminal B can still normally run.
Further, it will be understood by those skilled in the art that the second authentication information is generated in the same manner as the first authentication information in the URI to be authenticated.
In the embodiment, the process of checking the URI is finished by the terminal, interaction between the server and the terminal is not needed, the consumption of the terminal performance is reduced, and the obtained checking result is reliable. And the preset rules for generating the second verification information corresponding to each terminal are different, so that the phenomenon that the target application programs on other terminals cannot normally run after the verification method of the target application program on one terminal is cracked is avoided.
The method for checking a uniform resource identifier URI in this embodiment includes: the method comprises the steps that when a target application program calls a third-party application program to load a target file, a URI to be verified transmitted to an interface of the third-party application program is obtained; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource; generating second verification information according to preset rules corresponding to the terminal by using information corresponding to a naming mechanism item, a host name item and a path item of an access resource in the URI to be verified; and judging whether the second verification information is consistent with the first verification information included in the first verification information item, if so, obtaining a result that the URI to be verified passes the verification. The method for checking the uniform resource identifier URI reduces the consumption of the terminal performance, obtains reliable checking results, and avoids the phenomenon that target application programs on other terminals cannot normally run after the checking method of the target application program on one terminal is cracked.
A detailed description will be given below of a possible generation method of the second verification information in the previous embodiment by using a specific embodiment.
Fig. 3 is a flowchart of a second embodiment of the method for checking a uniform resource identifier URI, where as shown in fig. 3, the method of this embodiment may include:
s301, respectively encrypting information corresponding to a naming mechanism item, a host name item and a path item of an access resource by adopting an MD5 algorithm to obtain MD5 values corresponding to the items;
step S302, extracting characters at least two positions corresponding to the intercepted digits in the MD5 value according to the intercepted digits corresponding to the MD5 value for each corresponding MD5 value to obtain a pre-fetching character string, wherein the intercepted digits are used for indicating the positions of the extracted characters in the MD5 value, and the intercepted digits are issued by the server according to the international equipment identity (IMEI) of the terminal;
step S303, combine the prefetch character strings to obtain second verification information.
Specifically, the naming mechanism item, the host name item, and the path item of the access resource are encrypted by using an MD5 algorithm, respectively, to obtain MD5 values corresponding to the items.
For example, the naming mechanism item for accessing the resource is files, and the MD5 value corresponding to the naming mechanism item for accessing the resource obtained by encrypting the "files" by using the MD5 algorithm is "45B 963397AA40D4a0063E0D85E4FE7a 1".
The host name item is app.58.com, and the MD5 value corresponding to the host name item obtained by encrypting the "app.58.com" by adopting the MD5 algorithm is "D84C 625C96FB1EC88D308C38C2CD08 BF".
The path item is data/user/0/com.wuba/files/rn/7/7_103.bundle, and the MD5 value corresponding to the path item obtained after the data/user/0/com.wuba/files/rn/7/7_103.bundle is encrypted by adopting an MD5 algorithm is 'A4A 1B89C63B6DA52DB34E47B0F379DD 4'.
For the first MD5 value "45B 963397AA40D4A0063E0D85E4FE7A 1" corresponding to the naming mechanism item of the access resource, a first truncated number corresponding to the naming mechanism item of the access resource is adopted, and characters at the position corresponding to the first truncated number in the first MD5 value are extracted. For example, if the first truncated number is 2 or 6, the characters from the 2 nd bit to the 6 th bit in the first MD5 value "45B 963397AA40D4a0063E0D85E4FE7a 1" are extracted as "5B 963" to obtain a first prefetch string. Since the MD5 value corresponding to the naming scheme entry for the accessed resource corresponds to the naming scheme entry for the accessed resource, it can also be said that the first truncated number corresponds to the MD5 value corresponding to the naming scheme entry for the accessed resource.
The second truncated number corresponding to the host name item is adopted for the second MD5 value "D84C 625C96FB1EC88D308C38C2CD08 BF" corresponding to the host name item, and the character at the position corresponding to the second truncated number in the second MD5 value is extracted. For example, if the second truncated number is 8 or 13, the characters "C96 FB 1" from bit 8 to bit 13 in the second MD5 value "D84C 625C96FB1EC88D308C38C2CD08 BF" are extracted to obtain a second prefetch string. Since the MD5 value corresponding to the host name entry corresponds to the host name entry, the second truncated number can also be said to correspond to the MD5 value corresponding to the host name entry.
The third truncated number corresponding to the path item is taken for the third MD5 value "A4 A1B89C63B6DA52DB34E47B0F379DD 4" corresponding to the path item, and the character at the position corresponding to the third truncated number in the third MD5 value is extracted. For example, if the third truncated number is 18 or 20, the 18 th to 20 th characters "B34" in the third MD5 value "A4A 1B89C63B6DA52DB34E47B0F379DD 4" are extracted to obtain a third prefetch string. Since the MD5 value corresponding to the path entry corresponds to the path entry, the third truncated number can also be said to correspond to the MD5 value corresponding to the path entry.
Combining the first prefetch character string, the second prefetch character string and the third prefetch character string to obtain second verification information, for example, combining the first prefetch character string, the second prefetch character string and the third prefetch character string to obtain: "5B 963C96FB1B 34", the second authentication information is "5B 963C96FB1B 34".
Wherein, each respective corresponding intercepting figure is sent to the terminal by the server according to the international identification code of the terminal, and specifically comprises the following steps: the terminal sends the international equipment identification code IMEI to the server after acquiring the installation package of the target application program from the server; the server receives an international equipment identification code IMEI sent by the terminal, and acquires an intercepted number set corresponding to the IMEI, wherein the intercepted number set comprises intercepted numbers corresponding to a naming mechanism item, a host name item and a path item of an access resource in a URI to be verified; the server sends the intercepted digit set to the terminal, and the terminal receives the intercepted digit set comprising the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified and the intercepted digits corresponding to the intercepted digits respectively.
That is, for different IMEIs: the interception numbers corresponding to the naming mechanism item, the host name item and the path item of the access resource are different. For example, the IMEI of the terminal a is the first IMEI, and after receiving the first IMEI sent by the terminal a, the server sends an intercepted number set a, b, c, d, e, f corresponding to the first IMEI to the terminal a, where a and b may be intercepted numbers corresponding to a naming mechanism item of the access resource, c and d may be intercepted numbers corresponding to a host name item, and e and f may be intercepted numbers corresponding to a path item; the IMEI of the terminal B is a second IMEI, and after receiving the second IMEI sent by the terminal B, the server sends interception number sets h, i, j, k, l and m corresponding to the second IMEI to the terminal B, wherein h and i can be interception numbers corresponding to naming mechanism items of the access resources, j and k can be interception numbers corresponding to host name items, and l and m can be interception numbers corresponding to path items. The intercepted number set corresponding to the IMEI of each terminal may be preset and stored in the server, or may be randomly generated after the server receives the IMEI, and since the MD5 value is 32 bits, each number in the intercepted number set is not greater than 32.
It should be understood by those skilled in the art that the preset rules in the previous embodiment are the MD5 algorithm in this embodiment and the interception rules corresponding to the terminals, and the difference between the interception rules corresponding to the terminals determines the difference between the preset rules corresponding to the terminals.
In this embodiment, the second verification information is obtained through the MD5 algorithm and the interception rule corresponding to the terminal, so that the probability of a cheater to crack the target application program is reduced, and the phenomenon that the target application programs on other terminals cannot normally run after the verification method of the target application program on one terminal is cracked is avoided.
Since the URI needs to be transferred to the interface of the third party application when the target application calls the third party application to load the target file, the method for verifying the URI of the uniform resource identifier according to the present invention further includes a process of generating the URI to be transferred of the target file. The process of generating the URI to be transferred of the target file will be described in detail below.
Fig. 4 is a flowchart of a third embodiment of the method for checking a uniform resource identifier URI, where as shown in fig. 4, the method of this embodiment may include:
step S401, generating an original URI of a target file, wherein the original URI comprises a naming mechanism item, a host name item and a path item of an access resource;
step S402, generating third verification information according to the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the original URI according to a preset rule;
step S403, combining the naming mechanism item, the host name item, the path item and the third verification information of the access resource in the original URI to obtain the URI to be transmitted.
Specifically, in the process of transmitting the generated URI to be transmitted to the interface of the third-party application program, if the URI to be transmitted is not tampered, the URI to be transmitted is the URI to be verified, and the third verification information in the URI to be transmitted is the same as the first verification information in the URI to be verified.
For step S401, the original URI of the target file is generated, and the original URI includes a naming mechanism item, a host name item, and a path item of the access resource. For a specific generation method, reference is made to a generation method in the prior art, and details are not repeated in this embodiment.
And step S402, generating third verification information according to the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the original URI according to a preset rule. That is, the method of generating the second authentication information is the same as the method of generating the third authentication information. That is, if the URI to be transmitted is not tampered during transmission to the interface of the third-party application, the same method as that used to generate the third verification information in the URI to be transmitted is used to verify the URI to be verified to generate the second verification information, and the verification information generated twice is necessarily the same, which is the principle of verification performed by the present invention.
Generating third verification information according to preset rules by using information corresponding to a naming mechanism item, a host name item and a path item of an access resource in an original URI, specifically comprising: respectively adopting an MD5 algorithm to encrypt information corresponding to a naming mechanism item, a host name item and a path item of an access resource in an original URI respectively to obtain MD5 values corresponding to the items respectively; for each MD5 value corresponding to each item in the original URI, extracting characters at least two positions corresponding to the intercepted numbers in the MD5 value according to the intercepted numbers corresponding to the MD5 value to obtain a pre-fetching character string, wherein the intercepted numbers are used for indicating the positions of the extracted characters in the MD5 value, and the intercepted numbers are issued by a server according to the international equipment identity (IMEI) of the terminal; and combining the pre-fetching character strings to obtain third verification information. For one verification process of the same target application program, the intercepted numbers corresponding to all items in the original URI are the same as the intercepted numbers corresponding to all items in the URI to be verified when the URI to be verified is verified.
For step S403, combining the naming mechanism item, the host name item, the path item, and the third verification information of the access resource in the original URI to obtain a URI to be transmitted; and obtaining the URI to be transmitted with the verification information.
Due to the characteristics of the MD5 encryption algorithm, any one of the naming mechanism item, the host name item, and the path item of the access resource in the URI to be transmitted is tampered with, so that the second verification information obtained by using the preset rule is greatly different from the third verification information in the originally generated URI to be transmitted.
Therefore, if the URI to be transmitted is tampered during the transmission process, and a cheater does not decipher the code related to the target application (including the verification method), it is difficult to make the first verification information in the tampered URI to be verified identical to the second verification information verified by the terminal according to the preset rule, that is, it is difficult to obtain the result that the URI to be verified passes the verification.
In addition, the combination of the intercepted number sets is as high as 122023939, so that the probability of the code related to the target application program being cracked is low.
Those skilled in the art can understand that after the current verification process is completed, the terminal may further repeatedly perform the process of sending the international equipment identity IMEI to the server, so that the server randomly generates an intercepted number set again according to the international identity, and thus the intercepted number set adopted when the URI to be transmitted and the URI to be verified of the target file are generated at the same terminal is different from the intercepted number set adopted when the URI to be transmitted and the URI to be verified of the target file are generated at present. At this time, in the first embodiment, "the information corresponding to the naming mechanism item, the host name item, and the path item of the access resource in the URI to be verified is generated into the second verification information according to the preset rule corresponding to the terminal," specifically, "the information corresponding to the naming mechanism item, the host name item, and the path item of the access resource in the URI to be verified is generated into the second verification information according to the preset rule corresponding to the current verification process performed by the terminal. This arrangement further increases the difficulty for a spammer to decipher code associated with the target application.
In the embodiment, the verification information in the URI to be transmitted is obtained through the MD5 algorithm and the interception rule corresponding to the terminal, so that the probability of a cheater for cracking the target application program is reduced, and the phenomenon that the target application programs on other terminals cannot normally run after the verification method of the target application program on one terminal is cracked is avoided.
Next, a method for generating an installation package of a target application in each of the above embodiments is described, and an execution subject in the next embodiment may be a server shown in fig. 1.
Fig. 5 is a flowchart of a fourth embodiment of the method for checking a uniform resource identifier URI, where as shown in fig. 5, the method of this embodiment may include:
s501, acquiring a source code of a target application program and a URI (Uniform resource identifier) check code corresponding to the target application program;
step S502, weaving the URI verification code into a Software Development Kit (SDK) by adopting a section-oriented programming (AOP) to obtain a processed SDK;
step S503, obtaining an installation package of the target application program according to the source code of the target application program and the processed SDK, so that the terminal verifies whether the obtained URI to be verified is legal or not according to the URI verification code in the installation package and a preset rule corresponding to the terminal, and the URI to be verified is a URI transmitted to an interface of the third party application program when the target application program calls the third party application program to load the target file.
Specifically, when the installation package of the target application program is obtained, the source code of the target application program and the URI check code corresponding to the target application program are obtained first, and then the URI check code is woven into the software development kit SDK by using the facet-oriented programming AOP to obtain the processed SDK.
The SDK is provided by a third-party application program, and the SDK comprises interface related parameters of the third-party application program which can be called by the target application program, so that the target application program can transmit the URI to the interface of the third-party application program.
In the embodiment, the URI verification codes are woven into the software development kit SDK by adopting the section-oriented programming AOP, so that the URI verification codes are completely decoupled from the codes of the third-party application program, and a user can flexibly change the URI verification codes.
Fig. 6 is a schematic structural diagram of a first embodiment of an apparatus for verifying a uniform resource identifier URI according to the present invention, and as shown in fig. 6, the apparatus of this embodiment may include: an acquisition module 61, an authentication information generation module 62 and a judgment module 63.
The obtaining module 61 is configured to obtain a URI to be verified, which is transmitted to an interface of a third-party application program when the target application program calls the third-party application program to load a target file; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource; the verification information generating module 62 is configured to generate second verification information according to the preset rule corresponding to the terminal, with respect to the information corresponding to the naming mechanism item, the host name item, and the path item of the access resource in the URI to be verified; and the judging module 63 is configured to judge whether the second verification information is consistent with the first verification information corresponding to the first verification information item, and if so, obtain a result that the URI to be verified passes the verification.
The verification information generating module 62 is specifically configured to: respectively adopting an MD5 algorithm to encrypt information corresponding to a naming mechanism item, a host name item and a path item of an access resource in a URI to be verified to obtain MD5 values corresponding to the items; for each corresponding MD5 value, extracting characters at least two positions corresponding to the intercepting digits in the MD5 value according to the intercepting digits corresponding to the MD5 value to obtain a pre-fetching character string, wherein the intercepting digits are used for indicating the positions of the extracted characters in the MD5 value, and the intercepting digits are issued by a server according to the international equipment identity IMEI of the terminal; and combining the pre-fetching character strings to obtain second verification information.
The verification information generation module 62 is further specifically configured to: when a target application program is obtained and calls a third party application program to load a target file, generating an original URI of the target file before a URI to be verified transmitted to an interface of the third party application program, wherein the original URI comprises a naming mechanism item, a host name item and a path item of an access resource; generating third verification information according to preset rules by using information corresponding to a naming mechanism item, a host name item and a path item of an access resource in an original URI; combining a naming mechanism item, a host name item, a path item and third verification information of the access resource in the original URI to obtain the URI to be transmitted; and if the URI to be verified passes the verification, the URI to be verified is the same as the URI to be transmitted.
The apparatus of this embodiment may be configured to implement the technical solutions of the above method embodiments, and the implementation principles and technical effects are similar, which are not described herein again.
Fig. 7 is a schematic structural diagram of a second apparatus for checking a uniform resource identifier URI according to the present invention, as shown in fig. 7, the apparatus of this embodiment may further include, on the basis of the apparatus structure shown in fig. 6: a transmitting module 64 and a receiving module 65.
The sending module 13 is configured to send the international equipment identity IMEI to the server after acquiring the installation package of the target application from the server; the receiving module 65 is configured to receive an intercepted number set including the intercepted numbers corresponding to the URIs to be verified, which are returned by the server according to the IMEI.
The apparatus of this embodiment may be configured to implement the technical solutions of the above method embodiments, and the implementation principles and technical effects are similar, which are not described herein again.
Fig. 8 is a schematic structural diagram of a third embodiment of the apparatus for verifying a uniform resource identifier URI according to the present invention, and as shown in fig. 8, the apparatus of this embodiment may include an obtaining module 81, a weaving module 82, and an installation package generating module 83.
An obtaining module 81, configured to obtain a source code of a target application and a URI check code corresponding to the target application; a weaving module 82, configured to weave the URI check code into the software development kit SDK using the facet-oriented programming AOP, to obtain a processed SDK; and the installation package generation module 83 is configured to obtain an installation package of the target application according to the source code of the target application and the processed SDK, so that the terminal verifies whether the obtained URI to be verified is legal according to the URI verification code in the installation package and a preset rule corresponding to the terminal, where the URI to be verified is a URI transmitted to an interface of a third-party application when the target application calls the third-party application to load the target file.
Fig. 9 is a schematic structural diagram of a third apparatus for checking a uniform resource identifier URI according to the present invention, and as shown in fig. 9, the apparatus of this embodiment may further include, on the basis of the apparatus structure shown in fig. 8: a receiving module 84 and a transmitting module 85. A receiving module 84, configured to receive an international equipment identity IMEI sent by a terminal; the obtaining module 81 is further configured to obtain an intercepted number set corresponding to the IMEI, where the intercepted number set includes intercepted numbers corresponding to a naming mechanism item, a host name item, and a path item of an access resource in the URI to be verified; the sending module 85 sends the intercepted digital set to the terminal.
The apparatus of this embodiment may be configured to implement the technical solutions of the above method embodiments, and the implementation principles and technical effects are similar, which are not described herein again.
The present invention further provides a system for verifying a uniform resource identifier URI, where the system of this embodiment includes: a first device and a second device, wherein the first device can adopt the structure of the embodiment of the device in any one of fig. 6-7, and the second device can adopt the structure of the embodiment of the device in any one of fig. 8-9.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (8)

1. A method for checking Uniform Resource Identifier (URI) is applied to a terminal and is characterized by comprising the following steps:
the method comprises the steps that when a target application program calls a third-party application program to load a target file, a URI to be verified transmitted to an interface of the third-party application program is obtained; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource;
generating second verification information according to the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified and a preset rule corresponding to the terminal;
judging whether the second verification information is consistent with first verification information corresponding to the first verification information item, if so, obtaining a result that the URI to be verified passes the verification;
generating second verification information according to the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified respectively according to a preset rule corresponding to the terminal, wherein the second verification information comprises:
respectively adopting an MD5 algorithm to encrypt information corresponding to a naming mechanism item, a host name item and a path item of the access resource in the URI to be verified to obtain MD5 values corresponding to the items;
for each corresponding MD5 value, extracting characters at least two positions corresponding to the intercepted digits in the MD5 value according to the intercepted digits corresponding to the MD5 value to obtain a pre-fetching character string, wherein the intercepted digits are used for indicating the positions of the extracted characters in the MD5 value, and the intercepted digits are issued by a server according to the international equipment identity (IMEI) of the terminal;
and combining the prefetched character strings to obtain second verification information.
2. The method of claim 1, wherein when the get target application calls a third party application to load a target file, and before the URI to be verified that is transmitted into the interface of the third party application, the method further comprises:
after acquiring the installation package of the target application program from the server, sending an international equipment identification code (IMEI) to the server;
and receiving an intercepted number set which is returned by the server according to the IMEI and comprises the intercepted numbers corresponding to the to-be-verified URI.
3. The method of claim 2, wherein when the get target application calls a third party application to load a target file, and before the URI to be verified that is transmitted into the interface of the third party application, the method further comprises:
generating an original URI of the target file, wherein the original URI comprises a naming mechanism item, a host name item and a path item of an access resource;
generating third verification information according to the preset rule by using the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the original URI;
combining the naming mechanism item, the host name item, the path item and the third verification information of the access resource in the original URI to obtain a URI to be transmitted;
and if the URI to be verified passes the verification, the URI to be verified is the same as the URI to be transmitted.
4. A method for checking Uniform Resource Identifier (URI), which is applied to a server and is characterized by comprising the following steps:
acquiring a source code of a target application program and a URI (Uniform resource identifier) check code corresponding to the target application program;
weaving the URI verification code into a Software Development Kit (SDK) by adopting a section-oriented programming (AOP) to obtain a processed SDK;
and obtaining an installation package of the target application program according to the source code of the target application program and the processed SDK, so that the terminal verifies whether the obtained URI to be verified is legal or not according to a URI verification code in the installation package and a preset rule corresponding to the terminal, wherein the URI to be verified is a URI transmitted to an interface of a third party application program when the target application program calls the third party application program to load a target file.
5. The method of claim 4, further comprising:
receiving an international equipment identification code IMEI sent by a terminal;
acquiring an intercepted number set corresponding to the IMEI, wherein the intercepted number set comprises intercepted numbers corresponding to a naming mechanism item, a host name item and a path item of an access resource in the URI to be verified;
and sending the intercepted digit set to the terminal.
6. An apparatus for verifying uniform resource identifier URI, applied to a terminal, includes:
the system comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a URI to be verified transmitted to an interface of a third-party application program when the target application program calls the third-party application program to load a target file; the URI to be verified comprises a naming mechanism item, a host name item, a path item and a first verification information item of the access resource;
the verification information generation module is used for generating second verification information according to the preset rules corresponding to the terminal by using the information corresponding to the naming mechanism item, the host name item and the path item of the access resource in the URI to be verified;
the judging module is used for judging whether the second verification information is consistent with the first verification information corresponding to the first verification information item or not, and if so, obtaining a result that the URI to be verified passes the verification;
the verification information generation module is specifically configured to:
respectively adopting an MD5 algorithm to encrypt information corresponding to a naming mechanism item, a host name item and a path item of the access resource in the URI to be verified to obtain MD5 values corresponding to the items;
for each corresponding MD5 value, extracting characters at least two positions corresponding to the intercepted digits in the MD5 value according to the intercepted digits corresponding to the MD5 value to obtain a pre-fetching character string, wherein the intercepted digits are used for indicating the positions of the extracted characters in the MD5 value, and the intercepted digits are issued by a server according to the international equipment identity (IMEI) of the terminal;
and combining the prefetched character strings to obtain second verification information.
7. An apparatus for verifying uniform resource identifier URI applied to a server, comprising:
the system comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a source code of a target application program and a URI (Uniform resource identifier) check code corresponding to the target application program;
the weaving module is used for weaving the URI verification code into a Software Development Kit (SDK) by adopting a section-oriented programming (AOP) to obtain a processed SDK;
and the installation package generation module is used for obtaining an installation package of the target application program according to the source code of the target application program and the processed SDK, so that the terminal verifies whether the obtained URI to be verified is legal or not according to the URI verification code in the installation package and a preset rule corresponding to the terminal, and the URI to be verified is the URI transmitted to an interface of a third party application program when the target application program calls the third party application program to load a target file.
8. A system for verifying a uniform resource identifier, URI, comprising: the apparatus of claim 6, and the apparatus of claim 7.
CN201710883109.8A 2017-09-26 2017-09-26 Method, device and system for checking Uniform Resource Identifier (URI) Active CN107911335B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710883109.8A CN107911335B (en) 2017-09-26 2017-09-26 Method, device and system for checking Uniform Resource Identifier (URI)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710883109.8A CN107911335B (en) 2017-09-26 2017-09-26 Method, device and system for checking Uniform Resource Identifier (URI)

Publications (2)

Publication Number Publication Date
CN107911335A CN107911335A (en) 2018-04-13
CN107911335B true CN107911335B (en) 2021-02-09

Family

ID=61841015

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710883109.8A Active CN107911335B (en) 2017-09-26 2017-09-26 Method, device and system for checking Uniform Resource Identifier (URI)

Country Status (1)

Country Link
CN (1) CN107911335B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109635550B (en) * 2018-12-12 2021-08-17 苏州思必驰信息科技有限公司 Permission verification method, gateway and system for cluster data
CN110310648A (en) * 2019-05-21 2019-10-08 深圳壹账通智能科技有限公司 Control method, device, mobile terminal and the readable storage medium storing program for executing of mobile terminal
CN117472035B (en) * 2023-12-27 2024-03-08 东方电气风电股份有限公司 Verification method for software and hardware of main control system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101695164A (en) * 2009-09-28 2010-04-14 华为技术有限公司 Verification method, device and system for controlling resource access
CN103701946A (en) * 2013-12-20 2014-04-02 珠海金山网络游戏科技有限公司 Method and system for client-side to be in communication with server through URL (Universal Resource Locator)
CN104717177A (en) * 2013-12-11 2015-06-17 中国移动通信集团公司 Mobile application security control method and mobile application security control device
CN106020858A (en) * 2016-04-29 2016-10-12 乐视控股(北京)有限公司 Method, terminal and system for downloading and installation of application program

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060106802A1 (en) * 2004-11-18 2006-05-18 International Business Machines Corporation Stateless methods for resource hiding and access control support based on URI encryption
US20130268773A1 (en) * 2011-09-07 2013-10-10 Elwha Llc Computational systems and methods for preparing data for double-encryption and anonymous storage

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101695164A (en) * 2009-09-28 2010-04-14 华为技术有限公司 Verification method, device and system for controlling resource access
CN104717177A (en) * 2013-12-11 2015-06-17 中国移动通信集团公司 Mobile application security control method and mobile application security control device
CN103701946A (en) * 2013-12-20 2014-04-02 珠海金山网络游戏科技有限公司 Method and system for client-side to be in communication with server through URL (Universal Resource Locator)
CN106020858A (en) * 2016-04-29 2016-10-12 乐视控股(北京)有限公司 Method, terminal and system for downloading and installation of application program

Also Published As

Publication number Publication date
CN107911335A (en) 2018-04-13

Similar Documents

Publication Publication Date Title
US11521203B2 (en) Generating a cryptographic key based on transaction data of mobile payments
CN107360131B (en) Method, server and system for controlling validity of service request
CN112000951B (en) Access method, device, system, electronic equipment and storage medium
CN111861451A (en) Offline transaction method, client device and POS (point of sale) machine
CN110690956B (en) Bidirectional authentication method and system, server and terminal
CN107911335B (en) Method, device and system for checking Uniform Resource Identifier (URI)
CN101771680B (en) Method for writing data to smart card, system and remote writing-card terminal
CN105787727B (en) HCE (human computer interaction) offline payment system and implementation method
CN107992753B (en) Method for updating software of a control device of a vehicle
CN103679000A (en) Apparatus and method for remotely deleting critical information
CN105516135A (en) Method and device used for account login
CN109120395A (en) Label data generation method, label and the data processing based on NFC label
CN102916970A (en) Network-based PIN cache method
CN111814132B (en) Security authentication method and device, security authentication chip and storage medium
CN107609878B (en) Security authentication method and system for shared automobile
CN107645474B (en) Method and device for logging in open platform
CN111833063A (en) Information processing method, computer device, and computer-readable storage medium
CN105100030B (en) Access control method, system and device
KR20100136306A (en) System and method for registering otp creation condition for mobile settlement and recording medium
CN112202549B (en) Charging management method, charging terminal data processing method and charging management platform data processing method
CN103179088A (en) Protection method and protection system of common gateway interface business
CN105654295A (en) Transaction control method and client
KR101906484B1 (en) Method for application security and system for executing the method
CN111246480A (en) Application communication method, system, equipment and storage medium based on SIM card
CN112994890B (en) Identity authentication method, internet of things equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant