CN109905366A - Terminal device safe verification method, device, readable storage medium storing program for executing and terminal device - Google Patents
Terminal device safe verification method, device, readable storage medium storing program for executing and terminal device Download PDFInfo
- Publication number
- CN109905366A CN109905366A CN201910041442.3A CN201910041442A CN109905366A CN 109905366 A CN109905366 A CN 109905366A CN 201910041442 A CN201910041442 A CN 201910041442A CN 109905366 A CN109905366 A CN 109905366A
- Authority
- CN
- China
- Prior art keywords
- equipment
- terminal equipment
- terminal
- check information
- device identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention belongs to field of computer technology more particularly to a kind of terminal device safe verification method, device, computer readable storage medium and terminal devices.The described method includes: first terminal equipment receives the equipment link order that user issues, it include the device identification of second terminal equipment in the equipment link order;History linkage record inquiry request is sent to preset server, includes the device identification of the second terminal equipment in the history linkage record inquiry request;The history linkage record of the second terminal equipment of the server feedback is received, and calculates the safety index of the second terminal equipment according to the history linkage record;If the safety index is greater than preset threshold value, to the second terminal equipment sending device connection request, connected with the equipment established between the second terminal equipment, includes the device identification of the first terminal equipment in the equipment connection request.It greatly reduces and is trespassed, cause the risk of economic loss.
Description
Technical field
The invention belongs to field of computer technology more particularly to a kind of terminal device safe verification methods, device, computer
Readable storage medium storing program for executing and terminal device.
Background technique
With the continuous development of technology of Internet of things, mobile phone, tablet computer, smartwatch/bracelet, intelligent glasses, intelligent family
Interconnection between the various terminal equipments such as electricity has become a kind of trend.During user's using terminal equipment,
Other than the equipment connection established between one's own terminal device, the terminal needed with other people can be also frequently encountered
Equipment carries out the case where equipment connection, and in such a scenario, user is often difficult to assess the safety of distant terminal equipment, is easy
It is invaded by the terminal device of some malice, causes huge economic loss.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of terminal device safe verification method, device, computer-readable depositing
Storage media and terminal device, to solve to be easy when carrying out equipment connection with other people terminal device by the end of some malice
The problem of end equipment invades, and causes huge economic loss.
The first aspect of the embodiment of the present invention provides a kind of terminal device safe verification method, may include:
First terminal equipment receives the equipment link order that user issues, and includes second terminal in the equipment link order
The device identification of equipment;
History linkage record inquiry request is sent to preset server, includes in the history linkage record inquiry request
The device identification of the second terminal equipment;
The history linkage record of the second terminal equipment of the server feedback is received, and is connected according to the history
Record calculates the safety index of the second terminal equipment;
If the safety index is greater than preset threshold value, to the second terminal equipment sending device connection request, with
The equipment established between the second terminal equipment connects, and includes the first terminal equipment in the equipment connection request
Device identification.
The second aspect of the embodiment of the present invention provides a kind of terminal device safety verification device, may include:
Equipment link order receiving module receives the equipment link order that user issues for first terminal equipment, described
It include the device identification of second terminal equipment in equipment link order;
Inquiry request sending module, for sending history linkage record inquiry request, the history to preset server
It include the device identification of the second terminal equipment in linkage record inquiry request;
Linkage record receiving module, the history connection note of the second terminal equipment for receiving the server feedback
Record;
Safety index computing module, the safety for calculating the second terminal equipment according to the history linkage record refer to
Number;
First connection request sending module, if being greater than preset threshold value for the safety index, eventually to described second
End equipment sending device connection request is connected with the equipment established between the second terminal equipment, and the equipment connection is asked
It include the device identification of the first terminal equipment in asking.
The third aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage
Media storage has computer-readable instruction, and the computer-readable instruction realizes following steps when being executed by processor:
First terminal equipment receives the equipment link order that user issues, and includes second terminal in the equipment link order
The device identification of equipment;
History linkage record inquiry request is sent to preset server, includes in the history linkage record inquiry request
The device identification of the second terminal equipment;
The history linkage record of the second terminal equipment of the server feedback is received, and is connected according to the history
Record calculates the safety index of the second terminal equipment;
If the safety index is greater than preset threshold value, to the second terminal equipment sending device connection request, with
The equipment established between the second terminal equipment connects, and includes the first terminal equipment in the equipment connection request
Device identification.
The fourth aspect of the embodiment of the present invention provides a kind of terminal device, including memory, processor and is stored in
In the memory and the computer-readable instruction that can run on the processor, the processor executes the computer can
Following steps are realized when reading instruction:
First terminal equipment receives the equipment link order that user issues, and includes second terminal in the equipment link order
The device identification of equipment;
History linkage record inquiry request is sent to preset server, includes in the history linkage record inquiry request
The device identification of the second terminal equipment;
The history linkage record of the second terminal equipment of the server feedback is received, and is connected according to the history
Record calculates the safety index of the second terminal equipment;
If the safety index is greater than preset threshold value, to the second terminal equipment sending device connection request, with
The equipment established between the second terminal equipment connects, and includes the first terminal equipment in the equipment connection request
Device identification.
Existing beneficial effect is the embodiment of the present invention compared with prior art: the first terminal in the embodiment of the present invention is set
It is standby after receiving the equipment link order (including the device identification of second terminal equipment) that user issues, first to default
Server send history linkage record inquiry request (including the device identification of the second terminal equipment), then receive
The history linkage record of the second terminal equipment of the server feedback, and according to history linkage record calculating
The safety index of second terminal equipment.If the safety index is greater than preset threshold value, sent to the second terminal equipment
Equipment connection request is connected with the equipment established between the second terminal equipment.History is connected in the embodiment of the present invention
The foundation assessed as the safety for the terminal device for treating connection is recorded, to identify that the terminal of malice is set in advance
It is standby, it greatly reduces and is trespassed, cause the risk of economic loss.
Detailed description of the invention
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
Needed in attached drawing be briefly described, it should be apparent that, the accompanying drawings in the following description is only of the invention some
Embodiment for those of ordinary skill in the art without any creative labor, can also be according to these
Attached drawing obtains other attached drawings.
Fig. 1 is a kind of one embodiment flow chart of terminal device safe verification method in the embodiment of the present invention;
Fig. 2 is a kind of another embodiment flow chart of terminal device safe verification method in the embodiment of the present invention;
Fig. 3 is a kind of one embodiment structure chart of terminal device safety verification device in the embodiment of the present invention;
Fig. 4 is a kind of schematic block diagram of terminal device in the embodiment of the present invention.
Specific embodiment
In order to make the invention's purpose, features and advantages of the invention more obvious and easy to understand, below in conjunction with the present invention
Attached drawing in embodiment, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that disclosed below
Embodiment be only a part of the embodiment of the present invention, and not all embodiment.Based on the embodiments of the present invention, this field
Those of ordinary skill's all other embodiment obtained without making creative work, belongs to protection of the present invention
Range.
Referring to Fig. 1, a kind of one embodiment of terminal device safe verification method may include: in the embodiment of the present invention
Step S101, first terminal equipment receives the equipment link order that user issues.
It include the device identification of second terminal equipment in the equipment link order.In the present embodiment, a certain terminal is set
Standby device identification can be international mobile equipment identification number (the International Mobile of the terminal device
Equipment Identity, IMEI) either the terminal device media access control address (Media Access
Control Address, MAC).
Connect when the user of first terminal equipment has wanted to set up the equipment between first terminal equipment and second terminal equipment
When connecing, the inventory for being currently available for the terminal device of connection can be opened in the human-computer interaction interface that first terminal equipment provides,
It include all other terminal devices that first terminal equipment can detect signal at current time, user in the inventory
The second terminal equipment for wanting connection is wherein being chosen, can issue to first terminal equipment carries setting for second terminal equipment
The equipment link order of standby mark.
Step S102, history linkage record inquiry request is sent to preset server.
It include the device identification of the second terminal equipment in the history linkage record inquiry request.
Step S103, the history linkage record of the second terminal equipment of the server feedback is received, and according to institute
State the safety index that history linkage record calculates the second terminal equipment.
Firstly, being extracted between each reference terminal equipment pair and the second terminal equipment from the history linkage record
Equipment connection procedure feedback information.
The reference device terminal is that the terminal device that equipment is connect was established between the second terminal equipment, in institute
It states in the interactive process between reference device terminal and the second terminal equipment, can constantly use preset regular expressions
The information that formula sends the second terminal equipment matches, to differentiate it with the presence or absence of security risk.
Using the process of regular expression matching information, information really is filtered using the filter condition of accurate definition
Process is now exemplified below:
Example 1, matched using regular expression " etc.* (shadow | passwd) " shaped like " etc+ (any character)+
The text of shadow or passwd ", under linux environment/etc/shadow and/etc/passwd record be sensitive local
User and encrypted message.The request that these texts are had in malicious requests is attempted maliciously to ask under leaky system by this
Seek the following valuable information of acquisition: target environment whether Linux system;Target environment http-server has arbitrary instruction execution
Loophole;The local all user name of destination host;The hash information etc. of the local all users of destination host.
Example 2, using regular expression " (sql | www | wwwroot) (tar | gz | zip | rar | bak) " match shape
As " .sql or www or wwwroot.tar or gz or zip or rar or bak " text, as mydata.sql.tar,
These texts of wwwroot.zip.These texts are had in malicious requests, attempt to pass through the malicious requests under leaky system
Obtain following valuable information: destination host whether there is any file extent loophole;With the presence or absence of update on destination host
Old environment (in a large amount of front end renewal process, is all first packaged, to update failure by the specific packaging file left in the process
Rollback environment afterwards) etc..
Example 3, using regular expression " ((| %28) (+| 20%) * () | %29) (| %7B | %7b) .+;(%
20) * (} | %7D | %7d);" come matched text, such as famous CVE-2014-6271 loophole, submission can be passed through
Specific character string achievees the purpose that any order of execution, causes extreme influence in internet within 2014.Above-mentioned expression formula can be with
Matching is shaped like () { };Such spcial character combination.These texts are had in malicious requests, attempt is obtained by the malicious requests
Take destination host with the presence or absence of CVE-2014-6271 loophole.
When using regular expression matching to corresponding information, the reference device terminal then thinks the second terminal
There are security risk, Xiang Suoshu servers to send negative feedback information for equipment, uses regular expression matching less than right conversely, working as
When the information answered, the reference device terminal then thinks the second terminal equipment, and there is no security risk, Xiang Suoshu servers
Send positive feedback information.
Then, the number of positive feedback information and the number of negative feedback information are counted respectively, and are calculated according to the following formula
The safety index of the second terminal equipment:
Wherein, PosFbNum is the number of the positive feedback information, and NegFbNum is the number of the negative feedback information
Mesh, BaseNum are preset benchmark number, can be set to 10,20,50 or other values according to the actual situation,
BaseIdx is preset benchmark index, can be set to 60%, 65%, 70% or other values according to the actual situation,
Ceil is the function that rounds up, and Min is function of minimizing, and SafeIdx is the safety index of the second terminal equipment.
If the safety index be greater than preset threshold value, continue to execute step S104, if the safety index be less than or
Equal to the threshold value, then it is believed that second terminal equipment there are biggish security risks, should not resettle and be connect with its equipment.
The threshold value can be configured according to the actual situation, for example, can be set to 80%, 85%, 90% or
The other values of person.
Step S104, Xiang Suoshu second terminal equipment sending device connection request, to establish and the second terminal equipment
Between equipment connection.
It include the device identification of the first terminal equipment in the equipment connection request.
The second terminal equipment, can also be with after receiving the equipment connection request that the first terminal equipment is sent
Judge that the first terminal equipment whether there is security risk by the process similar with above-mentioned steps S102 and step S103, if
The second terminal equipment determines the first terminal equipment, and there are security risks, then can refuse its connection request, if described
Second terminal equipment determines the first terminal equipment, and there is no security risks, then can receive its connection request, it is established that with
Equipment connection between the first terminal equipment.
Further, it is contemplated that if the connection of each secondary device requires to carry out above-mentioned calculating process, it will consumption is more
System resource one equipment white list can be set in each terminal device, in the white list in order to reduce calculation amount
All device identifications that the terminal device that equipment is connect once was successfully established with the terminal device are had recorded, for existing and this
Terminal device in white list then no longer needs to calculate its safety index.
I.e. after step slol, the first terminal equipment searches described second in preset equipment white list first
The device identification of terminal device.
Had recorded in the equipment white list that first terminal equipment is locally stored it is all once with first terminal equipment
It was successfully established the device identification of the terminal device of equipment connection, if finding second terminal equipment in the equipment white list
Device identification, then illustrate that first terminal equipment was once successfully established equipment with second terminal equipment and connect, at this time then can be with
Check information corresponding with the second terminal equipment is determined according to the equipment white list.
In the present embodiment, it during establishing equipment connection, not only needs to identify device identification, also pass through
It introduces check information and further enhances safety, for first terminal equipment, each Zeng Yuqi was successfully established equipment company
The terminal device connect, exist a corresponding check information, the check information include but is not limited to number, character string,
The concrete forms such as picture, sound, and the check information of different terminal devices is also different.
In the equipment white list, the corresponding pass between the device identification of each terminal device and check information is stored
System, as shown in the table:
By the inquiry equipment white list, that is, it can determine check information corresponding with the second terminal equipment, for example,
If the device identification of second terminal equipment is device identification C, it can determine corresponding check information for verification by inquiry
Information 3.
After determining check information corresponding with the second terminal equipment, the first terminal equipment can be to institute
Second terminal equipment sending device connection request is stated, is connected with the equipment established between the second terminal equipment.
Device identification and the check information in the equipment connection request including the first terminal equipment.With first
Terminal device is similar, locally also stores an equipment white list in second terminal equipment, has recorded institute in the equipment white list
There is the device identification that the terminal device that equipment is connect once was successfully established with second terminal equipment, second terminal equipment is receiving
After the equipment connection request sent to first terminal equipment, first terminal equipment is searched in the equipment white list being locally stored
Device identification, if finding the device identification of first terminal equipment in the equipment white list, illustrate first terminal equipment with
Second terminal equipment was once successfully established equipment connection, at this time then can be whole according to equipment white list determination and described first
The corresponding check information of end equipment.Finally, the check information and first that second terminal equipment can will be determined from equipment white list
The check information in equipment connection request that terminal device is sent is compared, if the two is consistent, illustrates first terminal equipment
Be it is trusty, then the equipment that can establish between first terminal equipment is connect.
It should be noted that the above process is that first terminal equipment was once successfully established equipment company with second terminal equipment
The case where connecing, and if the two was not successfully established equipment connection, the first terminal equipment is in the list of devices
The device identification less than second Bluetooth terminal will be searched, at this point, step S102 as shown in Figure 1 and its subsequent then can be performed
Step, when the safety index of second terminal equipment is greater than the threshold value, after the two sets up equipment connection, first terminal at this time
Equipment can then execute step as shown in Figure 2:
Step S201, the device identification of the first terminal equipment is obtained, and according to the equipment of the first terminal equipment
The device identification of mark and the second terminal equipment generates check information.
In the present embodiment, a check information library is pre-set in first terminal equipment, in the check information library
It include numerous can be the check information of other terminal devices distribution, generally, first terminal equipment can be from specified
The check information library is downloaded or updated in server.
After the device identification for getting itself, first terminal equipment can calculate the check information according to the following formula and exist
Serial number in the check information library:
CheckInfoSq=HashFunc [Linkage (EquipID1, EquipID2)]
Wherein, EquipID1 is the device identification of the first terminal equipment, and EquipID2 is the second terminal equipment
Device identification, Linkage (EquipID1, EquipID2) is the character constituted that EquipID1 and EquipID2 are linked in sequence
String, HashFunc are preset hash function, and CheckInfoSq is the check information serial number being calculated.
All hash functions are all just like next fundamental characteristics: if two cryptographic Hash are different (according to same
Hash function), then being originally inputted for the two cryptographic Hash is also different.This characteristic makes hash function have certainty
Result.But then, outputting and inputting for hash function is not unique corresponding relation, if two cryptographic Hash are identical,
Two input values are likely to identical, it is also possible to different, such case is known as " Hash collision ", this is usually two differences
Input value, deliberately calculate identical output valve.But it for hash function commonly used in the prior art, collides
Probability it is extremely low, almost can be ignored, input some data and calculate cryptographic Hash, then part change input value, one
Hash function with strong aliasing characteristics can generate an entirely different cryptographic Hash.Hash function in the present embodiment can wrap
Any one hash function commonly used in the prior art such as include but be not limited to MD4, MD5, SHA1.
After completing above-mentioned calculating, what first terminal equipment can be searched and be calculated in the check information library
The corresponding check information of check information serial number.
Step S202, the corresponding relationship between the second terminal equipment and the check information is stored into the equipment
In white list.
Step S203, the check information is sent to the second terminal equipment, so that the second terminal equipment is deposited
Store up the corresponding relationship between the first terminal equipment and the check information.
In this way, be added in the equipment white list that first terminal equipment is locally stored the second terminal equipment with it is described
Corresponding relationship between check information, and described first is added in the equipment white list that second terminal equipment is locally stored eventually
Corresponding relationship between end equipment and the check information, when first terminal equipment and second terminal equipment carry out equipment company again
When connecing in succession, the equipment connection request of the check information directly can be carry by transmission to realize equipment between the two
Connection.
In above procedure, first terminal equipment is the promoter of equipment connection connection, when first terminal equipment is equipment company
When the recipient connect in succession, first terminal equipment can then execute following steps:
The first terminal equipment is set from described first after receiving the equipment connection request that third terminal equipment is sent
Device identification and the check information of the third terminal equipment are extracted in standby connection request.
Wherein, third terminal equipment can be terminal device identical with second terminal equipment, be also possible to second eventually
The different terminal device of end equipment.
If not including check information in the equipment connection request, illustrate first terminal equipment and third terminal equipment
Between be not successfully established equipment connection, at this point, first terminal equipment first to the server send history linkage record
Inquiry request includes the device identification of the third terminal equipment in the history linkage record inquiry request, then receives institute
It states the history linkage record of the third terminal equipment of server feedback, and calculates described the according to the history linkage record
The safety index of three terminal devices.If the safety index is less than or equal to the threshold value, the connection request can be refused, if
The safety index is greater than the threshold value, then can receive the connection request, it is established that between the third terminal equipment
Equipment connects (connection for the first time between the two).After establishing equipment connection, first terminal equipment receives third terminal equipment
The check information generated and sent, and the corresponding relationship between the third terminal equipment and the check information is added into this
In the equipment white list on ground, in this way, then can when first terminal equipment carries out with third terminal equipment equipment again and connect connection
Safety is confirmed by the comparison to check information.
If including check information in the equipment connection request, illustrate between first terminal equipment and third terminal equipment
It was once successfully established equipment connection, at this point, first terminal equipment can search the third terminal in the equipment white list
The device identification of equipment.If searching the device identification less than the third terminal equipment in the equipment white list, illustrate
There are security risks for third terminal equipment, no longer carry out pairing connection with third terminal equipment, if in the equipment white list
The device identification of the third terminal equipment is found, then according to equipment white list determination and the third terminal equipment pair
The check information answered.If the check information in the equipment connection request is believed with the verification determined according to the equipment white list
Breath is consistent, then illustrate third terminal equipment be it is trusty, then the equipment that can establish between third terminal equipment is connect,
If the two is inconsistent, illustrating third terminal equipment, there are security risks, no longer carry out pairing connection with third terminal equipment.
Further, it is contemplated that verified if always reusing the same check information between two terminal devices
It compares, then can exist by rogue device is intercepted and captured and is forged risk.In order to solve this problem, when first terminal equipment and second
After terminal device is successfully established equipment connection for the first time, what first terminal equipment automatically generated is no longer single check information, and
It is a check information set, includes more than two check informations in the check information set.
It specifically, include numerous in pre-set check information library in the first terminal equipment can be it
The check information set of its terminal device distribution, first terminal equipment can calculate and the second terminal equipment pair according to the following formula
The check information answered is integrated into the serial number in the check information library:
CheckSetSq=HashFunc [Linkage (EquipID1, EquipID2)]
Wherein, CheckSetSq is the serial number for the check information set being calculated.
After completing above-mentioned calculating, what first terminal equipment can be searched and be calculated in the check information library
The corresponding check information set of check information set numbers.Then, first terminal equipment can be by the second terminal equipment and institute
It states the corresponding relationship between check information set to be stored into the equipment white list, and the check information is sent to described
Second terminal equipment, so that the second terminal equipment stores between the first terminal equipment and the check information set
Corresponding relationship.
When first terminal equipment receives the equipment link order that user issues, first terminal equipment and second terminal equipment are again
When secondary progress equipment connection connection, the device identification of second terminal equipment, and further root are searched first in equipment white list
Check information set corresponding with the second terminal equipment is determined according to the equipment white list, due in the check information set
There is multiple check informations, and during primary equipment connects, it is only necessary to one of check information is used,
Therefore, a check information namely preferred check information can be therefrom selected by random number Algorithms of Selecting.
Real random number be generated using physical phenomenon, such as toss up, dice, runner, using electronic component
Noise, nuclear fission etc..Such randomizer is called physical randomizer, they the shortcomings that be technical requirements
It is relatively high.It is often sufficient in practical applications using pseudo random number.These ordered series of numbers are " seeming " random numbers, actually it
Be to be generated by a fixed, recursive calculation method.They are not truly random, because they are actually
It can calculate, but they have the statistical nature similar to random number.In the present embodiment preferably by default
Pseudo-random number generator generate a random number, then calculate according to the following formula in the check information set with it is described random
The corresponding preferred check information of number:
SelInfoSq=MOD (RandomNum, N)+1
Wherein, MOD is MOD function, and RandomNum is the random number, and N is the verification in the check information set
The sum of information, SelInfoSq are serial number of the preferred check information in the check information set.
For example, as follows if finding check information set:
Check information set=check information 1, check information 2, check information 3 ..., check information 100 and it is random
Number is 876, then therefrom chooses the 77th check information as the preferred check information finally determined.
After determining preferred check information, first terminal equipment, should to second terminal equipment sending device connection request
Device identification and the check information and random number in equipment connection request including the first terminal equipment
RandomNum.It is similar with first terminal equipment, an equipment white list, the equipment are locally also stored in second terminal equipment
All device identifications that the terminal device that equipment is connect once was successfully established with second terminal equipment are had recorded in white list, the
Two terminal devices are looked into the equipment white list being locally stored after the equipment connection request for receiving the transmission of first terminal equipment
The device identification of first terminal equipment is looked for, if finding the device identification of first terminal equipment in the equipment white list, is said
Bright first terminal equipment was once successfully established equipment with second terminal equipment and connect, at this time then can be according to the equipment white list
It determines check information set corresponding with the first terminal equipment, and is therefrom selected preferably according to random number R andomNum
Check information, finally, second terminal equipment can send the check information and first terminal equipment that determine from equipment white list
Equipment connection request in check information be compared, if the two is consistent, illustrate first terminal equipment be it is trusty, then
The equipment that can establish between first terminal equipment is connect.
In this way, even if rogue device has intercepted first terminal equipment and second terminal equipment secondary device
The check information used when connection, but since each check information has randomness, next check information and last time
Check information is not identical, still can be since check information can not if rogue device is verified using the check information of intercepting and capturing
It compares successfully and is identified, to substantially increase the safety of equipment connection.
In conclusion equipment link order (its that the first terminal equipment in the embodiment of the present invention is issued in reception user
In include second terminal equipment device identification) after, first to preset server send history linkage record inquiry request
(including the device identification of the second terminal equipment) then receives the second terminal equipment of the server feedback
History linkage record, and calculate according to the history linkage record safety index of the second terminal equipment.If the peace
Total index number is greater than preset threshold value, then to the second terminal equipment sending device connection request, to establish with described second eventually
Equipment connection between end equipment.Using history linkage record as the safety for the terminal device for treating connection in the embodiment of the present invention
The foundation that property is assessed is greatly reduced and is trespassed to identify the terminal device of malice in advance, causes economic damage
The risk of mistake.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in above-described embodiment, each process
Execution sequence should be determined by its function and internal logic, the implementation process without coping with the embodiment of the present invention constitutes any limit
It is fixed.
The embodiment of the present invention is shown corresponding to a kind of terminal device safe verification method, Fig. 3 described in foregoing embodiments
A kind of one embodiment structure chart of the terminal device safety verification device provided.
In the present embodiment, a kind of terminal device safety verification device may include:
Equipment link order receiving module 301 receives the equipment link order that user issues, institute for first terminal equipment
State the device identification in equipment link order including second terminal equipment;
Inquiry request sending module 302, it is described to go through for sending history linkage record inquiry request to preset server
It include the device identification of the second terminal equipment in history linkage record inquiry request;
Linkage record receiving module 303 connects for receiving the history of the second terminal equipment of the server feedback
Connect record;
Safety index computing module 304, for calculating the peace of the second terminal equipment according to the history linkage record
Total index number;
First connection request sending module 305, if being greater than preset threshold value for the safety index, to described second
Terminal device sending device connection request is connected with the equipment established between the second terminal equipment, the equipment connection
It include the device identification of the first terminal equipment in request.
Further, the safety index computing module may include:
Drawing Feedback Information unit, for extracted from the history linkage record each reference terminal equipment pair with it is described
The feedback information of equipment connection procedure between second terminal equipment, the reference device terminal are and the second terminal equipment
Between established equipment connection terminal device;
Number statistical unit, for counting the number of positive feedback information and the number of negative feedback information respectively;
Safety index computing unit, for calculating the safety index of the second terminal equipment according to the following formula:
Wherein, PosFbNum is the number of the positive feedback information, and NegFbNum is the number of the negative feedback information
Mesh, BaseNum are preset benchmark number, and BaseIdx is preset benchmark index, and Ceil is the function that rounds up, and Min is to ask
Minimum value function, SafeIdx are the safety index of the second terminal equipment.
Further, the terminal device safety verification device can also include:
Check information generation module, for obtaining the device identification of the first terminal equipment, and eventually according to described first
The device identification of end equipment and the device identification of the second terminal equipment generate check information;
Check information memory module, for depositing the corresponding relationship between the second terminal equipment and the check information
It stores up in the equipment white list;
Check information sending module, for the check information to be sent to the second terminal equipment, so that described
Two terminal devices store the corresponding relationship between the first terminal equipment and the check information.
Further, the check information generation module may include:
Serial number computing unit, for calculating serial number of the check information in preset check information library according to the following formula:
CheckInfoSq=HashFunc [Linkage (EquipID1, EquipID2)]
Wherein, EquipID1 is the device identification of the first terminal equipment, and EquipID2 is the second terminal equipment
Device identification, Linkage (EquipID1, EquipID2) is the character constituted that EquipID1 and EquipID2 are linked in sequence
String, HashFunc are preset hash function, and CheckInfoSq is the check information serial number being calculated;
Check information searching unit, for searching school corresponding with the check information serial number in the check information library
Test information.
Further, the terminal device safety verification device can also include:
Device identification searching module, for searching the equipment mark of the second terminal equipment in preset equipment white list
Know;
Check information determining module, if the equipment for finding the second terminal equipment in the equipment white list
Mark then determines check information corresponding with the second terminal equipment according to the equipment white list;
Second connection request sending module, for the second terminal equipment sending device connection request, with establish with
Equipment between the second terminal equipment connects, and includes the equipment mark of the first terminal equipment in the equipment connection request
Know and the check information.
Further, the check information determining module may include:
Check information set determination unit, for corresponding with the second terminal equipment according to equipment white list determination
Check information set, include more than two check informations in the check information set;
Random number generation unit, for generating a random number by preset pseudo-random number generator;
It is preferred that check information selection unit, for calculate according to the following formula in the check information set with the random number
Corresponding preferred check information:
SelInfoSq=MOD (RandomNum, N)+1
Wherein, MOD is MOD function, and RandomNum is the random number, and N is the verification in the check information set
The sum of information, SelInfoSq are serial number of the preferred check information in the check information set.
Further, the equipment connecting device can also include:
Equipment connection request receiving module receives the equipment that third terminal equipment is sent for the first terminal equipment and connects
Request is connect, and extracts device identification and the check information of the third terminal equipment from the equipment connection request;
Device identification searching module, for searching the equipment mark of the third terminal equipment in the equipment white list
Know;
Check information determining module, if the equipment for finding the third terminal equipment in the equipment white list
Mark then determines check information corresponding with the third terminal equipment according to the equipment white list;
Equipment connection establishment module, if for the check information in the equipment connection request and according to the white name of the equipment
The check information singly determined is consistent, then the equipment established between the third terminal equipment connects.
It is apparent to those skilled in the art that for convenience and simplicity of description, the device of foregoing description,
The specific work process of module and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, is not described in detail or remembers in some embodiment
The part of load may refer to the associated description of other embodiments.
The schematic block diagram that Fig. 4 shows a kind of terminal device provided in an embodiment of the present invention is only shown for ease of description
Part related to the embodiment of the present invention.
In the present embodiment, the terminal device 4 can be mobile phone, notebook, tablet computer etc. and calculate equipment.The terminal
Equipment 4 can include: processor 40, memory 41 and be stored in the memory 41 and can be run on the processor 40
Computer-readable instruction 42, such as execute the computer-readable instruction of above-mentioned terminal device safe verification method.The place
Reason device 40 realizes the step in above-mentioned each terminal device safe verification method embodiment when executing the computer-readable instruction 42
Such as step S101 to S104 shown in FIG. 1 suddenly,.Alternatively, reality when the processor 40 executes the computer-readable instruction 42
The function of each module/unit in existing above-mentioned each Installation practice, such as the function of module 301 to 305 shown in Fig. 3.
Illustratively, the computer-readable instruction 42 can be divided into one or more module/units, one
Or multiple module/units are stored in the memory 41, and are executed by the processor 40, to complete the present invention.Institute
Stating one or more module/units can be the series of computation machine readable instruction section that can complete specific function, the instruction segment
For describing implementation procedure of the computer-readable instruction 42 in the terminal device 4.
The processor 40 can be central processing unit (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit
(Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor is also possible to any conventional processor
Deng.
The memory 41 can be the internal storage unit of the terminal device 4, such as the hard disk or interior of terminal device 4
It deposits.The memory 41 is also possible to the External memory equipment of the terminal device 4, such as be equipped on the terminal device 4
Plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card dodge
Deposit card (Flash Card) etc..Further, the memory 41 can also both include the storage inside list of the terminal device 4
Member also includes External memory equipment.The memory 41 is for storing the computer-readable instruction and the terminal device 4
Required other instruction and datas.The memory 41 can be also used for temporarily storing the number that has exported or will export
According to.
The functional units in various embodiments of the present invention may be integrated into one processing unit, is also possible to each
Unit physically exists alone, and can also be integrated in one unit with two or more units.Above-mentioned integrated unit both may be used
To use formal implementation of hardware, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer readable storage medium.Based on this understanding, technical solution of the present invention substantially or
Person says that all or part of the part that contributes to existing technology or the technical solution can body in the form of software products
Reveal and, which is stored in a storage medium, including several computer-readable instructions are used so that one
Platform computer equipment (can be personal computer, server or the network equipment etc.) executes described in each embodiment of the present invention
The all or part of the steps of method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM, Read-
Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk etc. are various can be with
Store the medium of computer-readable instruction.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although referring to aforementioned reality
Applying example, invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each
Technical solution documented by embodiment is modified or equivalent replacement of some of the technical features;And these are modified
Or replacement, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.
Claims (10)
1. a kind of terminal device safe verification method characterized by comprising
First terminal equipment receives the equipment link order that user issues, and includes second terminal equipment in the equipment link order
Device identification;
History linkage record inquiry request is sent to preset server, includes described in the history linkage record inquiry request
The device identification of second terminal equipment;
The history linkage record of the second terminal equipment of the server feedback is received, and according to the history linkage record
Calculate the safety index of the second terminal equipment;
If the safety index is greater than preset threshold value, to the second terminal equipment sending device connection request, to establish
Equipment between the second terminal equipment is connect, and includes the equipment of the first terminal equipment in the equipment connection request
Mark.
2. terminal device safe verification method according to claim 1, which is characterized in that described to be connected according to the history
The safety index that record calculates the second terminal equipment includes:
Connect from the equipment extracted in the history linkage record between each reference terminal equipment pair and the second terminal equipment
The feedback information of termination process, the reference device terminal are that the terminal that equipment is connect was established between the second terminal equipment
Equipment;
The number of positive feedback information and the number of negative feedback information are counted respectively;
The safety index of the second terminal equipment is calculated according to the following formula:
Wherein, PosFbNum is the number of the positive feedback information, and NegFbNum is the number of the negative feedback information,
BaseNum is preset benchmark number, and BaseIdx is preset benchmark index, and Ceil is the function that rounds up, and Min is to ask most
Small value function, SafeIdx are the safety index of the second terminal equipment.
3. terminal device safe verification method according to claim 1, which is characterized in that establishing and the second terminal
After equipment connection between equipment, further includes:
The device identification of the first terminal equipment is obtained, and according to the device identification of the first terminal equipment and described second
The device identification of terminal device generates check information;
Corresponding relationship between the second terminal equipment and the check information is stored into preset equipment white list;
The check information is sent to the second terminal equipment, so that the second terminal equipment stores the first terminal
Corresponding relationship between equipment and the check information.
4. terminal device safe verification method according to claim 3, which is characterized in that described according to the first terminal
The device identification of equipment and the device identification of the second terminal equipment generate check information
Serial number of the check information in preset check information library is calculated according to the following formula:
CheckInfoSq=HashFunc [Linkage (EquipID1, EquipID2)]
Wherein, EquipID1 is the device identification of the first terminal equipment, and EquipID2 is setting for the second terminal equipment
Standby mark, Linkage (EquipID1, EquipID2) are the character string constituted that EquipID1 and EquipID2 is linked in sequence,
HashFunc is preset hash function, and CheckInfoSq is the check information serial number being calculated;
Check information corresponding with the check information serial number is searched in the check information library.
5. terminal device safe verification method according to claim 1, which is characterized in that in the equipment that reception user issues
After link order, further includes:
The device identification of the second terminal equipment is searched in preset equipment white list;
If finding the device identification of the second terminal equipment in the equipment white list, according to the equipment white list
Determine check information corresponding with the second terminal equipment;
To the second terminal equipment sending device connection request, connected with the equipment established between the second terminal equipment
It connects, device identification and the check information in the equipment connection request including the first terminal equipment.
6. terminal device safe verification method according to claim 5, which is characterized in that described according to the white name of the equipment
It is single to determine that check information corresponding with the second terminal equipment includes:
Check information set corresponding with the second terminal equipment, the check information collection are determined according to the equipment white list
It include more than two check informations in conjunction;
A random number is generated by preset pseudo-random number generator;
The preferred check information corresponding with the random number in the check information set is calculated according to the following formula:
SelInfoSq=MOD (RandomNum, N)+1
Wherein, MOD is MOD function, and RandomNum is the random number, and N is the check information in the check information set
Sum, SelInfoSq be serial number of the preferred check information in the check information set.
7. terminal device safe verification method according to any one of claim 1 to 6, which is characterized in that further include:
The first terminal equipment receives the equipment connection request that third terminal equipment is sent, and from the equipment connection request
Extract device identification and the check information of the third terminal equipment;
The device identification of the third terminal equipment is searched in the equipment white list;
If finding the device identification of the third terminal equipment in the equipment white list, according to the equipment white list
Determine check information corresponding with the third terminal equipment;
If the check information in the equipment connection request is consistent with the check information determined according to the equipment white list,
The equipment established between the third terminal equipment connects.
8. a kind of terminal device safety verification device characterized by comprising
Equipment link order receiving module receives the equipment link order that user issues, the equipment for first terminal equipment
It include the device identification of second terminal equipment in link order;
Inquiry request sending module, for sending history linkage record inquiry request, the history connection to preset server
It include the device identification of the second terminal equipment in record queries request;
Linkage record receiving module, the history linkage record of the second terminal equipment for receiving the server feedback;
Safety index computing module, for calculating the safety index of the second terminal equipment according to the history linkage record;
First connection request sending module is set if being greater than preset threshold value for the safety index to the second terminal
Standby sending device connection request is connected with the equipment established between the second terminal equipment, in the equipment connection request
Device identification including the first terminal equipment.
9. a kind of computer readable storage medium, the computer-readable recording medium storage has computer-readable instruction, special
Sign is, realizes that the terminal as described in any one of claims 1 to 7 is set when the computer-readable instruction is executed by processor
The step of standby safe verification method.
10. a kind of terminal device, including memory, processor and storage are in the memory and can be on the processor
The computer-readable instruction of operation, which is characterized in that the processor realizes such as right when executing the computer-readable instruction
It is required that described in any one of 1 to 7 the step of terminal device safe verification method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910041442.3A CN109905366B (en) | 2019-01-16 | 2019-01-16 | Terminal equipment safety verification method and device, readable storage medium and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910041442.3A CN109905366B (en) | 2019-01-16 | 2019-01-16 | Terminal equipment safety verification method and device, readable storage medium and terminal equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109905366A true CN109905366A (en) | 2019-06-18 |
| CN109905366B CN109905366B (en) | 2022-03-22 |
Family
ID=66943842
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910041442.3A Active CN109905366B (en) | 2019-01-16 | 2019-01-16 | Terminal equipment safety verification method and device, readable storage medium and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109905366B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110765082A (en) * | 2019-09-06 | 2020-02-07 | 深圳平安通信科技有限公司 | Hadoop file processing method and device, storage medium and server |
| CN114390506A (en) * | 2020-10-16 | 2022-04-22 | 海尔优家智能科技(北京)有限公司 | Egg rack connecting method and device, storage medium and electronic device |
| CN115499199A (en) * | 2022-09-14 | 2022-12-20 | 重庆长安汽车股份有限公司 | Vehicle safety communication method and device, vehicle and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100146134A1 (en) * | 2008-12-09 | 2010-06-10 | Sony Corporation | Communication device, communication method and program |
| CN105099705A (en) * | 2015-08-19 | 2015-11-25 | 同方计算机有限公司 | Safety communication method and system based on USB protocol |
| CN205029678U (en) * | 2015-08-19 | 2016-02-10 | 同方计算机有限公司 | Secure communication system based on USB agreement |
| WO2016062002A1 (en) * | 2014-10-20 | 2016-04-28 | 小米科技有限责任公司 | Connection management method and apparatus, electrical device |
| US20160248771A1 (en) * | 2015-02-25 | 2016-08-25 | Alibaba Group Holding Limited | Methods, apparatus, and systems for identity authentication |
| CN105933266A (en) * | 2015-08-20 | 2016-09-07 | 中国银联股份有限公司 | Verification method and server |
| CN106412909A (en) * | 2016-10-19 | 2017-02-15 | 广东欧珀移动通信有限公司 | Device connection method and device |
| US20180330360A1 (en) * | 2016-01-25 | 2018-11-15 | Alibaba Group Holding Limited | Credit payment method and apparatus based on card emulation of mobile terminal |
-
2019
- 2019-01-16 CN CN201910041442.3A patent/CN109905366B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100146134A1 (en) * | 2008-12-09 | 2010-06-10 | Sony Corporation | Communication device, communication method and program |
| WO2016062002A1 (en) * | 2014-10-20 | 2016-04-28 | 小米科技有限责任公司 | Connection management method and apparatus, electrical device |
| US20160248771A1 (en) * | 2015-02-25 | 2016-08-25 | Alibaba Group Holding Limited | Methods, apparatus, and systems for identity authentication |
| CN105099705A (en) * | 2015-08-19 | 2015-11-25 | 同方计算机有限公司 | Safety communication method and system based on USB protocol |
| CN205029678U (en) * | 2015-08-19 | 2016-02-10 | 同方计算机有限公司 | Secure communication system based on USB agreement |
| CN105933266A (en) * | 2015-08-20 | 2016-09-07 | 中国银联股份有限公司 | Verification method and server |
| US20180330360A1 (en) * | 2016-01-25 | 2018-11-15 | Alibaba Group Holding Limited | Credit payment method and apparatus based on card emulation of mobile terminal |
| CN106412909A (en) * | 2016-10-19 | 2017-02-15 | 广东欧珀移动通信有限公司 | Device connection method and device |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110765082A (en) * | 2019-09-06 | 2020-02-07 | 深圳平安通信科技有限公司 | Hadoop file processing method and device, storage medium and server |
| CN110765082B (en) * | 2019-09-06 | 2023-11-24 | 深圳平安通信科技有限公司 | Hadoop file processing method and device, storage medium and server |
| CN114390506A (en) * | 2020-10-16 | 2022-04-22 | 海尔优家智能科技(北京)有限公司 | Egg rack connecting method and device, storage medium and electronic device |
| CN114390506B (en) * | 2020-10-16 | 2023-10-27 | 海尔优家智能科技(北京)有限公司 | Egg frame connection method and device, storage medium and electronic device |
| CN115499199A (en) * | 2022-09-14 | 2022-12-20 | 重庆长安汽车股份有限公司 | Vehicle safety communication method and device, vehicle and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109905366B (en) | 2022-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109558748B (en) | Data processing method and device, electronic equipment and storage medium | |
| EP3373543B1 (en) | Service processing method and apparatus | |
| CN107872772B (en) | Method and device for detecting fraud short messages | |
| CN105590055B (en) | Method and device for identifying user credible behaviors in network interaction system | |
| CN108898390A (en) | Intelligent contract call method and device, electronic equipment based on block chain | |
| CN106357612A (en) | Method and device for review of authentication records based on public block chains | |
| CN109344611B (en) | Application access control method, terminal equipment and medium | |
| CN109905366A (en) | Terminal device safe verification method, device, readable storage medium storing program for executing and terminal device | |
| TW201828212A (en) | Method for adjusting risk parameter, and method and device for risk identification | |
| CN108090351A (en) | For handling the method and apparatus of request message | |
| CN109587669A (en) | A kind of Bluetooth pairing methods, device, readable storage medium storing program for executing and terminal device | |
| Ivanova et al. | Attack tree generation by policy invalidation | |
| CN111859368A (en) | Weak password generation method, password detection method, device and electronic equipment | |
| US20230050771A1 (en) | Method for determining risk level of instance on cloud server, and electronic device | |
| CN105554763B (en) | A kind of method and server detecting pseudo-base station central number | |
| CN109918191A (en) | A kind of method and apparatus of the anti-frequency of service request | |
| CN110033278A (en) | Risk Identification Method and device | |
| CN110099041A (en) | A kind of Internet of Things means of defence and equipment, system | |
| US10706148B2 (en) | Spatial and temporal convolution networks for system calls based process monitoring | |
| CN113656497A (en) | Data verification method and device based on block chain | |
| CN109041049A (en) | A kind of addressing method of mobile terminal, device for addressing and terminal device | |
| CN106411923B (en) | Network risk assessment method based on ontology modeling | |
| CN108171185A (en) | The method, apparatus and system of identification | |
| CN106875175B (en) | Method and device convenient for payment subject expansion | |
| CN103957104A (en) | Dynamic token anti-phishing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |