CN112417401A - Account verification method, device and system and computer readable storage medium - Google Patents
Account verification method, device and system and computer readable storage medium Download PDFInfo
- Publication number
- CN112417401A CN112417401A CN202011353976.9A CN202011353976A CN112417401A CN 112417401 A CN112417401 A CN 112417401A CN 202011353976 A CN202011353976 A CN 202011353976A CN 112417401 A CN112417401 A CN 112417401A
- Authority
- CN
- China
- Prior art keywords
- account
- certificate
- trust
- client
- trust certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 146
- 238000000034 method Methods 0.000 title claims abstract description 44
- 230000001360 synchronised effect Effects 0.000 claims description 12
- 230000004044 response Effects 0.000 abstract description 6
- 230000003993 interaction Effects 0.000 description 10
- 230000002452 interceptive effect Effects 0.000 description 8
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 2
- 210000001503 joint Anatomy 0.000 description 2
- 230000000694 effects Effects 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an account identification method, an account identification device, an account identification system and a readable storage medium, which are applied to the field of Internet, wherein the account identification method comprises the following steps: receiving an account certificate sent by the client, wherein the account certificate is a unique identity identification mark which is provided by an account management platform to the client and reflects user login information; synchronously acquiring a trust certificate of the account management platform, wherein the trust certificate is associated with the account certificate and is used for confirming data information of user identity authenticity provided by the client; and locally verifying the account certificate according to the trust certificate, and confirming the user login information of the account certificate. Compared with the prior art, the account verification method provided by the application effectively improves the success rate of account verification, shortens the response time of responding to the client request, and optimizes the use experience of a user.
Description
Technical Field
The invention relates to the field of internet, in particular to an account verification method, an account verification device, an account verification system and a computer-readable storage medium.
Background
In the prior art, a server associated with a client is in butt joint with an account management terminal, and each time a user requests to call related information of the server through the client, the account management terminal is called through an obtained account certificate by an account certificate server, the authenticity of the account certificate is verified through the account management terminal, the server returns after the account information provided by the client is confirmed to be correct, and related data is called to the client. The server is connected with the account management terminal, so that the response speed is reduced, and a certain failure rate exists, so that the user experience is poor.
Disclosure of Invention
The invention mainly aims to provide an account verification method and aims to solve the technical problem which cannot be realized in the prior art.
In order to achieve the above object, the present invention provides an account verification method, including the following steps:
receiving an account certificate sent by the client, wherein the account certificate is a unique identity identification mark which is provided by an account management platform to the client and reflects user login information;
synchronously acquiring a trust certificate of the account management platform, wherein the trust certificate is associated with the account certificate and is used for confirming data information of user identity authenticity provided by the client;
and locally verifying the account certificate according to the trust certificate, and confirming the user login information of the account certificate.
The step of synchronously acquiring the trust certificate of the account management platform comprises the following steps:
receiving credential updating information pushed by the account management platform, wherein the credential updating information is notification information sent by the account management platform when the trust credential changes;
and receiving the trust certificate updated by the account management platform, and updating the locally stored trust certificate.
The step of synchronously acquiring the trust certificate of the account management platform comprises the following steps:
presetting a timing task for acquiring a trust certificate;
and periodically acquiring the trust certificate synchronized by the account management platform according to the period set by the task of acquiring the trust certificate timing, and synchronously updating the locally stored trust certificate.
The step of synchronously acquiring the trust certificate of the account management platform comprises the following steps:
presetting the task of obtaining the trust certificate at regular time, periodically obtaining the trust certificate synchronized by the account management platform at regular time, and synchronously updating the locally stored trust certificate;
and/or the presence of a gas in the gas,
receiving the certificate updating information pushed by the account management platform, receiving the trust certificate updated by the account management platform, and synchronously updating the locally stored trust certificate.
The step of synchronously acquiring the trust certificate of the account management platform comprises the following steps:
setting a trust certificate storage database, wherein the trust certificate storage database is used for storing the updated trust certificate sent by the account management platform;
and accessing the trust certificate storage database, and reading the updated trust certificate in the trust certificate storage database.
The steps of locally verifying the account credential according to the trust credential and confirming the user login information of the account credential comprise:
and calling the trust certificate stored in the trust certificate storage database, calling an encryption algorithm locally to verify whether the account certificate sent by the client is correct, and verifying the account login information of the client.
The steps of locally verifying the account credential according to the trust credential and confirming the user login information of the account credential comprise:
calling the updated locally stored trust certificate, and locally calling an encryption algorithm to verify whether the account certificate sent by the client is matched with the trust certificate;
if the account certificate is matched with the trust certificate after being verified by the encryption algorithm, opening a data port corresponding to the account certificate to the client;
and if the account certificate and the trust certificate are not matched after being verified by the encryption algorithm, sending a prompt message that the account certificate is wrong to the client.
In addition, to achieve the above object, the present invention also provides an account verification apparatus, including: the account verification program is stored on the memory and can run on the processor, and when being executed by the processor, the account verification program realizes the steps of the account verification method.
The invention also provides an account verification system, which comprises:
the intelligent terminal is provided with a client corresponding to the account verification device and is used for calling a client login account, acquiring an account certificate sent by an account verification server, accessing the account verification device according to the account certificate and acquiring data from the account verification device;
the account management terminal is used for operating the account management platform, sending an account certificate to the intelligent terminal, and synchronizing a trust certificate to the account verification device;
the account verification device is connected with the client installed on the intelligent terminal and used for receiving a data request instruction of the client and verifying an account certificate corresponding to the request instruction according to a trust certificate synchronized by the account management terminal;
the account verification system realizes the steps of the account verification method when being executed.
The invention also provides a computer-readable storage medium, on which an account verification program is stored, which, when executed by a processor, implements the steps of the account verification method as described above.
The account verification method provided by the embodiment of the invention receives an account certificate sent by a client through a server corresponding to the client, determines the login identity of a client user through the account certificate, and judges whether the login user has a corresponding request right; the server synchronizes a trust certificate of the account management platform corresponding to the account certificate, locally verifies the account certificate at the server according to the trust certificate, and determines user login information of the account certificate. The condition that the server needs to request the account management platform for verification when receiving the client request every time and the account management platform verifies is avoided, the account verification success rate is improved, the response time of responding to the client request is shortened, and the use experience of a user is optimized.
Drawings
Fig. 1 is a schematic structural diagram of an account verification device in a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of a first embodiment of the present invention;
FIG. 3 is a schematic flow chart of a second embodiment of the present invention;
FIG. 4 is a schematic flow chart of a third embodiment of the present invention;
FIG. 5 is a schematic flow chart of a fourth embodiment of the present invention;
fig. 6 is a schematic structural diagram of an account verification system of a hardware operating environment according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The main solution of the embodiment of the application is as follows: receiving an account certificate sent by the client, wherein the account certificate is a unique identity identification mark which is provided by an account management platform to the client and reflects user login information;
synchronously acquiring a trust certificate of the account management platform, wherein the trust certificate is associated with the account certificate and is used for confirming data information of user identity authenticity provided by the client;
and locally verifying the account certificate according to the trust certificate, and confirming the user login information of the account certificate.
In the prior art, a server corresponding to a client is in butt joint with an account management terminal, and each time a user requests to call related information of the server through the client, the account management terminal is called through an obtained account certificate by the account certificate server, the authenticity of the account certificate is verified through the account management terminal, the server returns after the account information provided by the client is confirmed to be correct, and related data is called to the client. The server is connected with the account management terminal, so that the response speed is reduced, and a certain failure rate exists, so that the user experience is poor.
The account verification method provided by the embodiment of the invention comprises the steps of receiving an account certificate sent by a client, determining the login identity of a client user through the account certificate, and judging whether the login user has a corresponding request right; and synchronously acquiring a trust certificate of the account management platform corresponding to the account certificate, locally verifying the account certificate at the server according to the trust certificate, and determining user login information of the account certificate. The condition that the server needs to request the account management platform for verification when receiving the client request every time and the account management platform verifies is avoided, the account verification success rate is improved, the response time of responding to the client request is shortened, and the use experience of a user is optimized.
As shown in fig. 1, fig. 1 is a schematic structural diagram of an account verification device in a hardware operating environment according to an embodiment of the present application.
As shown in fig. 1, the account number verification apparatus may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, a communication bus 1002. The communication bus 1002 is used for realizing connection and communication among the components. The user interface 1003 includes a Display (Display) and an input unit such as a Keyboard (Keyboard), and optionally, the user interface 1003 may include a standard wired interface, a wireless interface, and the network interface 1004 may include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Optionally, the account number authentication device may include an RF (Radio Frequency) circuit, a sensor, a remote controller, a camera, a microphone, a WiFi module, a detector, and the like. Certainly, the account verification device may also be configured with other sensors such as a gyroscope, a barometer, a hygrometer and a temperature sensor, which are not described herein again.
Those skilled in the art will appreciate that the configuration of the account number authentication device shown in FIG. 1 does not constitute a limitation of the account number authentication device, and may include more or fewer components than shown, or some components in combination, or a different arrangement of parts.
As shown in fig. 1, a memory 1005, which is a kind of computer-readable storage medium, may include therein an operating system, a network communication module, a user interface module, and an account verification program.
In the account verification apparatus shown in fig. 1, the network interface 1004 is mainly used for accessing a network, the user interface 1003 is mainly used for receiving an operation instruction issued by a user, and the processor 1003 can be used for calling an account verification program stored in the memory 1005 and executing the following operations:
receiving an account certificate sent by the client, wherein the account certificate is a unique identity identification mark which is provided by an account management platform to the client and reflects user login information;
synchronously acquiring a trust certificate of the account management platform, wherein the trust certificate is associated with the account certificate and is used for confirming data information of user identity authenticity provided by the client;
and locally verifying the account certificate according to the trust certificate, and confirming the user login information of the account certificate.
Further, the processor 1001 may call an account number authentication program in the memory 1005 and perform the following operations:
receiving credential updating information pushed by the account management platform, wherein the credential updating information is notification information sent by the account management platform when the trust credential changes;
and receiving the trust certificate updated by the account management platform, and updating the locally stored trust certificate.
Further, the processor 1001 may call an account number authentication program in the memory 1005 and perform the following operations:
presetting a timing task for acquiring a trust certificate;
and periodically acquiring the trust certificate synchronized by the account management platform according to the period set by the task of acquiring the trust certificate timing, and synchronously updating the locally stored trust certificate.
Further, the processor 1001 may call an account number authentication program in the memory 1005 and perform the following operations:
presetting the task of obtaining the trust certificate at regular time, periodically obtaining the trust certificate synchronized by the account management platform at regular time, and synchronously updating the locally stored trust certificate;
and/or the presence of a gas in the gas,
receiving the certificate updating information pushed by the account management platform, receiving the trust certificate updated by the account management platform, and synchronously updating the locally stored trust certificate.
Further, the processor 1001 may call an account number authentication program in the memory 1005 and perform the following operations:
setting a trust certificate storage database, wherein the trust certificate storage database is used for storing the updated trust certificate sent by the account management platform;
and accessing the trust certificate storage database, and reading the updated trust certificate in the trust certificate storage database.
Further, the processor 1001 may call an account number authentication program in the memory 1005 and perform the following operations:
and calling the trust certificate stored in the trust certificate storage database, calling an encryption algorithm locally to verify whether the account certificate sent by the client is correct, and verifying the account login information of the client.
Further, the processor 1001 may call an account number authentication program in the memory 1005 and perform the following operations:
calling the updated locally stored trust certificate, and locally calling an encryption algorithm to verify whether the account certificate sent by the client is matched with the trust certificate;
if the account certificate is matched with the trust certificate after being verified by the encryption algorithm, opening a data port corresponding to the account certificate to the client;
and if the account certificate and the trust certificate are not matched after being verified by the encryption algorithm, sending a prompt message that the account certificate is wrong to the client.
Based on the hardware structure of the account verification device, the embodiments of the account verification method are provided.
Referring to fig. 2, fig. 2 is a flowchart illustrating a first embodiment of an account verification method according to the present invention.
In this embodiment, the account verification method includes:
step S101: receiving an account certificate provided by the client, wherein the account certificate is a user identity identification mark provided by an account verification platform to the client;
in this embodiment, optionally, the account verification device may be a server or other intelligent terminal corresponding to an application client installed on the user intelligent terminal, and the account verification device may receive an operation instruction issued by a user through the application client, respond to the operation instruction of the user, and feed back the operation instruction of the user. In a specific embodiment, the account verification device is a mall server, a mall system is installed, and the account verification device is associated with a mall application client installed on the user intelligent terminal. The user can make a transaction request on the client, the client sends the transaction request of the user to the account verification device, the account verification device reads the transaction request, and after the transaction request is processed, a processing result is fed back to the client, so that the user can perform remote transaction through the client.
Specifically, before a user interacts with an account verification device using a client, the user needs to input an account and a corresponding password to log in. The account is registered by the user accessing the account registration interface of the application program, is associated with the identity of the user, and can reflect a string of characters of the identity of a login user. Alternatively, the account number is typically formed from a combination of one or more of letters, numbers, or chinese characters. After the user is successfully registered, the client uploads the account registered by the user to an account management platform running on an account management terminal associated with the application program, and an account certificate corresponding to the account is generated in the account management platform. The account management terminal is independently arranged from the account verification device and a client on the mobile terminal of the user, and provides a server or other intelligent terminals for account management for the client and the account verification device. The account certificate is a unique identity identification mark provided for a user for identifying an account when the user of a client inputs a corresponding account on a login interface of the client to log in. In one embodiment, the account credentials are 32-bit strings generated by the account management platform.
Specifically, the client receives a login account which is input by a user on a login interface generated by the client or a webpage, an account management terminal which sends the login account input by the user is checked, the account management terminal verifies whether the login account and the password of the user are matched or not, if the account management terminal verifies that the login account and the password of the user are matched, the identity information of the account is read, the application authority which is associated with the identity information is obtained, an account certificate which carries the account identity information and the application authority information is generated, and the account management terminal transmits the certificate to the client or a webpage port on a user mobile terminal. The account certificate is based on a unique identification mark associated with an account when a user logs in the account, and is used for a third-party system to confirm identity information of the user logged in the client. And the client receives the account voucher returned by the account management terminal and stores the account voucher. Optionally, in a specific embodiment, in view of account security, the account credential has a certain validity time, and after the validity time is exceeded, the account credential is invalid, the user needs to key in the account password again, and the client requests the account credential from the account management platform running on the account management terminal again according to the account password keyed in by the user.
After logging in the client, the user calls the service system associated with the client through the client, and when a request for acquiring related data is sent to the service system, the account certificate is synchronously sent for the service system to verify the identity information and the related authority of the user logged in the client.
Step S201: synchronously acquiring a trust certificate of the account management platform, wherein the trust certificate is associated with the account certificate and is used for confirming data information of user identity authenticity provided by the client;
specifically, the account verification device is a server or other intelligent terminals provided with one or more service systems associated with the client, and after a user enters an account password through a login interface of the client, the accuracy of the account password is verified at the account management terminal, and an account certificate returned after the account management terminal successfully verifies the account password is acquired. The account verification device synchronously acquires a trust certificate from an account management platform of the account management terminal, wherein the trust certificate is provided by the account management terminal and is associated with the account certificate, and information related to the account of a business system installed in the account verification device can be uniquely associated with the account and is used for confirming the authenticity of the identity of a client user and data information reflected by the account certificate.
In a specific embodiment, the account verification device is provided with a mall system, and after a user logs in a mall client and inputs an account password, the mall client obtains a verification result of the account management terminal and obtains an account credential of the user. Optionally, after obtaining the account credential of the user, the mall client sends notification information to the mall system in the account verification device, where the notification information carries the login account credential of the user. Optionally, in another specific embodiment, after verifying the account information of the user, the account verification platform of the account management terminal sends a notification message to each mall system associated with the mall client, and notifies the mall system to synchronize the trust credential associated with the account credential. The account verification device receives a notification message of a synchronous trust certificate sent by a mall client or an account management terminal, sends an acquisition request for acquiring an updated trust certificate to the account management terminal, and receives the updated trust certificate which is related to the account certificate of the user and is sent back by the account management terminal.
And S301, locally verifying the account certificate according to the trust certificate, and confirming the user login information of the account certificate.
Specifically, in this embodiment, the account verification apparatus receives an interaction request instruction sent by a user through a client, identifies a service system accessed by the interaction request instruction, and obtains an account credential that reflects user login identity information and is carried in the interaction request instruction. And calling the trust certificate which is updated by the acquired account management platform and is associated with the account certificate, and verifying the trust certificate in the account verification device with the account certificate carried by the interaction request.
Specifically, the account verification device calls a trust certificate at a service system pointed by a request interaction instruction of the client, locally analyzes the trust certificate and the account certificate by using an encryption verification algorithm at the account verification device, judges whether the account certificate sent by the client is matched with the trust certificate obtained by the account verification device, and determines that the account certificate is matched with the trust certificate if the account certificate is consistent with the trust certificate as a result of the analysis. And determining that the identity of an account number logged in by a user at a client is real and legal, judging whether the account number has the authority of acquiring the interactive data, and if the account number has the authority of acquiring the interactive data, returning service data which is requested to be acquired by the user from a related service system through the client. If the account number authority is insufficient, the account number verification device returns the notice information that the account number authority is insufficient to the client side, and the access to the service system is stopped.
Optionally, if the account verification device locally uses an encryption verification algorithm to analyze the trust certificate and the account certificate, the result of the judgment is that the account certificate and the trust certificate are inconsistent. And determining that the identity of the login user of the client is illegal. And returning error information to the client to guide the user to log in again through the client.
In a specific embodiment, a user requests to obtain related service data from a mall system installed in an account verification device through a mall client, and synchronously sends an account certificate of a client login account to the account verification device. The account verification device receives the client request and the account certificate, and locally calls the trust certificate to verify the account certificate through an encryption algorithm. If the verification is passed, the mall system determines whether the account has the authority of acquiring the service data, and if the account has the authority, the mall system returns the service data requested by the user through the client.
In this embodiment, after the account verification device receives the account credential sent by the client and synchronously obtains the trust credential of the account management platform, the account verification device locally calls the trust credential to verify the account credential through an encryption algorithm. The account number authentication device is prevented from calling the account number management system before responding to the data interaction request of the client every time, account number authentication is carried out on the account number management system, account number authentication efficiency is improved, the speed of responding to the request of the client is improved, the failure rate of account number authentication is reduced, and a user who legally logs in the client can acquire required data more quickly.
Referring to fig. 3, fig. 3 is a flowchart illustrating an account verification method according to a second embodiment of the present invention.
The difference between the second embodiment of the account number verification method and the first embodiment of the account number verification method is that a timing task is set, and a trust certificate of an account management platform is acquired at a timing, and the method comprises the following steps:
step S211: presetting a timing task for acquiring a trust certificate;
step S212: and periodically acquiring the trust certificate synchronized by the account management platform according to the period set by the task of acquiring the trust certificate timing, and synchronously updating the locally stored trust certificate.
In the embodiment, a task for acquiring the trust certificate is preset in the account verification device, a thread for acquiring the trust certificate is started in a background of the account verification device, and a request for acquiring the trust certificate is sent to an account management platform on an account management terminal by executing the thread for acquiring the trust certificate repeatedly at regular time according to the setting of a timer. Optionally, the user or the related staff can set a timing period of the trust credential timing task in a customized manner according to the actual access situation, and in a specific embodiment, the timing period is set to be one time of obtaining the trust credential at each whole point.
Optionally, the task of timing to acquire the trust certificate may also be set to execute sending a request for acquiring the trust certificate to an account management platform on the account management terminal at a specified time. And when the preset appointed time is reached, the account verification device automatically acquires the trust certificate from the account management platform. Optionally, the timing task may be set as a single timing task, or may be set as a repeated timing task. In a specific embodiment, the timing task for obtaining the trust certificate is set to be that a request for obtaining the trust certificate is automatically sent to an account management platform at 12:00, when a clock reaches 12:00, a thread for obtaining the trust certificate is started by a background of an account verification device, the request for obtaining the trust certificate is automatically sent to the account management platform, the trust certificate returned by the account management platform is received, and the trust certificate stored locally by the account verification device is updated synchronously.
Optionally, the task of timing to acquire the trust credential may also be set to execute sending a request for acquiring the trust credential to the account management platform on the account management terminal after a certain delay time after a specified time. And when the preset appointed time is reached, the account verification device automatically acquires the trust certificate from the account management platform after the preset delay time. Optionally, the timing delay task may be set as a single timing delay task, or may be set as a repeated timing delay task. Optionally, in a specific embodiment, the set timing task for obtaining the trust certificate is to automatically send a request for obtaining the trust certificate to the account management platform after 5 seconds of delay at 12:00 every day, when the clock reaches 12:00, a thread for obtaining the trust certificate is started by a timer in the account verification device counting down for 5 seconds in a background, the request for obtaining the trust certificate is automatically sent to the account management platform, the trust certificate returned by the account management platform is received, and the trust certificate locally stored in the account verification device is synchronously updated.
Specifically, the account verification device acquires the trust certificate returned by the account management platform through a timing task at regular time, and synchronizes the local trust certificate of the account verification device at regular time. When a service data request for calling a service system sent by a user through a client is obtained, a trust certificate is called locally, an account certificate of the user is verified by using an encryption algorithm, the identity of an account which is logged in by the user at the client is determined to be real and legal, whether the account has an interactive data acquisition permission or not is judged, and if the account has the interactive data acquisition permission, the service data which is obtained by the user through the client and requested to the relevant service system is returned. If the account number authority is insufficient, the account number verification device returns the notice information that the account number authority is insufficient to the client side, and the access to the service system is stopped.
In the embodiment, the account verification device can start the thread of obtaining the trust certificate at the background regularly and periodically by presetting the task of obtaining the trust certificate, sends a request for obtaining the trust certificate to the account management platform in a specified time period, receives the trust certificate returned by the account management platform, and updates the locally stored trust certificate, so that when a user sends a service request through a client, the account verification device does not need to call the account management platform to verify the account certificate, and the account verification device locally calls the updated trust certificate to verify the account certificate of the user, thereby reducing the failure rate of account verification, reducing the response time of service requests, and optimizing the use experience of the user.
Referring to fig. 4, fig. 4 is a flowchart illustrating an account verification method according to a third embodiment of the present invention.
The account verification method in the third embodiment includes:
step S221: presetting the task of obtaining the trust certificate at regular time, periodically obtaining the trust certificate synchronized by the account management platform at regular time, and synchronously updating the locally stored trust certificate;
step S222: receiving the certificate updating information pushed by the account management platform, receiving the trust certificate updated by the account management platform, and synchronously updating the locally stored trust certificate.
In this embodiment, in the account verification apparatus, a task for obtaining a trust certificate is preset in the account verification apparatus, a thread for obtaining the trust certificate is started in a background of the account verification apparatus, and a request for obtaining the trust certificate is sent to an account management platform on an account management terminal by executing the thread for obtaining the trust certificate repeatedly at regular time according to the setting of a timer. Optionally, the user or the related staff can set the timing period of the trust certificate acquisition timing task in a customized manner according to the actual access situation.
Specifically, when the time for acquiring the trust voucher at the preset timing set by the trust voucher acquisition timing task is not reached, a user logs in at a client or a webpage, the user inputs an account password through a login interface of the client, the accuracy of the account password is checked at an account management terminal, an account voucher returned after the account management terminal successfully checks the account password is acquired, the account management terminal returns the account voucher to the client, then trust voucher change notification information is sent to an account verification device, and the account verification device is notified to synchronously update the trust voucher. And the account verification device receives the trust certificate change notification information and acquires the updated trust certificate from the account management terminal.
Specifically, the account verification device acquires the trust certificate returned by the account management platform through a timing task at regular time, and synchronizes the local trust certificate of the account verification device at regular time. Before the set updating trust certificate time of the timing task is not reached, the set updating trust certificate time can be updated according to the trust certificate updating information of the account management platform, when a business data request of calling a business system sent by a user through a client is obtained, the updated trust certificate is locally called, the account certificate of the user is verified by using an encryption algorithm, the identity of an account logged in by the user at the client is determined to be real and legal, whether the account has the authority of acquiring interactive data or not is judged, and if the account has the authority of acquiring the interactive data, the business data requested to be acquired by the user from the related business system through the client is returned. If the account number authority is insufficient, the account number verification device returns the notice information that the account number authority is insufficient to the client side, and the access to the service system is stopped.
In the embodiment, the trust certificate is acquired from the account management platform at regular time through the preset trust certificate acquisition timing task, and when the time set by the trust certificate acquisition timing task is not reached, the trust certificate is updated according to the trust certificate updating information sent by the account management platform, so that the updated trust certificate is acquired in time, and the success rate of account verification by the account verification device is improved.
Referring to fig. 5, fig. 5 is a flowchart illustrating a fourth embodiment of the account verification method according to the present invention.
The fourth embodiment of the account verification method includes:
step S231: setting a trust certificate storage database;
step S232: and accessing the trust certificate storage database, and reading the updated trust certificate in the trust certificate storage database.
In this embodiment, the account verification apparatus sets a trust credential storage database, which is a data set that organizes, stores, and manages trust credentials according to a data structure. The trust certificate storage database can perform functions of inquiring, adding, deleting, setting authority management and the like on the trust certificate. Specifically, the account management terminal verifies login information of the user when the user logs in, transmits an account certificate back, and generates a trust certificate associated with the account certificate, wherein the trust certificate can be used for verifying login identity information of the user. And the account management terminal stores the trust certificate in a trust certificate storage database, and the account management terminal has read-write authority management on the trust certificate storage database. The account number verification device has the right to read the trust certificate storage database, and can call the updated trust certificate in the trust certificate storage database by accessing the trust certificate storage database.
Specifically, after logging in a client, a user sends an interaction request to a service system of an account verification device, the account verification device reads the interaction request and extracts an account certificate carried in the interaction request, the account verification device accesses a trust certificate storage database, and calls a trust certificate associated with the account certificate in the trust certificate storage database and used for verifying the trust certificate of the account certificate. And after the account number verification device acquires the trust certificate, locally calling an encryption algorithm to verify the account number certificate carried in the interaction request sent by the user. And judging whether the account certificate sent by the client is matched with the trust certificate acquired by the account verification device, and if the analysis result is that the account certificate is consistent with the trust certificate, determining that the account certificate is matched with the trust certificate. And determining that the account identification information logged in by the user at the client is correct, judging whether the account has the authority of acquiring the interactive data, and if the account has the authority of acquiring the interactive data, returning the service data which is requested to be acquired by the user from a related service system through the client. If the account number authority is insufficient, the account number verification device returns the notice information that the account number authority is insufficient to the client side, and the access to the service system is stopped.
In the embodiment, the trust certificate storage database is set, so that the trust certificate uploaded by the account verification platform and the trust certificate acquired by the account verification device are verified separately, and the asynchronous verification effect is achieved. The account verification device can obtain the trust voucher without accessing the account verification platform when obtaining the trust voucher for verification, and the account verification device locally verifies the account voucher by using an encryption algorithm, so that the account verification efficiency is improved.
In order to implement the foregoing embodiment, the present application further provides an account verification system, and fig. 6 is a schematic structural diagram of the account verification system of the present application, where the account verification system includes: intelligent terminal 10, account management terminal 20, account authentication device 30, wherein:
the intelligent terminal 10 is provided with a client corresponding to the account verification device 30, and the intelligent terminal 10 is used for calling a client login account, acquiring an account certificate sent by the account management terminal 20, accessing the account verification device 30 according to the account certificate, and acquiring data from the account verification device 30;
the account verification device 20 is configured to operate the account management platform, and is configured to send an account credential to the intelligent terminal 10, and the account management terminal is further configured to synchronize a trust credential to the account verification device 30;
and the account verification device 30 is connected with the client installed on the intelligent terminal 10, and is used for receiving a data request instruction of the client, verifying an account certificate corresponding to the request instruction according to a trust certificate synchronized by the account management terminal 20, and confirming the authenticity of the login identity of the client user.
In addition, the present application also provides a readable storage medium, where an account identification program is stored, and when executed by a processor, the account identification program implements any one of the steps of the above account identification method.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. An account verification method is characterized by comprising the following steps:
receiving an account certificate sent by the client, wherein the account certificate is a unique identity identification mark which is provided by an account management platform to the client and reflects user login information;
synchronously acquiring a trust certificate of the account management platform, wherein the trust certificate is associated with the account certificate and is used for confirming data information of user identity authenticity provided by the client;
and locally verifying the account certificate according to the trust certificate, and confirming the user login information of the account certificate.
2. The account verification method of claim 1, wherein the step of synchronously obtaining the trust credentials of the account management platform comprises:
receiving credential updating information pushed by the account management platform, wherein the credential updating information is notification information sent by the account management platform when the trust credential changes;
and receiving the trust certificate updated by the account management platform, and updating the locally stored trust certificate.
3. The account verification method of claim 1, wherein the step of synchronously obtaining the trust credentials of the account management platform comprises:
presetting a timing task for acquiring a trust certificate;
and periodically acquiring the trust certificate synchronized by the account management platform according to the period set by the task of acquiring the trust certificate timing, and synchronously updating the locally stored trust certificate.
4. The account verification method of claim 1, wherein the step of synchronously obtaining the trust credentials of the account management platform comprises:
presetting the task of obtaining the trust certificate at regular time, periodically obtaining the trust certificate synchronized by the account management platform at regular time, and synchronously updating the locally stored trust certificate;
and/or the presence of a gas in the gas,
receiving the certificate updating information pushed by the account management platform, receiving the trust certificate updated by the account management platform, and synchronously updating the locally stored trust certificate.
5. The account verification method of claim 1, wherein the step of synchronously obtaining the trust credentials of the account management platform comprises:
setting a trust certificate storage database, wherein the trust certificate storage database is used for storing the updated trust certificate sent by the account management platform;
and accessing the trust certificate storage database, and reading the updated trust certificate in the trust certificate storage database.
6. The account verification method of claim 5, wherein the step of locally verifying the account credentials based on the trust credentials and confirming user login information of the account credentials comprises:
and calling the trust certificate stored in the trust certificate storage database, calling an encryption algorithm locally to verify whether the account certificate sent by the client is correct, and verifying the account login information of the client.
7. The account verification method of any one of claims 2-4, wherein the locally verifying the account credentials based on the trust credentials, the step of confirming user login information for the account credentials comprises:
calling the updated locally stored trust certificate, and locally calling an encryption algorithm to verify whether the account certificate sent by the client is matched with the trust certificate;
if the account certificate is matched with the trust certificate after being verified by the encryption algorithm, opening a data port corresponding to the account certificate to the client;
and if the account certificate and the trust certificate are not matched after being verified by the encryption algorithm, sending a prompt message that the account certificate is wrong to the client.
8. An account verification device, comprising a memory, a processor and an account verification program stored on the memory and executable on the processor, wherein the processor implements the steps of the account verification method according to any one of claims 1 to 7 when executing the account verification program.
9. An account verification system, comprising:
the intelligent terminal is provided with a client corresponding to the account verification device and is used for calling a client login account, acquiring an account certificate sent by an account management terminal, accessing the account verification device according to the account certificate and acquiring data from the account verification device;
the account management terminal is used for operating the account management platform, sending an account certificate to the intelligent terminal, and synchronizing a trust certificate to the account verification device;
the account verification device is connected with the client installed on the intelligent terminal and used for receiving a data request instruction of the client and verifying an account certificate corresponding to the request instruction according to a trust certificate synchronized by the account management terminal;
the account verification system when executed performs the steps of the account verification method of any one of claims 1-7.
10. A computer-readable storage medium having stored thereon an account verification program which, when executed by a processor, implements the steps of the account verification method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011353976.9A CN112417401A (en) | 2020-11-26 | 2020-11-26 | Account verification method, device and system and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011353976.9A CN112417401A (en) | 2020-11-26 | 2020-11-26 | Account verification method, device and system and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112417401A true CN112417401A (en) | 2021-02-26 |
Family
ID=74843922
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011353976.9A Pending CN112417401A (en) | 2020-11-26 | 2020-11-26 | Account verification method, device and system and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112417401A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113112274A (en) * | 2021-04-12 | 2021-07-13 | 支付宝(杭州)信息技术有限公司 | Payment information processing method, device, equipment and medium |
| CN113742681A (en) * | 2021-11-04 | 2021-12-03 | 苏州浪潮智能科技有限公司 | Account management method and device, computer equipment and storage medium |
| CN115086052A (en) * | 2022-06-23 | 2022-09-20 | 全知科技(杭州)有限责任公司 | Method for automatically analyzing account based on HTTP traffic |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040098609A1 (en) * | 2002-11-20 | 2004-05-20 | Bracewell Shawn Derek | Securely processing client credentials used for Web-based access to resources |
| CN106790183A (en) * | 2016-12-30 | 2017-05-31 | 广州华多网络科技有限公司 | Logging on authentication method of calibration, device |
| CN107888568A (en) * | 2017-10-23 | 2018-04-06 | 广州星耀悦教育科技有限公司 | Unified identity authentication data managing method, electronic equipment, storage medium and system |
| CN109218326A (en) * | 2018-10-10 | 2019-01-15 | 广州虎牙信息科技有限公司 | Login validation method, device, storage medium and server |
| CN109274685A (en) * | 2018-11-02 | 2019-01-25 | 深圳壹账通智能科技有限公司 | Multisystem login method, device, computer equipment and storage medium |
| CN109815656A (en) * | 2018-12-11 | 2019-05-28 | 平安科技(深圳)有限公司 | Login authentication method, device, equipment and computer readable storage medium |
| CN110378091A (en) * | 2019-07-24 | 2019-10-25 | 阿里巴巴集团控股有限公司 | A kind of auth method, device and equipment |
| CN110445760A (en) * | 2019-07-10 | 2019-11-12 | 阿里巴巴集团控股有限公司 | Information processing method, device, equipment and computer readable storage medium |
-
2020
- 2020-11-26 CN CN202011353976.9A patent/CN112417401A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040098609A1 (en) * | 2002-11-20 | 2004-05-20 | Bracewell Shawn Derek | Securely processing client credentials used for Web-based access to resources |
| CN106790183A (en) * | 2016-12-30 | 2017-05-31 | 广州华多网络科技有限公司 | Logging on authentication method of calibration, device |
| CN107888568A (en) * | 2017-10-23 | 2018-04-06 | 广州星耀悦教育科技有限公司 | Unified identity authentication data managing method, electronic equipment, storage medium and system |
| CN109218326A (en) * | 2018-10-10 | 2019-01-15 | 广州虎牙信息科技有限公司 | Login validation method, device, storage medium and server |
| CN109274685A (en) * | 2018-11-02 | 2019-01-25 | 深圳壹账通智能科技有限公司 | Multisystem login method, device, computer equipment and storage medium |
| CN109815656A (en) * | 2018-12-11 | 2019-05-28 | 平安科技(深圳)有限公司 | Login authentication method, device, equipment and computer readable storage medium |
| CN110445760A (en) * | 2019-07-10 | 2019-11-12 | 阿里巴巴集团控股有限公司 | Information processing method, device, equipment and computer readable storage medium |
| CN110378091A (en) * | 2019-07-24 | 2019-10-25 | 阿里巴巴集团控股有限公司 | A kind of auth method, device and equipment |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113112274A (en) * | 2021-04-12 | 2021-07-13 | 支付宝(杭州)信息技术有限公司 | Payment information processing method, device, equipment and medium |
| CN113742681A (en) * | 2021-11-04 | 2021-12-03 | 苏州浪潮智能科技有限公司 | Account management method and device, computer equipment and storage medium |
| CN115086052A (en) * | 2022-06-23 | 2022-09-20 | 全知科技(杭州)有限责任公司 | Method for automatically analyzing account based on HTTP traffic |
| CN115086052B (en) * | 2022-06-23 | 2023-07-18 | 全知科技(杭州)有限责任公司 | Method for automatically analyzing account based on HTTP (hyper text transport protocol) traffic |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112417401A (en) | Account verification method, device and system and computer readable storage medium | |
| US9390247B2 (en) | Information processing system, information processing apparatus and information processing method | |
| US9021570B2 (en) | System, control method therefor, service providing apparatus, relay apparatus and computer-readable medium | |
| JP5654642B1 (en) | Authentication system and program | |
| US8213583B2 (en) | Secure access to restricted resource | |
| CN110213223B (en) | Service management method, device, system, computer equipment and storage medium | |
| CN107040518B (en) | Private cloud server login method and system | |
| US9578018B2 (en) | Remote sign-out of web based service sessions | |
| US10931673B2 (en) | Policy activation for client applications | |
| US20200329032A1 (en) | Secure gateway onboarding via mobile devices for internet of things device management | |
| US7520339B2 (en) | Apparatus for achieving integrated management of distributed user information | |
| US10326758B2 (en) | Service provision system, information processing system, information processing apparatus, and service provision method | |
| CN112491553A (en) | Short-duration digital certificate issuance based on long-duration digital certificate validation | |
| US20160261582A1 (en) | System for secure login, and method and apparatus for same | |
| CN113271296B (en) | Login authority management method and device | |
| US11321444B2 (en) | Authentication management method and system | |
| US10277579B2 (en) | Information processing system that provides a resource to an application of a terminal through a network | |
| CN104574101B (en) | Method, equipment and system for verifying electronic ticket | |
| CN113132402A (en) | Single sign-on method and system | |
| CN115022047B (en) | Account login method and device based on multi-cloud gateway, computer equipment and medium | |
| KR102055897B1 (en) | Authentication Method and System for Service Connection of Internet Site using Phone Number | |
| CN112434054A (en) | Audit log updating method and device | |
| US10541813B2 (en) | Incorporating multiple authentication systems and protocols in conjunction | |
| JP6848275B2 (en) | Program, authentication system and authentication cooperation system | |
| KR101627896B1 (en) | Authentication method by using certificate application and system thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |