CN113572789A - Secret-free login system and method for Internet of things intelligent equipment application - Google Patents
Secret-free login system and method for Internet of things intelligent equipment application Download PDFInfo
- Publication number
- CN113572789A CN113572789A CN202110943197.2A CN202110943197A CN113572789A CN 113572789 A CN113572789 A CN 113572789A CN 202110943197 A CN202110943197 A CN 202110943197A CN 113572789 A CN113572789 A CN 113572789A
- Authority
- CN
- China
- Prior art keywords
- application
- identity
- party
- authorization code
- intelligent equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 11
- 238000013475 authorization Methods 0.000 claims description 43
- 238000012795 verification Methods 0.000 claims description 10
- 238000004891 communication Methods 0.000 claims description 3
- 206010063385 Intellectualisation Diseases 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
Abstract
The invention provides a secret-free login system for application of intelligent equipment of an Internet of things, which is characterized by comprising a third-party authentication service terminal, an application server, a third-party identity authentication server and intelligent equipment provided with an identity box and an application APP, and also provides a secret-free login method for application of the intelligent equipment of the Internet of things.
Description
Technical Field
The invention relates to the technical field of Internet of things, in particular to a secret-free login system and method for application of intelligent equipment of the Internet of things.
Background
Along with the development of the intellectualization of the internet of things, the intellectualization level of intelligent home equipment is higher and higher, and more applications can be borne by the intelligent terminal. Most of traditional user registration login modes are user names and passwords, the application types are more and more, the user registration places are more and more, and login registration information is difficult to remember. Especially, under the condition that the internet of things is rapidly developed, the application is various, and if each application needs to remember a user name and a password, the application is a painful matter for most people. And based on the requirement of internet real-name authentication, the requirement of supervision cannot be well met only by a user name and a password, and the requirement of real-name authentication is also required to be completed by binding a mobile phone number.
On the internet of things intelligent equipment, some provide keyboard/mouse/remote controller and other ways to help the user to complete the login of the application; some two-dimensional codes are provided, and login is realized through the implementation of code scanning of a mobile phone; some modes of logging in by using the short message verification code easily call maliciously to serve as a short message bombing effect, short messages are easily intercepted, behavior verification is usually required to be carried out to obtain the short message verification code in order to prevent risks, and the logging time is greatly increased by waiting for the arrival time of the short message verification code and manually inputting the short message verification code. The login modes are complex, the application is particularly complex in the intelligent equipment of the Internet of things, and the screen of the intelligent terminal is particularly small, so that the operation steps of the user are increased, and the user experience is greatly reduced.
Disclosure of Invention
In order to solve the technical problems, the application provides a secret-free login system and method for the application of the intelligent equipment of the internet of things by analyzing the existing intelligent equipment of the internet of things, which has various applications and poor login experience and meets the requirement of real-name authentication of the internet.
The technical scheme adopted by the invention for solving the problems is as follows:
a secret-free login system for application of intelligent equipment of the Internet of things comprises a third-party authentication service terminal, an application server, a third-party identity authentication server and intelligent equipment provided with an identity box and an application APP, wherein the identity box has a trusted execution environment, ensures that running programs and data are not illegally acquired, interacts with an authentication service SDK of the third-party authentication service terminal and the application APP of the intelligent equipment respectively, and acquires an authorization code representing user information through the third-party authentication service terminal for the intelligent equipment to call; the application APP is in communication connection with the application server, the user information authorization code in the identity box is called, and the user information authorization code is sent to the application server; the application server is also communicated with a third identity party authentication server, and after receiving the authorization code provided by the application APP, the application server requests the third identity party authentication server to acquire complete user information; and the third identity party authentication server is used for receiving and verifying the authorization code submitted by the application server, returning complete user information after verification is completed, and synchronizing the user information to the application APP.
The further technical scheme is as follows: the third identity party authentication server is a service party capable of providing identity authentication.
The further technical scheme is as follows: the third identity party authentication server is an authentication server of an operator, an authentication mechanism or a bank card related mechanism.
The further technical scheme is as follows: the third party authentication service terminal is added with a unique identity identifier, such as an MAC address, of the intelligent device, and is used for verifying whether the intelligent device can obtain the user information authorization code.
The technical scheme of the invention also comprises:
a secret-free login method for Internet of things intelligent equipment application comprises the following steps:
s100, adding an MAC address capable of logging in the intelligent equipment to a password-free login setting interface of a third party authentication service terminal to serve as an equipment white list;
s200, during login, the intelligent equipment calls a built-in trusted module identity box interface, attaches an MAC address parameter of the intelligent equipment, and requests a password-free login interface from a third-party authentication service terminal;
s300, receiving and analyzing data by a third party authentication service terminal, and inquiring whether the intelligent equipment has the authority to carry out secret-free login;
if the authentication has the authority, the third-party authentication service terminal returns the password-free login related parameters and the corresponding authorization code to the identity box through the authentication service SDK, and the step S400 is performed;
s400, acquiring related parameters and authorization codes through an identity box, and applying partial information displayed by the APP as user login characteristics for a user to select password-free login;
s500, after obtaining manual authorization of a user, submitting an authorization code to an application server by the application APP, and sending the authorization code to a third-party identity authentication server by the application server for verification;
s600, after the authorization code is successfully verified, returning complete user information; the application service completes the password-free login and synchronizes session information to the application APP.
The further technical scheme is as follows: in step S600, the returned complete user information includes number information and a key, and when the application server completes the password-free login, the complete user information is also stored.
The invention has the beneficial effects that:
according to the invention, the trusted module identity box is arranged in the intelligent terminal equipment, and is combined with the third-party identity authentication to transmit the identity authentication information and determine the relationship between the account and the entity person, so that the application login is realized in a secret-free manner, the existing login mode based on a user name and a password/the login mode of a two-dimensional code/a short message verification code is changed, the operation flow of user login is reduced, and the user experience is greatly improved.
Drawings
Fig. 1 is a flowchart of a secret-free login method for an internet-of-things intelligent device application in an embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It is to be understood that the described embodiments are only a few embodiments of the present invention, and not all embodiments of the present invention, and that the present invention is not limited by the embodiments described herein.
Example 1
A secret-free login system for application of intelligent equipment of the Internet of things is characterized in that a trusted module identity box is arranged in the intelligent equipment of the Internet of things and is combined with a third-party identity authentication platform, information of the third-party identity authentication platform is transmitted, and the relation between an account and an entity person is determined, so that secret-free login of the application is achieved. For example, in a form of associating with an operator and the like, an authorization code corresponding to a mobile phone number of a user is stored in a trusted execution environment of the internet of things intelligent device after being authorized by the user and authenticated by the operator, when the application of the intelligent device needs login and registration, the application server is used for transmission by acquiring the mobile phone number authorization code in a trusted module, and the application server acquires the real mobile phone number of the user from the operator, so that password-free login is completed.
The system mainly comprises a third-party authentication service terminal (authentication service SDK), an application server, a third-party identity authentication server, an identity box stored in intelligent equipment and an application APP for interactive realization, specifically,
the third party authentication service terminal comprises an authentication service SDK, and communicates with a third party identity authentication server in local (local area network) to acquire a user information authorization code. And meanwhile, the intelligent equipment is communicated with the identity box of the intelligent equipment locally, and the authorization code is transmitted to the credible identity box on the basis of authenticating the identity of the intelligent equipment.
The identity box is provided with a trusted execution environment, can ensure that programs and data running in the identity box are not illegally acquired, and provides an environment for safe running of the programs. The identity box interacts with an authentication service SDK of a third-party authentication service terminal and an application APP of the intelligent device to obtain an authorization code representing user information, the authorization code is called by a system/application of the intelligent device, the user information authorization code in the identity box is obtained by the intelligent device application through system calling, and the user information authorization code can be sent to an application server.
And the application server is responsible for application communication with the intelligent equipment and provides corresponding services for the terminal application. The application service also communicates with a third identity party authentication server, and after receiving the authorization code provided by the terminal application, the application service needs to request the third identity party authentication server to acquire complete user information, and after verifying the real information of the user, the application service synchronizes the login session information of the user to the terminal application.
The third-party identity authentication server is a service party capable of providing identity authentication, such as an operator, and can authenticate the identity of a user through a mobile phone number; the bank card related mechanism can authenticate the user identity through the bank card; the authentication mechanism can authenticate the identity of the user through information such as fingerprints, voiceprints, human faces and the like. The third-party identity authentication server communicates with the third-party authentication service terminal and issues an authorization code associated with the user identity information; and communicates with the application server, receives the authentication request from the application server, and returns the authentication request to the application server user information through the authorization code.
Example 2
The invention discloses a secret-free login method for application of intelligent equipment of the Internet of things, which comprises the following specific steps of:
s100, adding an MAC capable of logging in the intelligent equipment to a password-free login setting interface of a third party authentication service terminal to serve as an equipment white list;
s200, calling a built-in trusted module identity box interface by the intelligent equipment, attaching an MAC address parameter of the intelligent equipment, and requesting a password-free login interface by the intelligent equipment;
s300, receiving and analyzing data by a third party authentication service terminal, and inquiring whether the intelligent equipment has the authority to carry out secret-free login;
if the authentication has the authority, the third-party authentication service terminal returns the password-free login related parameters and the corresponding authorization code to the identity box through the authentication service SDK, and the step S400 is performed; if not, popping up an unauthorized word sample, and returning to the login interface to input or select the login mode again.
S400, the APP obtains corresponding parameters and authorization codes through an identity box, user login characteristics such as partial information of a mobile phone number are displayed for a user to select to use password-free login, and then the APP performs password-free login to obtain manual authorization of the user;
s500, submitting the relevant parameters and the authorization code to an application server by the application APP, and sending the authorization code to a third-party identity authentication server and verifying the authorization code by the application server;
step S600, after the third-party identity authentication server verifies the authorization code, returning complete user information, such as: telephone numbers and keys, etc.; the application service completes the password-free login and stores the key, and synchronizes session information to the application APP.
Therefore, the terminal equipment of the internet of things has the capability of login without secret, and the terminal equipment of the internet of things can be terminal equipment such as a television, an air conditioner and the like. In addition, in the scene of the internet of things, a third party authentication service terminal and intelligent equipment may belong to different manufacturers or different brands, and a white list mechanism is adopted for identity authentication between the equipment, so that certain limitations and popularization limitations exist. Aiming at the problem of equipment authentication of different platforms of different manufacturers, other methods can be used to solve the problem of equipment authentication of different manufacturers, so that secret-free login of the equipment of the Internet of things is realized.
Finally, it should be understood that the embodiments of the application disclosed herein are illustrative of the principles of the embodiments of the present application. Other modified embodiments are also within the scope of the present application. Accordingly, the disclosed embodiments are presented by way of example only, and not limitation. Those skilled in the art may implement the present application in alternative configurations according to the embodiments of the present application. Thus, embodiments of the present application are not limited to those precisely described in the application.
Claims (6)
1. A secret-free login system for application of intelligent equipment of the Internet of things is characterized by comprising a third-party authentication service terminal, a third-party identity authentication server, an application server and intelligent equipment provided with an identity box and an application APP, wherein the identity box has a trusted execution environment, ensures that running programs and data are not illegally acquired, interacts with an authentication service SDK of the third-party authentication service terminal and the application APP of the intelligent equipment respectively, and acquires an authorization code representing user information through the third-party authentication service terminal for the intelligent equipment to call; the application APP is in communication connection with the application server, the user information authorization code in the identity box TEE is called, and the user information authorization code is sent to the application server; the application server is also communicated with a third identity party authentication server, requests the third identity party authentication server to acquire complete user information after receiving the authorization code provided by the application APP, and synchronizes session information to the application APP; and the third identity party authentication server is used for receiving and verifying the authorization code submitted by the application server, and returning complete user information after verification is completed.
2. The internet-of-things intelligent device application secret-free login system as claimed in claim 1, wherein the third identity party authentication server is a service party capable of providing identity authentication.
3. The internet-of-things smart device application secret-less login system as claimed in claim 1, wherein the third identity party authentication server is an authentication server of an operator, an authentication authority or a bank card-related authority.
4. The internet-of-things intelligent device application secret-free login system according to claim 1, wherein information of an intelligent device identity is added to the third party authentication service terminal and used for verifying whether the intelligent device can obtain the user information authorization code.
5. A secret-free login method for application of intelligent equipment of the Internet of things is characterized by comprising the following steps:
s100, adding an MAC address capable of logging in the intelligent equipment to a password-free login setting interface of a third party authentication service terminal to serve as an equipment white list;
s200, during login, the intelligent equipment calls a built-in trusted module identity box interface, attaches an MAC address parameter of the intelligent equipment, and requests a password-free login interface from a third-party authentication service terminal;
s300, the third party authentication service terminal receives and analyzes data and inquires whether the intelligent equipment has the authority to acquire a user information authorization code;
if the authentication has the authority, the third-party authentication service terminal returns the password-free login related parameters and the corresponding authorization code to the identity box through the authentication service SDK, and the step S400 is performed;
s400, acquiring related parameters and authorization codes through an identity box, and applying partial information displayed by the APP as user login characteristics for a user to select password-free login;
s500, after obtaining manual authorization of a user, submitting an authorization code to an application server by the application APP, and sending the authorization code to a third-party identity authentication server by the application server for verification;
s600, after the authorization code is successfully verified, returning complete user information; the application service completes the password-free login and synchronizes session information to the application APP.
6. The secret-free login method for the application of the intelligent device of the internet of things according to claim 5, wherein in the step S600, the returned complete user information includes number information and a secret key, and the application server stores the complete user information when completing the secret-free login.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110943197.2A CN113572789A (en) | 2021-08-17 | 2021-08-17 | Secret-free login system and method for Internet of things intelligent equipment application |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110943197.2A CN113572789A (en) | 2021-08-17 | 2021-08-17 | Secret-free login system and method for Internet of things intelligent equipment application |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113572789A true CN113572789A (en) | 2021-10-29 |
Family
ID=78171891
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110943197.2A Pending CN113572789A (en) | 2021-08-17 | 2021-08-17 | Secret-free login system and method for Internet of things intelligent equipment application |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113572789A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115604039A (en) * | 2022-12-15 | 2023-01-13 | 江苏金智教育信息股份有限公司(Cn) | Third-party assisted identity verification login method and system |
CN116614812A (en) * | 2023-07-17 | 2023-08-18 | 中国人寿保险股份有限公司上海数据中心 | Non-perception authentication intercommunication method for heterogeneous brand wireless equipment |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103347002A (en) * | 2013-06-13 | 2013-10-09 | 百度在线网络技术(北京)有限公司 | Method, system and device for socialized login |
CN104125216A (en) * | 2014-06-30 | 2014-10-29 | 华为技术有限公司 | Method, system and terminal capable of improving safety of trusted execution environment |
CN104408371A (en) * | 2014-10-14 | 2015-03-11 | 中国科学院信息工程研究所 | Implementation method of high security application system based on trusted execution environment |
CN105792167A (en) * | 2014-12-15 | 2016-07-20 | 中国移动通信集团公司 | Method, device and apparatus for initializing trusted execution environment |
CN106778342A (en) * | 2016-12-09 | 2017-05-31 | 北京洋浦伟业科技发展有限公司 | Credible performing environment safety certifying method and device and equipment |
CN109040030A (en) * | 2018-07-17 | 2018-12-18 | 北京奇安信科技有限公司 | Single-point logging method and system |
CN109089264A (en) * | 2018-08-02 | 2018-12-25 | 江苏满运软件科技有限公司 | A kind of mobile terminal exempts from the method and system of close login |
CN109787991A (en) * | 2019-01-31 | 2019-05-21 | 平安科技(深圳)有限公司 | Exempt from close login method, device, equipment and storage medium based on mobile terminal |
US20190190723A1 (en) * | 2016-08-10 | 2019-06-20 | Samsung Sds Co., Ltd. | Authentication system and method, and user equipment, authentication server, and service server for performing same method |
CN111654468A (en) * | 2020-04-29 | 2020-09-11 | 平安国际智慧城市科技股份有限公司 | Secret-free login method, device, equipment and storage medium |
-
2021
- 2021-08-17 CN CN202110943197.2A patent/CN113572789A/en active Pending
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103347002A (en) * | 2013-06-13 | 2013-10-09 | 百度在线网络技术(北京)有限公司 | Method, system and device for socialized login |
CN104125216A (en) * | 2014-06-30 | 2014-10-29 | 华为技术有限公司 | Method, system and terminal capable of improving safety of trusted execution environment |
CN104408371A (en) * | 2014-10-14 | 2015-03-11 | 中国科学院信息工程研究所 | Implementation method of high security application system based on trusted execution environment |
CN105792167A (en) * | 2014-12-15 | 2016-07-20 | 中国移动通信集团公司 | Method, device and apparatus for initializing trusted execution environment |
US20190190723A1 (en) * | 2016-08-10 | 2019-06-20 | Samsung Sds Co., Ltd. | Authentication system and method, and user equipment, authentication server, and service server for performing same method |
CN106778342A (en) * | 2016-12-09 | 2017-05-31 | 北京洋浦伟业科技发展有限公司 | Credible performing environment safety certifying method and device and equipment |
CN109040030A (en) * | 2018-07-17 | 2018-12-18 | 北京奇安信科技有限公司 | Single-point logging method and system |
CN109089264A (en) * | 2018-08-02 | 2018-12-25 | 江苏满运软件科技有限公司 | A kind of mobile terminal exempts from the method and system of close login |
CN109787991A (en) * | 2019-01-31 | 2019-05-21 | 平安科技(深圳)有限公司 | Exempt from close login method, device, equipment and storage medium based on mobile terminal |
CN111654468A (en) * | 2020-04-29 | 2020-09-11 | 平安国际智慧城市科技股份有限公司 | Secret-free login method, device, equipment and storage medium |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115604039A (en) * | 2022-12-15 | 2023-01-13 | 江苏金智教育信息股份有限公司(Cn) | Third-party assisted identity verification login method and system |
CN116614812A (en) * | 2023-07-17 | 2023-08-18 | 中国人寿保险股份有限公司上海数据中心 | Non-perception authentication intercommunication method for heterogeneous brand wireless equipment |
CN116614812B (en) * | 2023-07-17 | 2023-10-03 | 中国人寿保险股份有限公司上海数据中心 | Non-perception authentication intercommunication method for heterogeneous brand wireless equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2854433B1 (en) | Method, system and related device for realizing virtual sim card | |
CN104253784B (en) | Method, system, third party's terminal and the interconnected server for logging in and authorizing | |
US7865173B2 (en) | Method and arrangement for authentication procedures in a communication network | |
CN103098452B (en) | Mobile terminal, remote operating system, the data sending control method of mobile terminal and non-emporary computer-readable medium | |
CN108512862A (en) | Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques | |
US7373138B2 (en) | Mobile wireless communications device enablement and methods therefor | |
RU2008141089A (en) | APPLICATION AUTHENTICATION | |
KR20090022425A (en) | Multiple authentication access system and the method thereof | |
KR101358346B1 (en) | Method for auto log-in and system for the same | |
CN113572789A (en) | Secret-free login system and method for Internet of things intelligent equipment application | |
CN101808094A (en) | Identity authentication system and method | |
CN106203021B (en) | A kind of more certification modes are integrated to apply login method and system | |
JP4552797B2 (en) | Telephone number registration / authentication system, method, authentication server and program | |
US20070113093A1 (en) | Mobile communication terminal for wireless Internet access and a wireless Internet access method | |
CN107645726A (en) | A kind of method and system for mobile terminal user identity certification | |
JP5004635B2 (en) | Authentication device, authentication system, broadcast device, authentication method, and broadcast method | |
CN105635060B (en) | It is a kind of to obtain method, authentication server and the gateway for applying data | |
US20050216741A1 (en) | Telephone having authentication function and telephone system | |
CN116017448A (en) | Bluetooth authentication method and system based on three-party linkage of software, terminal and server | |
CN114584978B (en) | Value added service authentication method, device, equipment and readable medium | |
TWI722750B (en) | Fido signature management system based on real-name authentication and method thereof | |
WO2023079625A1 (en) | Authentication system, authentication method, and program | |
JP2003152895A (en) | Personal information opening system and information opening method | |
KR20020089820A (en) | Payment System and Method by specific numbering on the Digital contents | |
KR101713395B1 (en) | Communication Terminal Certification Processing System, Communication Terminal, Server and Certification Processing Method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211029 |
|
RJ01 | Rejection of invention patent application after publication |