CN115474194A - Security authentication method, device, equipment and storage medium - Google Patents
Security authentication method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN115474194A CN115474194A CN202211147795.XA CN202211147795A CN115474194A CN 115474194 A CN115474194 A CN 115474194A CN 202211147795 A CN202211147795 A CN 202211147795A CN 115474194 A CN115474194 A CN 115474194A
- Authority
- CN
- China
- Prior art keywords
- base station
- user
- target
- authentication
- identification code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/065—Continuous authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application discloses a security authentication method, a security authentication device and a storage medium, wherein a first number and a second number of a user, a third number corresponding to a target terminal, a device identification code corresponding to the target terminal and a current base station corresponding to the target terminal are obtained by responding to a request instruction of the user for security authentication at the target terminal; performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number; when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number; obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station; and if the analysis result meets the preset condition, the safety certification is successful. The scheme can improve the accuracy of the security authentication and is also beneficial to the security of the personal information of the user.
Description
Technical Field
The present application relates to the field of internet technologies, and in particular, to a security authentication method, apparatus, device, and storage medium.
Background
The secret-free authentication is an authentication method based on a mobile flow network of an operator, and the principle of the secret-free authentication is that when a user accesses a gateway at the network side of the operator, account data of the user, such as a mobile phone number of the user, and the like, are identified, and information is encrypted and then is transmitted to an operator authentication system through HTTP/HTTPS. The operator authentication system carries out safety authentication on the user through the account data of the user so as to ensure the safety of the personal information of the user.
However, the security authentication method only uses less information such as the mobile phone number of the user to perform security authentication on the user, and the security is low, which is not beneficial to the security of the personal information of the user.
Disclosure of Invention
In view of this, the present application provides a security authentication method, device, apparatus and storage medium, which are used to solve the problem that the existing security authentication method only uses less information such as a user mobile phone number to perform security authentication on a user, and is low in confidentiality and not beneficial to the security of personal information of the user.
To achieve the above object, the proposed solution is as follows:
in a first aspect, a method for secure authentication includes:
responding to a request instruction of a user for carrying out security authentication on a target terminal, and acquiring a first number and a second number of the user, a third number corresponding to the target terminal, a device identification code corresponding to the target terminal and a current base station corresponding to the target terminal;
performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number;
when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number;
obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station;
and if the analysis result meets the preset condition, the safety certification is successful.
Preferably, the performing target authentication on the user and determining whether the target authentication of the user passes based on the first number, the second number and the third number includes:
respectively judging whether the first number and the second number are the same as the third number;
and if at least one of the first number and the second number is the same as the third number, the user target passes the authentication.
Preferably, the acquiring, according to the first number, the reserved device identification code corresponding to the first number and each resident base station corresponding to the first number includes:
determining a target verification code corresponding to the first number based on the first number;
taking the target verification code as a request parameter;
and sending a request instruction to the established tag library by using the request parameter so that the tag library returns the reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number.
Preferably, the obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number, and each resident base station includes:
comparing the equipment identification code corresponding to the target terminal with the reserved equipment identification code corresponding to the first number to obtain a first comparison result;
comparing the current base station corresponding to the target terminal with each resident base station corresponding to the first number to obtain a second comparison result;
and comprehensively analyzing the first comparison result and the second comparison result to obtain an analysis result.
Preferably, the comparing the current base station corresponding to the target terminal with each resident base station corresponding to the first number to obtain a second comparison result includes:
if the current base station is the same as one of the resident base stations, obtaining comparison success information, and taking the comparison success information as a second comparison result;
if the current base station is different from each resident base station, obtaining a first distance based on the current base station and each resident base station, and taking the first distance as a second comparison result.
Preferably, the obtaining a first distance based on the current base station and each of the resident base stations includes:
determining a target base station closest to the current base station from each resident base station;
and calculating the distance difference between the current base station and the target base station, and taking the distance difference as a first distance.
Preferably, the performing a comprehensive analysis on the first comparison result and the second comparison result to obtain an analysis result includes:
judging the first comparison result and the second comparison result respectively based on a preset result judgment standard to obtain a first score of the first comparison result and a second score of the second comparison result;
and adding the first score and the second score to obtain a total score, and taking the total score as an analysis result.
In a second aspect, a security authentication apparatus includes:
a first obtaining module, configured to, in response to a request instruction for security authentication performed by a user at a target terminal, obtain a first number and a second number of the user, a third number corresponding to the target terminal, a device identification code corresponding to the target terminal, and a current base station corresponding to the target terminal;
the target authentication module is used for performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number;
a second obtaining module, configured to obtain, according to the first number, a reserved device identification code corresponding to the first number and each resident base station corresponding to the first number when the user passes the target authentication;
an analysis result obtaining module, configured to obtain an analysis result according to the device identification code corresponding to the target terminal, the current base station, the reserved device identification code corresponding to the first number, and each resident base station;
and the safety certification success module is used for successfully performing safety certification if the analysis result meets the preset condition.
In a third aspect, a secure authentication apparatus includes a memory and a processor;
the memory is used for storing programs;
the processor is configured to execute the program to implement the steps of the security authentication method according to the first aspect.
In a fourth aspect, a storage medium has stored thereon a computer program which, when executed by a processor, carries out the steps of the security authentication method according to the first aspect.
According to the technical scheme, the first number and the second number of the user, the third number corresponding to the target terminal, the equipment identification code corresponding to the target terminal and the current base station corresponding to the target terminal are obtained by responding to the request instruction of the user for carrying out safety certification at the target terminal; performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number; when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number; obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station; and if the analysis result meets the preset condition, the safety certification is successful. According to the scheme, the first number and the second number of the user and the information such as the third number, the equipment identification code and the base station corresponding to the target terminal are acquired to carry out multi-link verification on the user, so that the accuracy of safety certification is improved, and meanwhile, the safety of personal information of the user is facilitated.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is an alternative flowchart of a security authentication method according to an embodiment of the present application;
fig. 2 is an alternative flowchart of another security authentication method provided in an embodiment of the present application;
fig. 3 is a schematic structural diagram of a security authentication apparatus according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a security authentication device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The secret-free authentication is an authentication method of an operator based on a mobile traffic network, and the principle of the secret-free authentication is that when a user accesses a gateway at the network side of the operator, account data of the user, such as a mobile phone number of the user, and the like, are identified, and information is encrypted and then is transmitted to an operator authentication system through HTTP/HTTPS. The operator authentication system carries out safety authentication on the user through the account data of the user so as to ensure the safety of the personal information of the user.
However, the security authentication method only uses less information such as the mobile phone number of the user to perform security authentication on the user, and the security is low, which is not beneficial to the security of the personal information of the user.
Based on the above defects, an embodiment of the present invention provides a security authentication method, which can be applied to various computer terminals or intelligent terminals, where an execution subject of the security authentication method can be a processor or a server of the computer terminal or the intelligent terminal, and a method flowchart of the method is shown in fig. 1, and specifically includes:
s1: responding to a request instruction of a user for carrying out security authentication on a target terminal, and acquiring a first number and a second number of the user, a third number corresponding to the target terminal, an equipment identification code corresponding to the target terminal and a current base station corresponding to the target terminal.
In the present application, the target terminal may be a user terminal, such as a mobile phone, a tablet, a computer, and other terminal devices.
Optionally, in an example, the user switches to the data traffic at the mobile phone terminal, and requests to log in a certain software at the terminal interface, and then the server or the mobile phone terminal inputs a first number, such as a mobile phone number, at the mobile phone terminal interface after receiving a request instruction sent by the user; and meanwhile, a second number which is stored in the target terminal by the user in advance, a third number corresponding to the target terminal, the equipment identification code and the current base station are obtained, and the safety authentication is carried out on the user by obtaining the information.
In addition, the target terminal needs the user to start the traffic network in the process of acquiring the first number and the second number of the user, and does not need to start the traffic network in the process of acquiring the reserved equipment identification code corresponding to the first number and each resident base station. Therefore, switching time of WIFI and flow can be shortened, more information can be acquired more quickly, and time of a user can be saved.
S2: and performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number.
The process of target authentication based on the first number, the second number and the third number may include:
the first number can be a mobile phone number input by a user, the second number can be a mobile phone number reserved by the user at the target terminal, and the first number and the second number can be the same or different. The third number can be compared with the first number and the second number respectively, that is, the user identities of the first number and the second number can be obtained, if the user identities of the first number and the second number are coincident with the user identity of the third number, the comparison is successful, and the user target authentication is passed.
S3: and when the user passes the target authentication, acquiring the reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number.
If the user passes the target authentication, the security authentication can be passed, but the user only passes the target authentication, namely the security authentication is determined to be passed and not accurate, so that multiple authentications are required to ensure the accuracy of the authentication and the security of the user information is also facilitated.
Therefore, in this step, a reserved equipment identity (IMEI) corresponding to the first number at the target terminal is obtained, where the equipment identity may represent a model of the target terminal, such as "XX mobile phone 13 generation", "XXX tablet S7", and the like, or a production number of the equipment, such as "1234567", and the like, which is not limited in this embodiment. And simultaneously acquiring each resident base station corresponding to the first number, wherein the base station is a public mobile communication base station, is an interface device for accessing the mobile equipment to the Internet, and is a form of a radio station, and is a radio transceiver station for carrying out information transmission with a mobile telephone terminal through a mobile communication switching center in a certain radio coverage area. It can be understood that the user may have requirements in terms of work, home, and business trip, and thus the user's resident base station does not have to have only one base station, i.e. there may be one or more base stations corresponding to the same target terminal, and the base stations corresponding to the target terminals in different areas are different.
S4: and obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station.
S5: and if the analysis result meets the preset condition, the safety certification is successful.
Based on the steps, the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station are obtained, and analysis is performed based on the information to obtain an analysis result. And if the analysis result meets the preset condition, the safety certification is successful.
According to the technical scheme, the first number and the second number of the user, the third number corresponding to the target terminal, the equipment identification code corresponding to the target terminal and the current base station corresponding to the target terminal are obtained by responding to a request instruction of the user for carrying out security authentication at the target terminal; performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number; when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number; obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station; and if the analysis result meets the preset condition, the safety certification is successful. According to the scheme, the multi-link verification is performed on the user through the first number and the second number of the user and the information such as the third number corresponding to the target terminal, the equipment identification code and the base station, so that the accuracy of the security authentication is improved, and meanwhile, the security of personal information of the user is facilitated.
In the method provided in the embodiment of the present invention, based on the first number, the second number, and the third number, the specific description of performing target authentication on the user and determining whether the user passes the target authentication is as follows:
before target authentication, a user enters a wind control link, the wind control link is divided into sensible check and non-sensible check, and in the sensible check link, a window pops up on a target terminal interface for the user to input a first number; in a non-sensory verification link, the terminal background acquires a second number of the user, wherein the second number can be a number bound by an account number used for logging in by the user, or a number such as a personal mobile phone number of the user and the like stored in advance by the terminal.
And then respectively judging whether the first number, the second number and the third number are the same. And if at least one of the first number and the second number is the same as the third number, the user target passes the authentication.
The foregoing embodiment describes how to perform target authentication on the user and determine whether the target authentication of the user passes based on the first number, the second number, and the third number in the present application, and details how to obtain the reserved device identifier corresponding to the first number and each resident base station corresponding to the first number according to the first number in the present application are described below.
S31: and determining a target verification code corresponding to the first number based on the first number.
In an example, the first number is a mobile phone number input by the user, for example, "11122223333," and the target verification code corresponding to the mobile phone number may be the last four digits of the mobile phone number, that is, "3333," or the middle four digits of the mobile phone number, that is, "2222," or a special number evolved according to the mobile phone number, which is not limited in this embodiment.
S32: and taking the target verification code as a request parameter.
In this step, the target checksum is used as the request parameter, and the target checksum is used as the last four digits of the mobile phone number, that is, the request parameter is "3333".
S33: and sending a request instruction to the established tag library by using the request parameter so that the tag library returns the reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number.
Specifically, the first number corresponds to a unique request parameter, and the tag library stores reserved device identification codes and resident base stations corresponding to various parameters, so that the reserved device identification codes corresponding to the first number and the resident base stations corresponding to the first number can be obtained by sending the determined request parameter to the established tag library.
Optionally, the reserved device identification code corresponding to the second number and each resident base station corresponding to the second number may also be acquired according to the second number. It can be understood that, after the user target authentication is passed, the reserved device identification code and each resident base station obtained by using the first number are the same as the reserved device identification code and each resident base station obtained by using the second number.
In an embodiment provided by the present application, in step S4, obtaining an analysis result according to the device identification code corresponding to the target terminal, the current base station, the reserved device identification code corresponding to the first number, and each resident base station may include:
s41: and comparing the equipment identification code corresponding to the target terminal with the reserved equipment identification code corresponding to the first number to obtain a first comparison result.
The comparison process of the device identification codes can be as follows: judging whether the equipment identification code corresponding to the target terminal is the same as the reserved equipment identification code corresponding to the first number, if so, judging that the first comparison result is 'comparison is successful'; if the equipment identification code corresponding to the target terminal is different from the reserved equipment identification code corresponding to the first number, the first comparison result is 'comparison failure', and the security authentication failure can be determined.
S42: and comparing the current base station corresponding to the target terminal with each resident base station corresponding to the first number to obtain a second comparison result.
This step may include the following processes:
if the current base station is the same as one of the resident base stations, comparing success information is obtained, the comparing success information is used as a second comparison result, and meanwhile, the security authentication can be considered to be successful at the moment.
If the current base station is different from each resident base station, obtaining a first distance based on the current base station and each resident base station, and taking the first distance as a second comparison result.
Wherein the first distance obtaining process may include:
and determining a target base station closest to the current base station from the resident base stations, calculating the distance difference between the current base station and the target base station, and taking the distance difference as a first distance.
S43: and comprehensively analyzing the first comparison result and the second comparison result to obtain an analysis result.
S431: the first comparison result and the second comparison result can be respectively judged based on a preset result judgment standard, so that a first score of the first comparison result and a second score of the second comparison result are obtained.
Optionally, if the first comparison result is "comparison is successful", the first score of the first comparison result is a full score, and if the first comparison result is "comparison is failed", the first score of the first comparison result is a zero score.
If the first distance in the second comparison result is smaller than the first preset threshold, the first score of the second result is higher, and if the first distance is larger than the first preset threshold, the first score of the second result is lower.
S432: and adding the first score and the second score to obtain a total score, and taking the total score as an analysis result.
After the analysis result is obtained, whether the user is successfully authenticated can be judged according to the analysis result. If the total score is lower than a second preset threshold, the safety authentication can be determined to be failed, and if the total score is higher than the second preset threshold, the safety authentication can be determined to be successful.
In the technical scheme, the security of the personal information of the user is improved by increasing the comparison of the equipment identification code and the information such as the base station, and the problem of inaccurate security authentication caused by WIFI hotspot serial numbers and the like is prevented. The process of secure authentication provided by the present application may also be as shown in fig. 2.
The security authentication method can be applied to the wind control business of the financial industry, and number stealing protection is provided through the security authentication process, so that the property loss of a user under the conditions that the privacy of an account number is revealed or a phishing trojan attack is encountered is avoided; the method can also be applied to online transaction of an electronic payment channel, and the identity of the user is confirmed through a security authentication process, so that the security of the transaction is guaranteed; in the online activities such as point gift exchange, multidimensional authentication can be realized through the safety authentication process provided by the method, and the benefits of users are maintained.
Corresponding to the method described in fig. 1, an embodiment of the present invention further provides a security authentication apparatus for implementing the method in fig. 1, where the security authentication apparatus provided in the embodiment of the present invention may be implemented in a computer terminal or various mobile devices, and is described with reference to fig. 3, and as shown in fig. 3, the apparatus may include:
a first obtaining module 10, configured to, in response to a request instruction for security authentication performed by a user at a target terminal, obtain a first number and a second number of the user, a third number corresponding to the target terminal, an equipment identification code corresponding to the target terminal, and a current base station corresponding to the target terminal.
And the target authentication module 20 is configured to perform target authentication on the user and determine whether the user passes the target authentication based on the first number, the second number, and the third number.
A second obtaining module 30, configured to obtain, according to the first number, a reserved device identification code corresponding to the first number and each resident base station corresponding to the first number when the user passes the target authentication.
And an analysis result obtaining module 40, configured to obtain an analysis result according to the device identification code corresponding to the target terminal, the current base station, the reserved device identification code corresponding to the first number, and each resident base station.
And a safety certification success module 50, configured to, if the analysis result meets a preset condition, perform a safety certification successfully.
According to the technical scheme, the first number and the second number of the user, the third number corresponding to the target terminal, the equipment identification code corresponding to the target terminal and the current base station corresponding to the target terminal are obtained by responding to a request instruction of the user for carrying out security authentication at the target terminal; performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number; when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number; obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station; and if the analysis result meets the preset condition, the safety certification is successful. According to the scheme, the first number and the second number of the user and the information such as the third number, the equipment identification code and the base station corresponding to the target terminal are acquired to carry out multi-link verification on the user, so that the accuracy of safety certification is improved, and meanwhile, the safety of personal information of the user is facilitated.
In one example, the target authentication module 20 may include:
and the judging module is used for respectively judging whether the first number, the second number and the third number are the same.
And the target authentication passing module is used for passing the user target authentication if at least one of the first number and the second number is the same as the third number.
In one example, the second obtaining module 30 may include:
and the target verification code determining module is used for determining a target verification code corresponding to the first number based on the first number.
And the parameter request determining module is used for taking the target verification code as a request parameter.
And the request module is used for sending a request instruction to the established tag library by using the request parameter so that the tag library returns the reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number.
In one example, the analysis result obtaining module 40 may include:
and the first comparison module is used for comparing the equipment identification code corresponding to the target terminal with the reserved equipment identification code corresponding to the first number to obtain a first comparison result.
And the second comparison module is used for comparing the current base station corresponding to the target terminal with each resident base station corresponding to the first number to obtain a second comparison result.
And the analysis module is used for comprehensively analyzing the first comparison result and the second comparison result to obtain an analysis result.
In one example, the second comparison module may include:
and the comparison success module is used for obtaining comparison success information if the current base station is the same as one of the resident base stations, and taking the comparison success information as a second comparison result.
And a first distance obtaining module, configured to obtain a first distance based on the current base station and each of the resident base stations if the current base station is different from each of the resident base stations, and use the first distance as a second comparison result.
In one example, the first distance finding module may include:
and the target base station determining module is used for determining a target base station closest to the current base station from all the resident base stations.
And the distance difference calculating module is used for calculating the distance difference between the current base station and the target base station and taking the distance difference as a first distance.
In one example, the analysis module may include:
and the judging module is used for judging the first comparison result and the second comparison result respectively based on a preset result judging standard to obtain a first score of the first comparison result and a second score of the second comparison result.
And the adding module is used for adding the first score and the second score to obtain a total score, and the total score is used as an analysis result.
Furthermore, the embodiment of the application provides a security authentication device. Optionally, fig. 4 shows a block diagram of a hardware structure of the security authentication device, and referring to fig. 4, the hardware structure of the security authentication device may include: at least one processor 01, at least one communication interface 02, at least one memory 03 and at least one communication bus 04.
In the embodiment of the present application, the number of the processor 01, the communication interface 02, the memory 03 and the communication bus 04 is at least one, and the processor 01, the communication interface 02 and the memory 03 complete mutual communication through the communication bus 04.
The memory 03 may include a high-speed RAM memory, and may further include a non-volatile memory (non-volatile memory) or the like, for example, at least one disk memory.
Wherein, the memorizer stores the procedure, the procedure stored in the memorizer of the calling-up of the processor, the procedure is used for carrying out the following security authentication method, including:
responding to a request instruction of a user for performing security authentication at a target terminal, and acquiring a first number and a second number of the user, a third number corresponding to the target terminal, a device identification code corresponding to the target terminal and a current base station corresponding to the target terminal;
performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number;
when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number;
obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station;
and if the analysis result meets the preset condition, the safety certification is successful.
Alternatively, the detailed function and the extended function of the program may refer to the description of the security authentication method in the method embodiment.
The embodiment of the present application further provides a storage medium, where the storage medium may store a program suitable for being executed by a processor, and when the program runs, the storage medium controls a device where the storage medium is located to execute the following security authentication method, where the method includes:
responding to a request instruction of a user for carrying out security authentication on a target terminal, and acquiring a first number and a second number of the user, a third number corresponding to the target terminal, a device identification code corresponding to the target terminal and a current base station corresponding to the target terminal;
performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number;
when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number;
obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station;
and if the analysis result meets the preset condition, the safety certification is successful.
In particular, the storage medium may be a computer-readable storage medium, which may be an electronic memory such as a flash memory, an EEPROM (electrically erasable programmable read only memory), an EPROM, a hard disk, or a ROM.
Alternatively, the detailed function and the extended function of the program may refer to the description of the security authentication method in the method embodiment.
In addition, functional modules in the embodiments of the present disclosure may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part. The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present disclosure may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a live broadcast device, or a network device) to execute all or part of the steps of the method according to the embodiments of the present disclosure.
Finally, it should also be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method of secure authentication, comprising:
responding to a request instruction of a user for carrying out security authentication on a target terminal, and acquiring a first number and a second number of the user, a third number corresponding to the target terminal, a device identification code corresponding to the target terminal and a current base station corresponding to the target terminal;
performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number;
when the user passes the target authentication, acquiring a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number according to the first number;
obtaining an analysis result according to the equipment identification code corresponding to the target terminal, the current base station, the reserved equipment identification code corresponding to the first number and each resident base station;
and if the analysis result meets the preset condition, the safety certification is successful.
2. The method of claim 1, wherein the performing target authentication on the user based on the first number, the second number and the third number and determining whether the target authentication of the user is passed comprises:
respectively judging whether the first number and the second number are the same as the third number;
and if at least one of the first number and the second number is the same as the third number, the user target passes the authentication.
3. The method of claim 1, wherein the obtaining, according to the first number, the reserved device identification code corresponding to the first number and each resident base station corresponding to the first number comprises:
determining a target verification code corresponding to the first number based on the first number;
taking the target verification code as a request parameter;
and sending a request instruction to the established tag library by using the request parameter so that the tag library returns a reserved equipment identification code corresponding to the first number and each resident base station corresponding to the first number.
4. The method of claim 1, wherein obtaining the analysis result according to the device identifier corresponding to the target terminal, the current base station, the reserved device identifier corresponding to the first number, and each resident base station comprises:
comparing the equipment identification code corresponding to the target terminal with the reserved equipment identification code corresponding to the first number to obtain a first comparison result;
comparing the current base station corresponding to the target terminal with each resident base station corresponding to the first number to obtain a second comparison result;
and comprehensively analyzing the first comparison result and the second comparison result to obtain an analysis result.
5. The method of claim 4, wherein the comparing the current base station corresponding to the target terminal with each of the residential base stations corresponding to the first number to obtain a second comparison result comprises:
if the current base station is the same as one of the resident base stations, obtaining comparison success information, and taking the comparison success information as a second comparison result;
if the current base station is different from each resident base station, obtaining a first distance based on the current base station and each resident base station, and taking the first distance as a second comparison result.
6. The method as claimed in claim 5, wherein said deriving a first distance based on said current base station and each of said resident base stations comprises:
determining a target base station which is closest to the current base station from each resident base station;
and calculating the distance difference between the current base station and the target base station, and taking the distance difference as a first distance.
7. The method of claim 4, wherein the analyzing the first alignment result and the second alignment result to obtain an analysis result comprises:
judging the first comparison result and the second comparison result respectively based on a preset result judgment standard to obtain a first score of the first comparison result and a second score of the second comparison result;
and adding the first score and the second score to obtain a total score, and taking the total score as an analysis result.
8. A security authentication apparatus, comprising:
a first obtaining module, configured to, in response to a request instruction for security authentication performed by a user at a target terminal, obtain a first number and a second number of the user, a third number corresponding to the target terminal, a device identification code corresponding to the target terminal, and a current base station corresponding to the target terminal;
the target authentication module is used for performing target authentication on the user and judging whether the user passes the target authentication or not based on the first number, the second number and the third number;
a second obtaining module, configured to obtain, according to the first number, a reserved device identification code corresponding to the first number and each resident base station corresponding to the first number when the user passes the target authentication;
an analysis result obtaining module, configured to obtain an analysis result according to the device identification code corresponding to the target terminal, the current base station, the reserved device identification code corresponding to the first number, and each resident base station;
and the safety certification success module is used for successfully carrying out safety certification if the analysis result meets the preset condition.
9. A secure authentication device comprising a memory and a processor;
the memory is used for storing programs;
the processor, configured to execute the program, implementing the steps of the security authentication method according to any one of claims 1 to 7.
10. A storage medium having stored thereon a computer program, characterized in that the computer program, when being executed by a processor, carries out the steps of the security authentication method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211147795.XA CN115474194A (en) | 2022-09-19 | 2022-09-19 | Security authentication method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211147795.XA CN115474194A (en) | 2022-09-19 | 2022-09-19 | Security authentication method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115474194A true CN115474194A (en) | 2022-12-13 |
Family
ID=84333687
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211147795.XA Pending CN115474194A (en) | 2022-09-19 | 2022-09-19 | Security authentication method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115474194A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210266312A1 (en) * | 2014-10-25 | 2021-08-26 | Seung Eun Hong | System and method for mobile cross-authentication |
-
2022
- 2022-09-19 CN CN202211147795.XA patent/CN115474194A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210266312A1 (en) * | 2014-10-25 | 2021-08-26 | Seung Eun Hong | System and method for mobile cross-authentication |
| US11966907B2 (en) * | 2014-10-25 | 2024-04-23 | Yoongnet Inc. | System and method for mobile cross-authentication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10462130B2 (en) | Authentication method and device | |
| CN105323253B (en) | Identity verification method and device | |
| US7979054B2 (en) | System and method for authenticating remote server access | |
| US10757102B2 (en) | Methods, apparatus, and systems for identity authentication | |
| CN104144419B (en) | Identity authentication method, device and system | |
| CN106910057B (en) | Mobile terminal and security authentication method and device on mobile terminal side | |
| CN107086979B (en) | User terminal verification login method and device | |
| CN110266656B (en) | Secret-free authentication identity identification method and device and computer equipment | |
| CN110266642A (en) | Identity identifying method and server, electronic equipment | |
| DK2924944T3 (en) | Presence authentication | |
| CN103200159B (en) | A kind of Network Access Method and equipment | |
| CN103905194B (en) | Identity traceability authentication method and system | |
| CN104753894A (en) | Data processing method, device and system | |
| CN105357242A (en) | Method and system for accessing wireless local area network, short message push platform and portal system | |
| CN104579667A (en) | Account password management method, device and system | |
| US20190281053A1 (en) | Method and apparatus for facilitating frictionless two-factor authentication | |
| CN115474194A (en) | Security authentication method, device, equipment and storage medium | |
| CN112651044B (en) | Business transaction method, system and storage medium based on block chain technology | |
| CN106912049B (en) | Method for improving user authentication experience | |
| CN109067715B (en) | Verification method and device | |
| CN107679383B (en) | Identity verification method and device based on geographic position and touch area | |
| CN107665428B (en) | Mobile payment identity authentication method, server and system | |
| KR101133167B1 (en) | Method and apparatus for user verifing process with enhanced security | |
| CN115767538A (en) | Information verification method, information processing method, device and equipment | |
| CN113612729A (en) | Authentication method and related device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |