CN115688057A - Method and device for software authorization, storage medium and electronic equipment - Google Patents

Method and device for software authorization, storage medium and electronic equipment Download PDF

Info

Publication number
CN115688057A
CN115688057A CN202211350554.5A CN202211350554A CN115688057A CN 115688057 A CN115688057 A CN 115688057A CN 202211350554 A CN202211350554 A CN 202211350554A CN 115688057 A CN115688057 A CN 115688057A
Authority
CN
China
Prior art keywords
software
user
authorization code
authorization
registration information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211350554.5A
Other languages
Chinese (zh)
Inventor
徐山强
范鸿雷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Original Assignee
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Topsec Technology Co Ltd, Beijing Topsec Network Security Technology Co Ltd, Beijing Topsec Software Co Ltd filed Critical Beijing Topsec Technology Co Ltd
Priority to CN202211350554.5A priority Critical patent/CN115688057A/en
Publication of CN115688057A publication Critical patent/CN115688057A/en
Pending legal-status Critical Current

Links

Images

Abstract

Some embodiments of the present application provide a method, an apparatus, a storage medium and an electronic device for software authorization, the method comprising: acquiring registration information of a user; judging whether a software authorization code corresponding to the registration information exists or not, and obtaining a judgment result, wherein the software authorization code represents an authorization certificate of the user for logging in the target software, and the judgment result represents whether the user of the registration information has registered the software authorization code or not; and confirming whether the software authorization code is generated or not according to the judgment result. Some embodiments of the present application may enable efficient management of software authorization.

Description

Method and device for software authorization, storage medium and electronic equipment
Technical Field
The present application relates to the field of software licensing technologies, and in particular, to a method, an apparatus, a storage medium, and an electronic device for software authorization.
Background
The network security comprises network equipment security, network information security and network software security. Network security refers to the protection of the hardware, software and data in the system from being damaged, altered and leaked by accidental or malicious reasons. The main key of network software security is software authorization, which is an extension and development of software protection concept, and the goal of software authorization is to require users to use software according to purchased or owned rights license.
At present, in software authorization methods, a user mostly registers a use account of software through personal identity information of the user, and a subsequent user can enter and use the software through the account. However, the same identity can apply for a new account only by replacing different numbers, that is, in the prior art, the same user has a disorder of registering a plurality of accounts, which is not beneficial to the monitoring and management of a software developer, and the software use data also faces a security risk of being tampered and revealed.
Therefore, how to provide a technical solution for a method with higher security for software authorization becomes a technical problem which needs to be solved urgently.
Disclosure of Invention
Some embodiments of the present application aim to provide a method, an apparatus, a storage medium, and an electronic device for software authorization, which can effectively avoid the confusion of registering multiple accounts by the same user identity, improve the security authorization and management of software authorization, and ensure the security of software usage data.
In a first aspect, some embodiments of the present application provide a method for software authorization, comprising: acquiring registration information of a user; judging whether a software authorization code corresponding to the registration information exists or not to obtain a judgment result, wherein the software authorization code represents an authorization certificate of the user for logging in the target software, and the judgment result represents whether the user of the registration information has registered the software authorization code or not; and confirming whether the software authorization code is generated or not according to the judgment result.
According to some embodiments of the application, whether the software authorization code corresponding to the registration information of the user exists or not is judged, and whether the software authorization code is generated for the user or not is further determined, so that the condition that the same user identity can only register an account of one target software can be ensured, the condition that the same user identity registers multiple accounts is effectively avoided, the safety authorization and management of software authorization are improved, and the safety of software use data is ensured.
In some embodiments, the obtaining registration information of the user includes: and receiving the registration information sent by an identity verification system, wherein the registration information is information which is filled in and verified successfully by the user in the identity verification system.
Some embodiments of the application can obtain accurate registration information of the user through the identity authentication system, and ensure the validity of the registration information.
In some embodiments, the determining whether the software authorization code corresponding to the registration information exists to obtain a determination result includes: confirming that a software authorization code corresponding to the registration information exists in an authorization code storage, wherein the judgment result is registered; the determining whether to generate the software authorization code according to the determination result includes: and when the judgment result is that the software authorization code is registered, the software authorization code is not generated, and the registration request corresponding to the registration information is rejected.
Some embodiments of the application reject the registration request of the user by confirming that the software authorization code corresponding to the registration information exists in the authorization code repository, so that the same user identity can only register the use account of the target software once, and the disorder of registering multiple accounts by the same user identity is effectively avoided.
In some embodiments, the determining whether the software authorization code corresponding to the registration information exists to obtain a determination result includes: confirming that the software authorization code corresponding to the registration information does not exist in the authorization code storage, wherein the judgment result is unregistered; the determining whether to generate the software authorization code according to the determination result includes: and when the judgment result is confirmed to be unregistered, generating the software authorization code and sending the software authorization code to the user.
According to some embodiments of the application, the unique software authorization code is generated for the user by confirming that the software authorization code corresponding to the registration information exists in the authorization code storage, so that the same user identity can only register the use account of the target software once, and the condition that the same user identity registers multiple accounts is effectively avoided.
In some embodiments, after the confirming whether to generate the software authorization code according to the determination result, the method further includes: receiving a login request sent by a client, wherein the login request comprises: the method comprises the steps of obtaining a software authorization code, a user account and a password corresponding to the user account; and matching the software authorization code with data in an authorization code storage to obtain a matching result, wherein the matching result represents whether the user has the right to log in the target software.
According to some embodiments of the application, the software authorization code in the login request of the client is matched to obtain a matching result, so that whether the user can use the target software can be confirmed, and the use permission of the user can be conveniently verified.
In some embodiments, the method further comprises: and sending the matching result to a security authentication system under the condition that the matching result is that the software authorization code is successfully matched with the data in the authorization code storage, so that the security authentication system verifies the equipment address of the user, and the user obtains the access authorization of the target software.
According to some embodiments of the application, the matching result is sent to the security authentication system under the condition that the software authorization code is successfully matched, and then the user is authenticated in the next step, so that the security management of the account of the user using the target software is realized.
In a second aspect, some embodiments of the present application provide a method for software authorization, comprising: responding to an input operation instruction of a user, and generating a login request, wherein the login request carries a software authorization code, an account and a password; and sending the login request to an authorization management terminal so that the authorization management terminal can confirm whether the user has the right to login the target software.
According to some embodiments of the application, a user generates a login request through a software authorization code, an account and a password, so that only one account can be ensured in the same user identity through the software authorization code, the account of the user can be managed, and the security of target software data is ensured.
In some embodiments, after the sending the login request to the authorization management side, the method further includes: and receiving an authentication result of the equipment address of the user sent by a security authentication system, and determining whether the user is allowed to use the target software according to the authentication result.
Some embodiments of the present application may implement management of the user equipment address through the authentication result of the security authentication system, and implement strict control on authorized use of the target software.
In some embodiments, the method further comprises: allowing the user to use the target software if the authentication result is successful; under the condition that the authentication result is failure, displaying an image acquisition authentication window or a short message authentication window to a user; collecting image information of the user, and allowing the user to use the target software if the image information is confirmed to pass verification; or responding to the input operation of the user in the short message authentication window to acquire verification information, and allowing the user to use the target software if the verification information is verified.
According to some embodiments of the application, under the condition that the authentication of the security authentication system fails, other information of the user is further collected to carry out user identity authentication, so that the use security of the target software is ensured, and the monitoring and management of the use authorization of the target software are realized.
In a third aspect, some embodiments of the present application provide an authorization management side, including: the acquisition module is configured to acquire registration information of a user; a determination module configured to determine whether a software authorization code corresponding to the registration information exists, and obtain a determination result, where the software authorization code represents an authorization credential for the user to log in the target software, and the determination result represents whether the user of the registration information has registered the software authorization code; and the output module is configured to confirm whether the software authorization code is generated or not according to the judgment result.
In a fourth aspect, some embodiments of the present application provide a software client, comprising: the operation module is configured to respond to an input operation instruction of a user and generate a login request, wherein the login request carries a software authorization code, an account and a password; the sending module is configured to send the login request to an authorization management terminal so that the authorization management terminal can confirm whether the user has the authority of logging in the target software.
In a fifth aspect, some embodiments of the present application provide a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, may implement the method as described in any of the embodiments of the first or second aspect.
In a sixth aspect, some embodiments of the present application provide an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program may implement the method according to any one of the embodiments of the first aspect or the second aspect.
In a seventh aspect, some embodiments of the present application provide a computer program product comprising a computer program, wherein the computer program, when executed by a processor, implements the method according to any of the embodiments of the first or second aspect.
Drawings
In order to more clearly illustrate the technical solutions of some embodiments of the present application, the drawings that are required to be used in some embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that for a person skilled in the art, other relevant drawings can be obtained from these drawings without inventive effort.
FIG. 1 is a diagram of a system for software authorization provided by some embodiments of the present application;
FIG. 2 is one of the flow diagrams of methods for software authorization provided by some embodiments of the present application;
FIG. 3 is a second flowchart of a method for software authorization provided by some embodiments of the present application;
FIG. 4 is a third flowchart for software authorization provided by some embodiments of the present application;
FIG. 5 is a block diagram of an authorization management side according to some embodiments of the present application;
FIG. 6 is a block diagram of a software client provided by some embodiments of the present application;
fig. 7 is a schematic diagram of an electronic device according to some embodiments of the present application.
Detailed Description
The technical solutions in some embodiments of the present application will be described below with reference to the accompanying drawings in some embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
In the related art, software authorization generally includes software local authorization, software centralized authorization, cloud authorization, and the like. Most of the existing software centralized authorization methods register the use account of the target software through personal identity information, the account is equivalent to an independent authorization code, a user can directly log in the target software only by logging in a correct account, and the same identity can apply for a new account only by replacing different mobile phone numbers. It can be known from the above related technologies that in the prior art, the same user identity may have a plurality of account numbers, which is inconvenient for a software developer to monitor and manage, and meanwhile, the software authorization is not strictly controlled, which easily causes the actual user data of the target software to be fake, is not favorable for market control, and has a risk of data security.
In view of this, some embodiments of the present application provide a method for software authorization, which may determine whether a user has registered an account authorized for use of target software by determining whether the registration information of the user already has a software authorization code matching therewith, and finally generate a software authorization code for the user according to whether the user has already registered. Some embodiments of the application can effectively avoid the confusion that the same user identity may have a plurality of account numbers, so that a software developer can conveniently monitor and manage the account authorized by the target software, and meanwhile, the software authorization is strictly controlled, so that the data of the actual user of the target software can be prevented from being fake, the market control is facilitated, and the data safety is ensured.
As shown in fig. 1, some embodiments of the present application provide a system for software authorization, which includes a software client 100 and an authorization management terminal 200. The software client 100 can communicate bi-directionally with the authorization manager 200. Target software is deployed in the software client 100, and when a user logs in the target software, the user needs to send a login request to the authorization management terminal 200 through the software client 100, where the login request carries a software authorization code. The authorization management terminal 200 may receive the login request sent by the software client 100, query and match the software authorization code in the login request, and determine whether the user has the unique software authorization code for logging in the target software, so as to ensure that the user has the authorization right for using the target software. In addition, when the user registers a new account at the software client 100, the authorization management end may also determine whether to generate a software authorization code for the user according to the registration information of the user. By binding the software authorization code and the user one to one and storing the binding in the authorization management terminal 200, the situation that the same user identity may have multiple accounts can be effectively avoided, and a software developer can conveniently monitor and manage the account authorized by the use of the target software.
In some embodiments of the present application, the software client 100 and the authorization management terminal 200 may be deployed in the same terminal or may be deployed in different terminals. The terminal may be a terminal device or a server device, and the terminal may be a portable mobile terminal or a non-portable computer device, which is not limited in this application. The target software may be any type of application software, such as network security software, everyday application software, etc. The present application is not limited thereto.
The following describes an implementation process of the method for software authorization performed by the authorization management terminal 200 according to some embodiments of the present application, with reference to fig. 2.
Referring to fig. 2, fig. 2 is a flowchart of a method for software authorization according to some embodiments of the present application, where the method for software authorization includes:
s210, registration information of the user is obtained.
For example, in some embodiments of the present application, the registration information of the user may be filled by the user after sending the registration request, or may be obtained through registration information carried in the registration request of the user. The present application is not specifically limited herein.
In some embodiments of the present application, S210 may include: and receiving the registration information sent by an identity verification system, wherein the registration information is information which is filled in and verified successfully by the user in the identity verification system.
For example, in some embodiments of the present application, the authorization manager 200 may communicate with the authentication system to obtain the registration information filled in by the user in the authentication system. The authentication system may verify the collected identity information of the user, including but not limited to: the authenticity of the identity card information, the authenticity of the mobile phone number, the authenticity of the portrait, the verification whether the mobile phone number and the identity information belong to the same person or not and the like. The authorization management terminal 200 receives the registration information after the authentication is successful. If the identity verification system verifies that the mobile phone number in the identity information of the user is wrong, the identity card information is wrong, the portrait acquisition is unsuccessful or the person to which the mobile phone number belongs and the person to which the identity card information belongs are not the same person, verification failure can be caused, and at the moment, the user can be informed of explaining the existing problems, such as the wrong mobile phone number or the failure of portrait acquisition.
And S220, judging whether a software authorization code corresponding to the registration information exists or not, and obtaining a judgment result, wherein the software authorization code represents an authorization certificate for the user to log in the target software, and the judgment result represents whether the user of the registration information has registered the software authorization code or not.
For example, in some embodiments of the present application, in order to ensure that only one account can be registered for the same user identity, a software authorization code is used to authorize the user. The software authorization code may be characterized in a form of a character string, and may be a string of numbers, a string of letters, or a character string composed of numbers and letters, and the like, and the embodiment of the present application is not limited thereto.
And S230, confirming whether the software authorization code is generated or not according to the judgment result.
For example, in some embodiments of the present application, it can be known whether the user identity has registered the usage authorization credential of the target software based on the determination result, and whether the software authorization code is generated for the user is reconfirmed according to whether the user identity has registered, so that it can be ensured that a single user can only have a single software authorization code.
In some embodiments of the present application, S220 may include: confirming that a software authorization code corresponding to the registration information exists in an authorization code storage, wherein the judgment result is registered; s230 may include: and when the judgment result is that the software authorization code is registered, the software authorization code is not generated, and the registration request corresponding to the registration information is rejected.
For example, in some embodiments of the present application, the authorization code repository may be disposed in the authorization management terminal 200, and store all users registered with the target software and each software authorization code bound to each user in all users, where one user can only correspond to one unique software authorization code. Whether a user corresponding to the registration information has a software authorization code can be determined by searching in the authorization code repository, if yes, the user registration request is rejected, and the user identity is proved to have applied for the software authorization code of the target software, and the software authorization code is bound with the personal identity information of the user, so that a plurality of software authorization codes cannot be applied for the same identity, and the user can timely find back related prompt information such as an account number.
In some embodiments of the present application, S220 may include: confirming that the software authorization code corresponding to the registration information does not exist in the authorization code storage, wherein the judgment result is unregistered; s230 may include: and when the judgment result is confirmed to be unregistered, generating the software authorization code and sending the software authorization code to the user.
For example, in some embodiments of the present application, it is known that the authorization code repository does not have the software authorization code bound to the registration information by searching, at this time, a corresponding software authorization code may be generated for the registration information, and sent to the user in a manner of a short message or other push message, and the registration information and the software authorization code are bound and stored in the authorization code repository.
In some embodiments of the present application, after S230, the method for software authorization further comprises: receiving a login request sent by a client, wherein the login request comprises: the method comprises the steps of obtaining a software authorization code, a user account and a password corresponding to the user account; and matching the software authorization code with data in an authorization code storage to obtain a matching result, wherein the matching result represents whether the user has the right to log in the target software.
For example, in some embodiments of the present application, when a user logs in target software, the authorization management terminal 200 receives a login request of the user, where the login request carries a software authorization code, a user account, and a password. The software authorization code can be matched with the data in the authorization code storage to confirm whether the user has the authority to use the target software, so that the situation that personnel without the authority randomly log in the target software to counterfeit the software use data or carry out malicious operation can be avoided.
In order to improve the security of the target software, in some embodiments of the present application, the method for software authorization further includes: and sending the matching result to a security authentication system under the condition that the matching result is that the software authorization code is successfully matched with the data in the authorization code storage, so that the security authentication system verifies the equipment address of the user, and the user obtains the access authorization of the target software.
For example, in some embodiments of the present application, in a case that the software authorization code exists in the authorization code repository, the matching result needs to be sent to the security authentication system to inform the security authentication system that the security authentication system can perform the next security check, so as to ensure the security of the target software.
The following describes an implementation process of the method for software authorization performed by the software client 100 according to some embodiments of the present application, as exemplified in conjunction with fig. 3.
Referring to fig. 3, fig. 3 is a flowchart of a method for software authorization according to some embodiments of the present application, where the method for software authorization includes:
s310, responding to an input operation instruction of a user, and generating a login request, wherein the login request carries a software authorization code, an account and a password.
For example, in some embodiments of the present application, the user needs to input his/her software authorization code, account number and password when the software client 100 logs in the target software.
S320, sending the login request to an authorization management terminal so that the authorization management terminal can confirm whether the user has the authority of logging in the target software.
For example, in some embodiments of the present application, the software client 100 may send a login request to the authorization management node 200, and the authorization management node 200 may perform matching verification on the software authorization code to confirm whether the user has the right to use the target software. Alternatively, in other embodiments of the present application, the software client 100 may also send only the software authorization code in the login request to the authorization management terminal 200 for the authorization management terminal 200 to search for matching.
In some embodiments of the present application, an authentication result of the device address of the user sent by a secure authentication system is received, and it is determined whether the user is allowed to use the target software according to the authentication result.
For example, in some embodiments of the present application, when it is detected that a user logs in to a software client, a security authentication system may automatically detect a device corresponding to the software client, and determine whether a device address is a device commonly used by the user, so as to ensure security of logging in target software.
In some embodiments of the application, the method for software authorization further comprises: allowing the user to use the target software if the authentication result is successful; under the condition that the authentication result is failure, displaying an image acquisition authentication window or a short message authentication window to a user; acquiring image information of the user, and allowing the user to use the target software if the image information is verified; or, responding to the input operation of the user in the short message authentication window to acquire verification information, and if the verification information is confirmed to pass the verification, allowing the user to use the target software.
For example, in some embodiments of the present application, if the device is determined to be a common device for the user and the account number and password are correct, the user is allowed to use the target software. If the equipment is confirmed to be the infrequent equipment of the user, namely the authentication result is failure, the user can be ensured to have the use authority of the target software by verifying the image or the short message of the user again. For example, a corresponding image acquisition authentication window or a short message mode can be presented to the user, so that further confirmation of the user identity is realized. And if the verification is passed, allowing the user to use the target software, otherwise refusing the user to log in. The image information may be a face image, a fingerprint image, and the like. The short message authentication can be a short message verification code, or a user sends specified verification information to a specified number by using the mobile phone number of the account, and the like.
The specific procedures provided by some embodiments of the present application for software authorization as a method are exemplarily set forth below in connection with fig. 4.
Referring to fig. 4, fig. 4 is a flowchart for software authorization provided by some embodiments of the present application. The method for software authorization is explained below by taking a registration process and a post-registration login process of target software as examples. The specific process is as follows:
s410, the authorization management terminal 200 obtains the registration information of the user.
As a specific example of the present application, there are two options on the landing page of the client software (as a specific example of the software client 100), one is an existing account landing terminal, and the other is a new account registration terminal. And the client sends the registration information form to the registration platform through the new account registration terminal on the login platform, so as to trigger the identity authentication system on the registration platform. The identity authentication system sends an authentication popup to client software, and a client can fill in personal information data (as a specific example of registration information) according to the requirements of the authentication popup and submit the personal information data; meanwhile, the identity analysis and integration system of the identity verification system verifies the authenticity of the filled personal information data (such as name, age, gender, affiliated unit, portrait, personal identification card information and mobile phone number). The method is characterized in that personal identification card information, a mobile phone number and a portrait are verified in a three-in-one mode, authenticity verification is conducted on collected information through an identity analysis and integration system, and it is guaranteed that personal information data filled by a user are correct and all belong to the same person. If the authentication fails, this registration request is rejected and the reason is explained. If the authentication passes, namely the authenticity of the personal identification card information, the authenticity of the mobile phone number and the authenticity of the portrait, the authentication is directly sent to the authorization management platform (namely, the authorization management terminal 200).
S420, the authorization management terminal 200 determines whether a software authorization code corresponding to the registration information exists, if not, performs S430, and if so, performs S440.
As a specific example of the present application, the quick duplication checking system of the authorization management platform queries whether there is an authorization code (i.e., a software authorization code) registered in the same personal information data in the authorization code repository.
S430, the authorization management terminal 200 generates the software authorization code and sends the software authorization code to the user.
As a specific example of the application, when there is no authorization code registered with the same personal information data in the authorization code repository, the authorization database of the authorization management platform is triggered, so that an authorization code is generated and sent to a client of the client software in a form of a short message.
S440, the authorization manager 200 rejects the registration request corresponding to the registration information.
As a specific example of the present application, if there is an authorization code registered in the same personal information data in the authorization code repository, the registration request is rejected, and it is indicated that the identity has already applied for an authorization code of the software (as an example of target software), and the authorization code is bound to the personal identity information, and it is impossible to apply for multiple authorization codes with the same identity and request to retrieve the account in time.
S450, the software client 100 generates a login request in response to the input operation instruction of the user.
As a specific example of the present application, a customer of client software may enter the software by entering the correct authorization code. The client can log in the existing account number through a login platform on the software, and directly sends a login request to the authorization management platform in a form of inputting a correct account number and a password.
S460, the authorization management terminal 200 receives the login request sent by the software client, and matches the software authorization code with the data in the authorization code repository to obtain a matching result.
As a specific example of the application, the authorization code exclusive to the account is compared and matched with the binding data in the authorization code storage library, and if the matching is successful, the client is given login authorization.
S470, the authorization management terminal 200 sends the matching result to the security authentication system, and the security authentication system determines whether the authentication result of the device address is successful, if yes, then S480 is executed, otherwise, S490 is executed.
And S480, allowing the user to use the target software.
As a specific example of the application, the security authentication system verifies the IP address of the account login of the client software, and if the IP address of the login matches with the IP address of the last login, the software is authorized to use.
And S490, displaying the image acquisition authentication window to the user, acquiring the image information of the user, confirming that the image information passes the verification, allowing the user to use the target software if the image information passes the verification, and otherwise, refusing.
As a specific example of the present application, if the IP address of the login is different from the IP address of the login last time, a portrait collection authentication (as a specific example of an image collection authentication) may occur, and after the verification of the collected portrait (as a specific example of image information) is passed, the client may obtain the software use authorization. If the verification is not passed, the client is not authorized, and the client is refused to use the software.
In other embodiments of the present application, the registration platform includes, but is not limited to: the system comprises an identity verification system, an identity analysis and integration system and a sanction system. The identity verification system can send an identity verification popup window to acquire identity information of the registered user, such as: the method comprises the steps of portrait acquisition, identity card information acquisition and mobile phone number acquisition. The identity analysis integration system may verify the collected identity information, including but not limited to: the authenticity of the identity card information, the authenticity of the mobile phone number, the authenticity of the portrait, and whether the mobile phone number and the identity information belong to the same person. The arbitration system is responsible for directly sending the registration request to the authorization management platform after the refund and the identity verification after the identity verification fails. The authentication failure can be caused under the conditions that the mobile phone number is wrong, the identity card information is wrong, the portrait acquisition is unsuccessful, and the person to which the mobile phone number belongs and the person to which the identity card information belongs are not the same person.
In other embodiments of the present application, the authorization management platform may include, but is not limited to: a quick duplicate checking system, an authorization code storage bank and an authorization database. The quick duplicate checking system can compare the identity information which passes the verification with the identity information bound with the authorization codes in the authorization code storage library; the authorization code storage can store the authorization codes generated by authorization of the authorization database and bind the authorization codes with the identity information; the authorization database can endow a new exclusive authorization code according to the identity information; the matching system can compare and match the authorization code exclusive to the account with the authorization code storage base, if the matching is successful, the registration authorization is given, and if the matching is failed, the registration request or the registration request is rejected.
According to the embodiment, the user triggers the identity verification system when registering a new account, and the authenticity of the collected registration information is verified through the identity analysis and integration system, so that the registration information filled by the user is correct and belongs to the same person; and then, whether the authorization code which is registered by the registration information with the same identity exists in the authorization code storage library is inquired, if so, the registration request can be rejected directly, so that the single identity information only can have the single exclusive software authorization code, and the phenomenon that the same identity can have a plurality of account numbers is effectively avoided. Whether login authorization is carried out is determined by checking the IP address of the login account and matching with the accuracy of portrait acquisition authentication and mobile phone short message authentication popped up by a security authentication system, so that the software is strictly controlled.
Referring to fig. 5, fig. 5 is a block diagram illustrating an authorization management side according to some embodiments of the present application. It should be understood that the authorization management terminal corresponds to the method embodiment of fig. 2 described above, and is capable of executing the steps related to the method embodiment described above, and the specific functions of the authorization management terminal may be referred to the description above, and a detailed description is appropriately omitted here to avoid repetition.
The authorization management terminal of fig. 5 includes at least one software functional module that can be stored in a memory or solidified in the authorization management terminal in the form of software or firmware, and includes: an obtaining module 510 configured to obtain registration information of a user; a determining module 520, configured to determine whether a software authorization code corresponding to the registration information exists, and obtain a determination result, where the software authorization code represents an authorization credential for the user to log in the target software, and the determination result represents whether the user of the registration information has registered the software authorization code; an output module 530 configured to confirm whether to generate the software authorization code according to the determination result.
In some embodiments of the present application, the obtaining module 510 is configured to receive the registration information sent by an authentication system, where the registration information is filled in by the user in the authentication system and is successfully authenticated.
In some embodiments of the present application, the determining module 520 is configured to determine that a software authorization code corresponding to the registration information exists in the authorization code repository, and the determination result is registered; an output module 530 configured to not generate the software authorization code and reject the registration request corresponding to the registration information when the determination result is that the registration is performed.
In some embodiments of the present application, the determining module 520 is configured to confirm that the software authorization code corresponding to the registration information does not exist in the authorization code repository, and the determination result is unregistered; an output module 530 configured to generate the software authorization code and send the software authorization code to the user when the determination result is that the software authorization code is not registered.
In some embodiments of the present application, the software authorization side further includes: a login module (not shown in the figure) configured to receive a login request sent by a client, wherein the login request includes: the method comprises the steps of obtaining a software authorization code, a user account and a password corresponding to the user account; and matching the software authorization code with data in an authorization code storage to obtain a matching result, wherein the matching result represents whether the user has the right to log in the target software.
In some embodiments of the present application, the login module is configured to send the matching result to a security authentication system if the matching result is that the software authorization code is successfully matched with the data in the authorization code repository, so that the security authentication system verifies the device address of the user, so that the user obtains the access authorization of the target software.
Referring to fig. 6, fig. 6 shows a block diagram of the software client according to some embodiments of the present application. It should be understood that the software client corresponds to the method embodiment of fig. 3 described above, and is capable of executing various steps related to the method embodiment, and specific functions of the software client can be referred to the description above, and detailed descriptions are appropriately omitted here to avoid repetition.
The software client of fig. 6 includes at least one software functional module that can be stored in a memory in the form of software or firmware or solidified in the software client, and the software client includes: the operation module 610 is configured to respond to an input operation instruction of a user and generate a login request, where the login request carries a software authorization code, an account and a password; a sending module 620 configured to send the login request to an authorization management side, so that the authorization management side confirms whether the user has a right to log in the target software.
In some embodiments of the present application, after the sending module 620, the software client further includes a receiving module (not shown in the figure) configured to receive an authentication result of the device address of the user sent by the security authentication system, and determine whether to allow the user to use the target software according to the authentication result.
In some embodiments of the present application, the software client further comprises a verification module (not shown in the figure) configured to allow the user to use the target software if the authentication result is successful; under the condition that the authentication result is failure, displaying an image acquisition authentication window or a short message authentication window to a user; acquiring image information of the user, and allowing the user to use the target software if the image information is verified; or responding to the input operation of the user in the short message authentication window to acquire verification information, and allowing the user to use the target software if the verification information is verified.
Some embodiments of the present application further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, can implement the operations of the method corresponding to any of the above-mentioned methods provided by the above-mentioned embodiments.
Some embodiments of the present application further provide a computer program product, which includes a computer program, wherein the computer program, when executed by a processor, can implement the operations of the method corresponding to any of the above-mentioned methods provided by the above-mentioned embodiments.
As shown in fig. 7, some embodiments of the present application provide an electronic device 700, the electronic device 700 comprising: a memory 710, a processor 720 and a computer program stored on the memory 710 and executable on the processor 720, wherein the method of any of the embodiments described above can be implemented when the processor 720 reads the program from the memory 710 via the bus 730 and executes the program.
Processor 720 may process digital signals and may include various computing structures. Such as a complex instruction set computer architecture, a architecturally reduced instruction set computer architecture, or an architecture that implements a combination of multiple instruction sets. In some examples, processor 720 may be a microprocessor.
Memory 710 may be used to store instructions that are executed by processor 720 or data related to the execution of the instructions. The instructions and/or data may include code for performing some or all of the functions of one or more of the modules described in embodiments of the application. The processor 720 of the disclosed embodiments may be configured to execute instructions in the memory 710 to implement the methods illustrated above. Memory 710 includes dynamic random access memory, static random access memory, flash memory, optical memory, or other memory known to those skilled in the art.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made to the present application by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.

Claims (14)

1. A method for software authorization, comprising:
acquiring registration information of a user;
judging whether a software authorization code corresponding to the registration information exists or not to obtain a judgment result, wherein the software authorization code represents an authorization certificate of the user for logging in the target software, and the judgment result represents whether the user of the registration information has registered the software authorization code or not;
and confirming whether the software authorization code is generated or not according to the judgment result.
2. The method of claim 1, wherein the obtaining registration information of the user comprises:
and receiving the registration information sent by an identity verification system, wherein the registration information is information which is filled in and verified successfully by the identity verification system by the user.
3. The method according to claim 1 or 2, wherein the determining whether the software authorization code corresponding to the registration information exists to obtain a determination result includes:
confirming that a software authorization code corresponding to the registration information exists in an authorization code storage, wherein the judgment result is registered;
the determining whether to generate the software authorization code according to the determination result includes:
and when the judgment result is confirmed to be registered, the software authorization code is not generated, and the registration request corresponding to the registration information is rejected.
4. The method according to claim 1 or 2, wherein the determining whether the software authorization code corresponding to the registration information exists, and obtaining the determination result, includes:
confirming that the software authorization code corresponding to the registration information does not exist in the authorization code storage, wherein the judgment result is unregistered;
the determining whether to generate the software authorization code according to the determination result includes:
and when the judgment result is confirmed to be unregistered, generating the software authorization code and sending the software authorization code to the user.
5. The method according to claim 1 or 2, wherein after said confirming whether the software authorization code is generated according to the determination result, the method further comprises:
receiving a login request sent by a client, wherein the login request comprises: the method comprises the steps of obtaining a software authorization code, a user account and a password corresponding to the user account;
and matching the software authorization code with data in an authorization code storage to obtain a matching result, wherein the matching result represents whether the user has the right to log in the target software.
6. The method of claim 5, wherein the method further comprises:
and sending the matching result to a security authentication system under the condition that the matching result is that the software authorization code is successfully matched with the data in the authorization code storage, so that the security authentication system verifies the equipment address of the user, and the user obtains the access authorization of the target software.
7. A method for software authorization, comprising:
responding to an input operation instruction of a user, and generating a login request, wherein the login request carries a software authorization code, an account and a password;
and sending the login request to an authorization management terminal so that the authorization management terminal can confirm whether the user has the right to login the target software.
8. The method of claim 7, wherein after said sending said login request to an authorization manager, said method further comprises:
and receiving an authentication result of the equipment address of the user sent by a security authentication system, and determining whether the user is allowed to use the target software according to the authentication result.
9. The method of claim 8, wherein the method further comprises:
if the authentication result is successful, allowing the user to use the target software;
under the condition that the authentication result is failure, displaying an image acquisition authentication window or a short message authentication window to a user;
acquiring image information of the user, and allowing the user to use the target software if the image information is verified; or responding to the input operation of the user in the short message authentication window to acquire verification information, and allowing the user to use the target software if the verification information is verified.
10. An authorization management terminal, comprising:
the acquisition module is configured to acquire registration information of a user;
a determination module configured to determine whether a software authorization code corresponding to the registration information exists, and obtain a determination result, where the software authorization code represents an authorization credential for the user to log in the target software, and the determination result represents whether the user of the registration information has registered the software authorization code;
and the output module is configured to confirm whether the software authorization code is generated or not according to the judgment result.
11. A software client, comprising:
the operation module is configured to respond to an input operation instruction of a user and generate a login request, wherein the login request carries a software authorization code, an account and a password;
the sending module is configured to send the login request to an authorization management terminal so that the authorization management terminal can confirm whether the user has the authority of logging in the target software.
12. A computer-readable storage medium, having stored thereon a computer program, wherein the computer program, when executed by a processor, performs the method of any of claims 1-9.
13. A computer program product, characterized in that the computer program product comprises a computer program, wherein the computer program, when executed by a processor, performs the method according to any one of claims 1-9.
14. An electronic device comprising a memory, a processor, and a computer program stored on the memory and running on the processor, wherein the computer program, when executed by the processor, performs the method of any one of claims 1-9.
CN202211350554.5A 2022-10-31 2022-10-31 Method and device for software authorization, storage medium and electronic equipment Pending CN115688057A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211350554.5A CN115688057A (en) 2022-10-31 2022-10-31 Method and device for software authorization, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211350554.5A CN115688057A (en) 2022-10-31 2022-10-31 Method and device for software authorization, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN115688057A true CN115688057A (en) 2023-02-03

Family

ID=85045314

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211350554.5A Pending CN115688057A (en) 2022-10-31 2022-10-31 Method and device for software authorization, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN115688057A (en)

Similar Documents

Publication Publication Date Title
CN109583184B (en) Identity verification method and device and electronic equipment
CN107026836B (en) Service implementation method and device
KR20200003379A (en) Resource transfer method, fund payment method, and electronic device
KR20130107188A (en) Server and method for authentication using sound code
JP4120997B2 (en) Unauthorized access determination device and method
CN109496443A (en) Mobile authentication method and system for it
CN111476617A (en) Data processing method, data processing device, computer equipment and medium
EP3407241B1 (en) User authentication and authorization system for a mobile application
CN111259368A (en) Method and equipment for logging in system
JP2021523501A (en) Identification code pulling method, computer programs, terminal devices, and servers
CN110599311A (en) Resource processing method and device, electronic equipment and storage medium
US20150066766A1 (en) Secure Generation of a User Account in a Service Server
CN113378152A (en) Operation and maintenance auditing method and device, storage medium and electronic equipment
CN112837147A (en) Business application handling implementation method and device and computer equipment
KR102317656B1 (en) Electronic vote record management system based on blockchain
CN112163009A (en) User side data acquisition method and device, electronic equipment and storage medium
JP2007272600A (en) Personal authentication method, system and program associated with environment authentication
US10003464B1 (en) Biometric identification system and associated methods
CN115688057A (en) Method and device for software authorization, storage medium and electronic equipment
CN112581678B (en) System and method for voting in electronic voting system
CN110866069B (en) Identity management metadata processing method and system based on block chain
JP3974070B2 (en) User authentication device, terminal device, program, and computer system
US11811758B1 (en) Systems and methods for electronic enrollment and authentication
CN115695052B (en) Data protection method and device for shared interface
KR101232581B1 (en) Payment processing system and control method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination