CN101415004A - The authentication method that embedded web page is used - Google Patents
The authentication method that embedded web page is used Download PDFInfo
- Publication number
- CN101415004A CN101415004A CN 200810178193 CN200810178193A CN101415004A CN 101415004 A CN101415004 A CN 101415004A CN 200810178193 CN200810178193 CN 200810178193 CN 200810178193 A CN200810178193 A CN 200810178193A CN 101415004 A CN101415004 A CN 101415004A
- Authority
- CN
- China
- Prior art keywords
- authentication
- module
- user
- web page
- embedded web
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The present invention discloses the authentication method that a kind of embedded web page is used, comprise: be embedded in host's webpage and and host's webpage between the primary module of being isolated by cross-domain isolation module be in the state of waiting for user's login, the secure log that the reception user sends ejects the independently authentication window that has address field after the request of the application server at embedded web page application place; Authentication module in the authentication window is waited for user's input authentication information in the above; After user's input authentication information, the authentication information on primary module or the authentication module access authentication module and other authentication informations on the primary module are submitted to application server with these information; Application server verifies that to authentication information checking is by then returning user ID, and this user ID finally reaches primary module, and checking is not by then returning error message.Authentication method disclosed by the invention can improve the user and login the fail safe that embedded web page is used, and prevents that effectively the situation that user authentication information is usurped by host's webpage from taking place.
Description
Technical field
The present invention relates to the authentication method that a kind of embedded web page is used, particularly a kind of authentication method that in communication system, lands safely the embedded web page application.
Background technology
The Internet has passed through the development of decades, and having formed with http protocol is that topmost data transfer mode, browser are the general layout of topmost terminal, and the application of embedded web page more and more widely.We have reason to believe, because based on a large amount of existence of the application of this quasi-protocol and terminal, in foreseeable future, this general layout will keep always.
The browser of main flow has so-called " cross-domain " restriction to the scripted code (for example Javascript) that is embedded in wherein at present.If two webpage A and B, their territory Da and Db are inequality, and the scripted code that is embedded in so in these two webpages can't be visited mutually.Restriction that browser makes for security consideration that Here it is.On the contrary, if their both territories are identical, the scripted code that is embedded in so in these two webpages then can be visited under certain condition mutually.For example user's webpage clicking A ejects the webpage B of a same area, and the embedded scripted code of webpage A can obtain the information of webpage B so, and vice versa.
But at the beginning of the generation of embedded web page, the designer does not take into account safety and privacy concern, therefore a large amount of Embedded Application all is difficult to use in the scene that with the browser is terminal safely, and one of them is " needing the embedded web page of authentication to use ".
A kind of application is for example arranged, and it can be embedded on any one webpage.This webpage that is embedded into is called host's webpage A, but its service is actually provided by another website B.Simultaneously, this application also requires user's input authentication information to use, as username and password.Particularly, have a kind of instant messaging that can be embedded on any one host's webpage to use, the user can be on this host's webpage and good friend's communication, but the user must input authentication information login before this service of use.And embedded service and host's webpage are one in outward appearance, and the user is difficult to differentiate, and therefore, input authentication information has potential safety hazard on third party host's webpage.For example host's webpage A ' instant messaging that can embed a vacation is used, and misleads the user in appearance and thinks that this embedded instant messaging is used and provided by website B, then user cheating input authentication information in the above.In case the user has imported authentication information, this authentication information is just stolen by this host website A ', thereby causes user's loss.Because the fail safe of the Internet is difficult to be protected, such needs the application of " needing the embedded web page of authentication to use " to be difficult to obtain market, is difficult to realize the Secure Application of this respect in other words.
Summary of the invention
The present invention is in order to solve the above-mentioned technical problem that realizes that safely embedded web page is used, utilized browser for being embedded in the wherein security mechanism of execution script code, make an application both can be embedded in third party host's webpage, can allow the authenticating of user security again.
The present invention proposes the authentication method that a kind of embedded web page is used, comprise: be embedded in host's webpage and and host's webpage between the primary module of being isolated by cross-domain isolation module be in the state of waiting for user's login, the secure log that the reception user sends ejects the independently authentication window that has address field after the request of the application server at embedded web page application place; Authentication module in the authentication window is waited for user's input authentication information in the above; After user's input authentication information, the authentication information on primary module or the authentication module access authentication module and other authentication informations on the primary module are submitted to application server with these information; Application server verifies that to authentication information checking is by then returning user ID, and this user ID finally reaches primary module, and checking is not by then returning error message.
In the authentication method that above-mentioned embedded web page is used, authentication window is the browser window of newly opening or browses label; Authentication information is one of following message or its combination: the answer of user cipher, sequence number, enquirement; Other authentication informations are one of following message or its combination: user name, account number, certificate number.
The authentication method that above-mentioned embedded web page is used further comprises: in the time of authentication information on the primary module access authentication window, authentication window is closed.
The authentication method that above-mentioned embedded web page is used further comprises: when authentication module access authentication information and other authentication informations, application server is passed user ID back to authentication module, and authentication module is closed after this user ID is passed to primary module.
In the authentication method that above-mentioned embedded web page is used, cross-domain isolation module makes host's webpage can't visit primary module, realizes decision by browser manufacturer or other third parties, as realizing with the IFrame element in the HTML(Hypertext Markup Language).
In the authentication method that above-mentioned embedded web page is used, finish communication by the same area communication module that realizes by browser manufacturer or other third parties between the primary module authentication module, described same area communication module makes can communicate by letter between the module of same domain, can realize calling of same area intermodule with the built-in Javascript language engine of browser.User Datagram Protoco (UDP) (UDP), transmission control protocol (TCP) are adopted in communicating by letter that primary module and authentication module and application server carry out, perhaps based on HTTP(Hypertext Transport Protocol) or the Secure Hypertext Transfer Protocol (HTTPS) of TCP.
In the authentication method that above-mentioned embedded web page is used, primary module and authentication module can be realized with one of following language or its combination: Javascript, VBScript, HTML(Hypertext Markup Language) or Flash.
In the authentication method that above-mentioned embedded web page is used, the described mode of returning error message comprises: when application server does not pass through the checking of authentication information, primary module prompting error message also turns back to the state of waiting for user's login, and perhaps authentication module prompting error message also continues to wait for that the user re-enters authentication information.
In the authentication method that above-mentioned embedded web page is used, the user does not carry out one of following two kinds of steps during input authentication information: when authentication module is waited for user's input authentication information, if the overtime input authentication not yet of user information, authentication module produces error message, and primary module is got back to the state of waiting for user's login simultaneously; When authentication module was waited for user's input authentication information, if the overtime input authentication not yet of user information, authentication module continued to wait for that user's input authentication information cancels login until overtime or user next time.
The authentication method that adopts above-mentioned embedded web page to use can improve the user and login the fail safe that embedded web page is used, and prevents that effectively the situation that user authentication information is usurped by host's webpage from taking place.
Description of drawings
Fig. 1 is that the system that embedded web page of the present invention is used constitutes schematic diagram
Fig. 2 is the flow chart of the authentication method used of the embedded web page of the embodiment of the invention 1
Fig. 3 improves the flow chart of the authentication method that the embedded web page of embodiment 1 uses for the present invention
Fig. 4 is the flow chart of the authentication method used of the embedded web page of the embodiment of the invention 2
Fig. 5 improves the flow chart of the authentication method that the embedded web page of embodiment 2 uses for the present invention
Fig. 6 is the flow chart of the authentication method of the embedded web page application of the another kind of improvement of the present invention embodiment 2
Embodiment
Followingly develop simultaneously with reference to accompanying drawing that the present invention is described in further detail for embodiment.
The system that embedded web page is used as shown in Figure 1, this application can be immediate communication tool, bank system of web or forum.A territory of using the application server correspondence at place is A.Be to embed a primary module on host's webpage of B in the territory, constitute by HTML(Hypertext Markup Language) document and Javascript code, but both actuating logic also can be realized showing interface.A cross-domain isolation module is arranged between primary module and host's webpage, make host's webpage can't visit primary module.For example, cross-domain isolation module can be the framework (IFrame) among the HTML, a kind of html element element that can allow a html document be embedded in another html document.The primary module of being isolated by cross-domain isolation module is derived from application server, and its territory also is A, and can carry out communication with the application server and the authentication module of same area.In the view of the user, this primary module is exactly that an embedded web page that is embedded on host's webpage is used.When the user clicks " login " button on the primary module, eject smaller independently browser window or Shipping Options Page, be referred to as authentication window.This authentication window includes authentication module, also is made of HTML(Hypertext Markup Language) document and Javascript code, also is derived from application server, and its territory also is A.Because two modules are same areas, therefore primary module and authentication module can be visited mutually by the same area communication module that is realized by browser manufacturer or other third parties, for example, can realize calling of same area intermodule with the built-in Javascript language engine of browser.In addition because this authentication window has address field, therefore as long as users to trust the shown territory of address field, so just trusted authentication module, trusted the primary module that is embedded in host's webpage indirectly.System is sent to application server in the information of authentication module input by the primary module that is embedded in host's webpage with the user, lands safely thereby finish.The authentication information of authentication module can be user's a password.Primary module and authentication module can adopt User Datagram Protoco (UDP) (UDP), transmission control protocol (TCP) or communicate with application server based on HTTP(Hypertext Transport Protocol) or the Secure Hypertext Transfer Protocol (HTTPS) of TCP.
The flow process of the method that the secure log embedded web page of embodiments of the invention 1 is used may further comprise the steps as shown in Figure 2:
Step 100: the primary module of being realized by html document and Javascript code in IFrame is in the state of waiting for the user security login.
Step 101: the secure log that primary module reception user sends is to the request of application server.For example, when the user need login, click the some html element elements on the primary module, as " secure log " button, primary module receives this information.
Step 102: eject a smaller independently browser window that has address field or newly open a Shipping Options Page, authentication authorization and accounting window.This authentication window has comprised the authentication module of being realized by html document and Javascript code, and its territory also is A.
Step 103: authentication module is waited for user's input authentication information.In this step, if the overtime not input of user does not promptly have input authentication information (for example not input in a minute) in the adjustable certain hour of system, authentication module produces error message, and primary module is got back to the wait state of step 100.If the at the appointed time interior input authentication information of user, execution in step 104 so.The mode that authentication module produces error message can be to close authentication window, can be to eject miscue.
Step 104: primary module is access authentication information from authentication module, and on primary module other authentication information to be submitted to the territory be that the application server of A is verified.Meanwhile authentication window also is closed, and helps protecting user's authentication information not peeped by other people.For example, the user imports other authentication informations on primary module, as one of user name, account number, certificate number or its combination; In authentication module the inside input authentication information, as one of answer of password, sequence number or enquirement or its combination, the authentication information that primary module will obtain at authentication module with pass application server back in the information such as user name of primary module acquisition.
Step 105: application server is verified the information that obtains in the step 104, is judged whether authentication information is complete errorless.If the verification passes, execution in step 106, the primary module denying is pointed out error message and is turned back to the state of the wait user login of step 100.
Step 106: application server will be returned to user ID of primary module, as cookie.User ID is normally a bit of in order to characterize the data of user identity, for non-generation side (for example reciever, forwarding side or third party prier), its meaning is difficult to be cracked, and the interceptor generally can't crack by these data and obtain wishing the data that are hidden.To producing Fang Eryan, this segment data can help it that the legitimacy of request is verified.As long as next with in the communication of server primary module is showing this cookie, application server just can believe that the operation of this primary module passed through subscriber authorisation.
As shown in Figure 3, for the improvement of the embodiment of the invention 1 can for, in step 103, the user is overtime when not importing, authentication module continues to wait for that the user re-enters authentication information, cancels login until overtime or user next time.
The flow process of the method that the secure log embedded web page of the embodiment of the invention 2 is used may further comprise the steps as shown in Figure 4:
Step 200: the primary module of being realized by html document on the IFrame and Javascript code is in the state of waiting for the user security login.
Step 201: the secure log that primary module reception user sends is to the request of application server.For example, when the user need click " secure log " button on the primary module in when login, primary module receives this information.
Step 202: eject a smaller independently browser window that has address field or newly open a Shipping Options Page, authentication authorization and accounting window.This authentication window has comprised the authentication module of being realized by html document and Javascript code, and its territory also is A.
Step 203: authentication module is waited for user's input authentication information.In this step, if the overtime not input of user does not promptly have input authentication information in the adjustable certain hour of system, for example not input in a minute, authentication module produces error message so, and primary module is got back to the wait state of step 200.If the at the appointed time interior input authentication information of user, execution in step 204 so.The mode that authentication module produces error message can be to close authentication window, can be to eject miscue, also can be to remind the user to continue input.
Step 204: authentication module obtains other authentication information with authentication information and from primary module, for example obtains password etc. at authentication module, and the user name that obtains at primary module etc. are submitted to application server and verify.Authentication module maintenance this moment is connected with application server, is not closed.
Step 205: application server is verified the information of obtaining in the step 204, judges whether authentication information is complete errorless.Execution in step 206 then if the verification passes.If checking is not passed through, authentication window is closed, and primary module is pointed out error message and turned back to the state of the wait user login of step 200.
Step 206: application server will be returned to the user ID of authentication module in the authentication window, as cookie.After this authentication module was passed to primary module with this user ID, authentication window was closed.As long as next with in the communication of server primary module is showing this cookie, application server just can believe that the operation of this primary module passed through subscriber authorisation.
As shown in Figure 5, for the improvement of the embodiment of the invention 2 can for, in step 203, the user is overtime when not importing, authentication module continues to wait for that the user re-enters authentication information, cancels login until overtime or user next time.
As shown in Figure 6, for the improvement of the embodiment of the invention 2 can also for, in step 205, then authentication module prompting error message and continue to wait for that the user re-enters authentication information.
In the middle of above-mentioned secure log process, the user is not as long as identification and trusted the territory in the authentication window so just worries that the authentication information of being imported stolen by host's webpage.Because the restriction of cross-domain isolation module, if users to trust the territory of authentication window correspondence, primary module also must belong to the territory that this is trusted so, otherwise primary module can't obtain the information of authentication module.Simultaneously, because primary module also is this territory, rather than host's webpage " forgery ", host's webpage also can't cross-domainly obtain any information on the primary module so.In a word, host's webpage can not get any information of user in the service of embedding, thus the fail safe that need to have guaranteed the embedded web page of authentication to use.Simultaneously, because authentication window is smaller, size is big as our common being seen dialog box, therefore can not influence user experience.
In addition, the primary module in above description process or the implementation language of authentication module fully can be not office in Javascript, VBScript, even can be other binary codes, for example Flash.Also be that primary module or authentication module can use one of Javascript, VBScript, HTML(Hypertext Markup Language) or Flash to realize, also can realize by the combination of these language.
Though, those skilled in the art can propose multiple improvement and change, but when all changes and improvements rationally and suitably proposed in they help the scope of technology, the inventor's purpose was specifically in being authorized to the scope of patent to implement all changes and improvements.
Claims (10)
1. the authentication method used of an embedded web page, comprise: be embedded in host's webpage and and host's webpage between the primary module of being isolated by cross-domain isolation module be in the state of waiting for user's login, the secure log that the reception user sends ejects the independently authentication window that has address field after the request of the application server at embedded web page application place; Authentication module in the authentication window is waited for user's input authentication information; After user's input authentication information, the authentication information on primary module or the authentication module access authentication module and other authentication informations on the primary module are submitted to application server with these information; Application server verifies that to authentication information checking is by then returning user ID, and this user ID finally reaches primary module, and checking is not by then returning error message.
2. the authentication method that embedded web page as claimed in claim 1 is used is characterized in that: described authentication window is the browser window of newly opening or browses label.
3. the authentication method that embedded web page as claimed in claim 1 is used, it is characterized in that: described authentication information is one of following message or its combination: the answer of user cipher, sequence number, enquirement etc.; Described other authentication informations are one of following message or its combination: user name, account number, certificate number etc.
4. the authentication method that embedded web page as claimed in claim 1 is used is characterized in that: in the time of authentication information on the primary module access authentication module, authentication window is closed.
5. the authentication method that embedded web page as claimed in claim 1 is used, it is characterized in that: when authentication module access authentication information and other authentication informations, application server is passed user ID back to authentication module, and after authentication module was passed to primary module with this user ID, authentication window was closed.
6. the authentication method that embedded web page as claimed in claim 1 is used, it is characterized in that: described cross-domain isolation module makes host's webpage can't visit primary module, realizes decision by browser manufacturer or other third parties.
7. the authentication method that embedded web page as claimed in claim 6 is used is characterized in that: cross-domain isolation module can be realized with the IFrame element in the HTML(Hypertext Markup Language).
8. the authentication method that embedded web page as claimed in claim 1 is used, it is characterized in that: finish communication by the same area communication module that realizes by browser manufacturer or other third parties between the primary module authentication module, described same area communication module makes can communicate by letter between the module of same domain, can realize calling of same area intermodule with the built-in Javascript language engine of browser.
9. the authentication method that embedded web page as claimed in claim 1 is used, it is characterized in that: User Datagram Protoco (UDP) (UDP), transmission control protocol (TCP) are adopted in communicating by letter that primary module and authentication module and application server carry out, perhaps based on HTTP(Hypertext Transport Protocol) or the Secure Hypertext Transfer Protocol (HTTPS) of TCP.
10. the authentication method that embedded web page as claimed in claim 1 is used is characterized in that: primary module and authentication module can be realized with one of following language or its combination: Javascript, VBScript, HTML(Hypertext Markup Language) or Flash.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200810178193 CN101415004B (en) | 2008-11-25 | 2008-11-25 | Authentication method for embedded web page application |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200810178193 CN101415004B (en) | 2008-11-25 | 2008-11-25 | Authentication method for embedded web page application |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101415004A true CN101415004A (en) | 2009-04-22 |
| CN101415004B CN101415004B (en) | 2013-05-08 |
Family
ID=40595316
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200810178193 Expired - Fee Related CN101415004B (en) | 2008-11-25 | 2008-11-25 | Authentication method for embedded web page application |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101415004B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102789557A (en) * | 2011-05-18 | 2012-11-21 | 腾讯科技(深圳)有限公司 | Data processing system and method for achieving web security functions in webs |
| CN102934413A (en) * | 2010-06-11 | 2013-02-13 | 菲德利索恩系统有限责任公司 | Smartphone management system and method |
| CN104299155A (en) * | 2014-09-11 | 2015-01-21 | 浪潮软件集团有限公司 | Electronic invoice issuing method based on social tool |
| CN104468493A (en) * | 2013-09-25 | 2015-03-25 | 腾讯科技(深圳)有限公司 | Method and system for logging into web page in network communication |
| CN105550016A (en) * | 2015-12-09 | 2016-05-04 | 国云科技股份有限公司 | React-native based method for quickly realizing login of mobile terminal user |
| CN105847322A (en) * | 2016-03-11 | 2016-08-10 | 四川盛世天鱼科技有限公司 | APP management system and method |
| CN107038194A (en) * | 2016-11-17 | 2017-08-11 | 阿里巴巴集团控股有限公司 | A kind of method for page jump and device |
| CN112383542A (en) * | 2020-11-12 | 2021-02-19 | 建信金融科技有限责任公司 | User login method and system, authentication end and user end |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108737331B (en) * | 2017-04-17 | 2020-08-07 | 北大方正集团有限公司 | Cross-domain communication method and cross-domain communication system |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2869131B1 (en) * | 2004-04-19 | 2008-03-28 | Global Interfece Comm Sarl | METHOD FOR DISTRIBUTING SECURE CONTENT VIA THE INTERNET |
| CN1738240A (en) * | 2004-08-16 | 2006-02-22 | 彭国展 | Attestation method and safe identification method for network identity |
| CN100587690C (en) * | 2006-09-01 | 2010-02-03 | 腾讯科技(深圳)有限公司 | Method and device for carrying out communication between users browsing a same web page |
| CN101170408A (en) * | 2006-10-25 | 2008-04-30 | 许先才 | Method and system for realizing agent certification based on identity authentication mode including random information |
| CN101309147A (en) * | 2008-06-13 | 2008-11-19 | 兰州大学 | Identity authentication method based on image password |
-
2008
- 2008-11-25 CN CN 200810178193 patent/CN101415004B/en not_active Expired - Fee Related
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102934413A (en) * | 2010-06-11 | 2013-02-13 | 菲德利索恩系统有限责任公司 | Smartphone management system and method |
| CN102789557A (en) * | 2011-05-18 | 2012-11-21 | 腾讯科技(深圳)有限公司 | Data processing system and method for achieving web security functions in webs |
| CN102789557B (en) * | 2011-05-18 | 2015-01-14 | 腾讯科技(深圳)有限公司 | Data processing system and method for achieving web security functions in webs |
| CN104468493A (en) * | 2013-09-25 | 2015-03-25 | 腾讯科技(深圳)有限公司 | Method and system for logging into web page in network communication |
| CN104468493B (en) * | 2013-09-25 | 2018-12-11 | 腾讯科技(深圳)有限公司 | The method and system of web page are logged in network communication |
| CN104299155A (en) * | 2014-09-11 | 2015-01-21 | 浪潮软件集团有限公司 | Electronic invoice issuing method based on social tool |
| CN105550016A (en) * | 2015-12-09 | 2016-05-04 | 国云科技股份有限公司 | React-native based method for quickly realizing login of mobile terminal user |
| CN105847322A (en) * | 2016-03-11 | 2016-08-10 | 四川盛世天鱼科技有限公司 | APP management system and method |
| CN105847322B (en) * | 2016-03-11 | 2019-03-29 | 王卓 | A kind of APP management system and method |
| CN107038194A (en) * | 2016-11-17 | 2017-08-11 | 阿里巴巴集团控股有限公司 | A kind of method for page jump and device |
| CN112383542A (en) * | 2020-11-12 | 2021-02-19 | 建信金融科技有限责任公司 | User login method and system, authentication end and user end |
| CN112383542B (en) * | 2020-11-12 | 2023-01-24 | 建信金融科技有限责任公司 | User login method and system, authentication end and user end |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101415004B (en) | 2013-05-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101415004B (en) | Authentication method for embedded web page application | |
| EP2819371B1 (en) | A computer implemented method to prevent attacks against authorization systems and computer programs products thereof | |
| US8776169B2 (en) | Disposable browsers and authentication techniques for a secure online user environment | |
| EP2404428B1 (en) | A system and method for providing security in browser-based access to smart cards | |
| CN101453458B (en) | Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables | |
| US8578461B2 (en) | Authenticating an auxiliary device from a portable electronic device | |
| US20200106766A1 (en) | Method and system for security assertion markup language (saml) service provider-initiated single sign-on | |
| US20120240203A1 (en) | Method and apparatus for enhancing online transaction security via secondary confirmation | |
| CN101651666A (en) | Method and device for identity authentication and single sign-on based on virtual private network | |
| CN103069774A (en) | Securely accessing an advertised service | |
| WO2010057204A1 (en) | User authentication using alternative communication channels | |
| US10397214B2 (en) | Collaborative sign-on | |
| US10601809B2 (en) | System and method for providing a certificate by way of a browser extension | |
| Mukhopadhyay et al. | An Anti-Phishing mechanism for single sign-on based on QR-code | |
| Scott et al. | Examining the privacy of login credentials using web-based single sign-on-are we giving up security and privacy for convenience? | |
| Lodderstedt et al. | OAuth 2.0 Security Best Current Practice (draft-ietf-oauth-security-topics-16) | |
| TW201305935A (en) | One time password generation and application method and system using the same | |
| EP1713230B1 (en) | System and method for providing user's security when setting-up a connection over insecure networks | |
| Deeptha et al. | Extending OpenID connect towards mission critical applications | |
| Kiljan et al. | What you enter is what you sign: Input integrity in an online banking environment | |
| CN108574657A (en) | Method, apparatus, system and the computing device and server of access server | |
| EP2860935B1 (en) | A computer implemented method to prevent attacks against authorization systems and computer programs products thereof | |
| EP2860934B1 (en) | A computer implemented method to prevent attacks against authorization systems and computer programs products thereof | |
| Paul et al. | UI Component and Authentication | |
| TWI838149B (en) | Secure enabling system and method for enterprise authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| DD01 | Delivery of document by public notice |
Addressee: Jiang Yue Document name: Notification of Termination of Patent Right |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130508 Termination date: 20151125 |
|
| EXPY | Termination of patent right or utility model |