CN102346823A - User logging method and system in internet - Google Patents
User logging method and system in internet Download PDFInfo
- Publication number
- CN102346823A CN102346823A CN2010102503632A CN201010250363A CN102346823A CN 102346823 A CN102346823 A CN 102346823A CN 2010102503632 A CN2010102503632 A CN 2010102503632A CN 201010250363 A CN201010250363 A CN 201010250363A CN 102346823 A CN102346823 A CN 102346823A
- Authority
- CN
- China
- Prior art keywords
- user
- internal memory
- log file
- kept
- local device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention is suitable for the internet field, and provides a user logging method and system in the internet. The method comprises: generating a logging file with logging information after the user successfully logs in; and storing the logging file in a memory of a local device. The technical scheme of the invention has the advantage of improving the safety.
Description
Technical field
The invention belongs to internet arena, relate in particular to the method and system of user's login in a kind of internet.
Background technology
Along with Internet development, the user exchanges through the internet, the login method of internet of the prior art; Be specially, after the user opens this webpage or application program (for example instant messaging), show login interface; Behind account that receives user input and password, the account and password are sent to server verify, after verifying successfully; Show and login successfully, the account and password generation Cookie file are kept in the local cache.
According to the technical scheme that prior art provided, find to exist in the prior art following technical matters:
The Cookie file of the technical scheme that prior art provides is to be kept at local cache; So the preservation position of Cookie file is changeless; So other people (for example hacker) is easy to from local cache, obtain this Cookie file; Obtain username and password information, user's account security is low.
Summary of the invention
The purpose of the embodiment of the invention is to provide user in a kind of internet the method for login, is intended to solve the user appears in user in the prior art after log-on webpage or application program the low problem of account security.
The embodiment of the invention is achieved in that the method for user's login in a kind of internet, and said method comprises the steps:
After the user logins success, generate the log file that carries log-on message;
Said log file is kept in the internal memory of local device.
The present invention also provides the system of user's login in a kind of internet, and said system comprises:
Generation unit is used for after the user logins success, generates the log file that carries log-on message;
Preserve the unit, be used for said log file is kept in the internal memory of local device.
The embodiment of the invention compared with prior art; Beneficial effect is: technical scheme of the present invention is stored in this log file in the internal memory; Because internal memory is Random assignment; So the position of this log file storage is unfixing, so other people can't obtain this log file, so it has safe advantage.
Description of drawings
Fig. 1 is the process flow diagram of the method for user's login in a kind of internet provided by the invention;
Fig. 2 is the process flow diagram that the embodiment of the invention one provides the method for user's login in a kind of internet;
Fig. 3 is the logical diagram that the embodiment of the invention three provides the method for user's login in a kind of internet;
Fig. 4 is the logical diagram that the embodiment of the invention four provides the method for user's login in a kind of internet;
Fig. 5 is the structural drawing that the present invention provides the system of user's login in a kind of internet.
Embodiment
In order to make the object of the invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with accompanying drawing and embodiment.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
The present invention provides the method for user's login in a kind of internet, and this method is accomplished by local device, and this local device specifically can be like computing machine; Can certainly be other equipment; Portable terminal for example, PDA or the like only needs this local device can logging in network or run application and get final product.
S11, after the user logins success, generate the log file carry this log-on message;
Need to prove, above-mentioned log-on message specifically can for, the account and the password that use when the user logins; The log file of account and password all can be the Cookie file at present; Certainly in actual conditions, also can other filename of called after, for example KEY file etc.; The present invention does not limit to the concrete form of this log file, only needs this log file to include account and encrypted message gets final product.
S12, this log file is kept in the internal memory of local device.
Optional, the method that realizes S22 specifically can for:
Random assignment one memory headroom is kept at this log file in the memory headroom in internal memory.
Optional, after S22, can also comprise the steps:
Steps A, confirm when under attack, in internal memory, distribute another shelf space again;
Need to prove, above-mentioned confirm determination methods under attack specifically can for:
After the preservation request that receives this log file; Judge under attack; Can certainly be other method; For example when receive that the third party sends obtain the access request of this log file the time, perhaps when detecting local device and attacked by trojan horse or the like, the present invention does not limit to this determination methods under attack.
Step B, this log file is kept in another shelf space.
Optional, said method can also comprise the steps: after S11
Step C, with the user browse recorded and stored in the internal memory of local device, user's browsing content is kept at local cache;
Step D, with the user browse record and user's browsing content is kept in the internal memory;
Need to prove that the execution sequence of above-mentioned steps C, D can also can certainly be carried out with S12 simultaneously after S12 before S12.
Method provided by the invention is being carried out the user when logining, and its place of preserving log file is an internal memory, because computing machine is when saving the data in internal memory; All are Random assignment memory headrooms, according to the work characteristics of internal memory, when the user releases login; Operating system can discharge all shared memory headrooms of this process automatically, and the memory headroom of preserving this log file certainly also can be discharged by operating system automatically, promptly deletes this log file automatically; So it has the protection account safety; Have safe advantage, and because the address of internal memory is Random assignment, so have no idea all to go to a fixing place to find your needed internal memory at every turn; So can't obtain this log file from fixing place, further improve security.And this method is being confirmed when under attack; Change the memory headroom of preserving this log file; So this method has the user when this webpage of operation or application program, is attacked immediately, this log file is owing to changed memory headroom; Can do not obtained this log file, so this method has further improved security by other people yet.
Embodiment one:
Present embodiment provides the method for user's login in a kind of internet; The technological scene that present embodiment is realized is: present embodiment provides method to entrust browser in local device, to carry out by server; Promptly this method is accomplished by local computer; The log file of present embodiment is an example with the Cookie file, and this method is as shown in Figure 2, specifically comprises the steps:
S21, after the user logins success, generate the Cookie file carry the account and password;
S22, in internal memory Random assignment one memory headroom;
S23, this Cookie file is kept in the memory headroom of distribution.
Need to prove that when S22 Random assignment memory headroom, the size of the memory headroom of its distribution is wanted to preserve this Cookie file; Be the size that the size in its storage allocation space was greater than or equaled this Cookie file, explain, if this Cookie file gets the big or small 1K that is with an instance; The size of the memory headroom that then distributes is greater than or equals 1K; Certainly in order to save internal memory, the size of preferentially selecting the storage allocation space is 1K.
The method that present embodiment provides is being carried out the user when logining, and its place of preserving the Cookie file is an internal memory, because computing machine is when saving the data in internal memory; All are Random assignment memory headrooms, according to the work characteristics of internal memory, when the user releases login; Operating system can discharge all shared memory headrooms of this process automatically, and the memory headroom of preserving this Cookie file certainly also can be discharged by operating system automatically, promptly deletes this Cookie file automatically; So it has the protection account safety; Have safe advantage, and because the address of internal memory is Random assignment, so have no idea all to go to a fixing place to find your needed internal memory at every turn; So can't obtain this Cookie file from fixing place, further improve security.
Embodiment two:
Present embodiment provides the method for user's login in a kind of internet, and the technological scene that present embodiment is realized is identical with the technological scene that embodiment one realizes, is not giving unnecessary details here.This method embodiment one the institute in steps outside, it can also comprise the steps: after S23
S24, after the access request that receives third-party Cookie file, in internal memory, distribute another shelf space again;
S25, this Cookie file is kept in another shelf space of distribution.
The method that present embodiment provides is after the access request that receives third-party Cookie file (being equivalent to receive attack); Change the memory headroom of preserving this Cookie file; So this method has the user when this webpage of operation or application program; Immediately by success attack, this Cookie file can not obtained this Cookie file by other people owing to changed memory headroom yet; So this method has further improved security.
Embodiment three:
Present embodiment provides the method for user's login in a kind of internet, and present embodiment is that with embodiment one different place present embodiment can also be kept at user's the browsing content of browsing record or user in the memory headroom of distribution when carrying out S23.Above-mentioned user browses record and specifically can be the record of browsing of: webpage; Can certainly be the operation note of application program; Can also be the state of current web page and state of user information or the like; Above-mentioned user's browsing content specifically can comprise: the web page contents of browsing, the content of the application program of browsing.The logical diagram of concrete accessed web page is as shown in Figure 3.
Present embodiment is not only preserved the Cookie file; Also preserve user's the browsing content of browsing record and user; So this method has not only been protected user's account and password, also protected user's the browsing content of browsing record and user, further improved security.
Embodiment four:
Present embodiment provides the method for user's login in a kind of internet; Present embodiment is with embodiment one different place, present embodiment when carrying out S23, can also be with the user browse recorded and stored in the memory headroom that distributes; Need to prove; Above-mentioned because user's browsing content does not belong to privacy information, so can certainly user's browsing content be kept at local cache, the logical diagram of present embodiment accessed web page is as shown in Figure 4.
The present invention also provides the system of user's login in a kind of internet, and this system is as shown in Figure 5, specifically can comprise:
Preserving unit 52 is kept at this log file in the internal memory of local device.
Optional, above-mentioned preservation unit 52 specifically can comprise:
Preserving module 522 is kept at this log file in the said memory headroom.
Optional, said system can also comprise:
Preserving unit 52 also is kept at said log file in said another shelf space.
Optional, above-mentioned preservation unit 52 also the user browse recorded and stored in the internal memory of local device, user's browsing content is kept at local cache; Or with the user browse record and user's browsing content is kept in the internal memory of local device.
Need to prove that above-mentioned login letter can comprise: the account and the password of user's login, this log file can be the Cookie file.
Need to prove that the system of user's login can be the system of individualism in this internet, can certainly be arranged in portable terminal, computing machine, the PDA that the present invention does not limit to the technological scene of this system's realization and the concrete equipment at this system place.
System provided by the invention is carrying out the user when logining, and its place of preserving log file is an internal memory, because computing machine is when saving the data in internal memory; All are Random assignment memory headrooms, according to the work characteristics of internal memory, when the user releases login; Operating system can discharge all shared memory headrooms of this process automatically, and the memory headroom of preserving this log file certainly also can be discharged by operating system automatically, promptly deletes this log file automatically; So it has the protection account safety; Have safe advantage, and because the address of internal memory is Random assignment, so have no idea all to go to a fixing place to find your needed internal memory at every turn; So can't obtain this log file from fixing place, further improve security.And this system is confirming when under attack; Change the memory headroom of preserving this log file; So this system has the user when this webpage of operation or application program, is attacked immediately, this log file is owing to changed memory headroom; Can do not obtained this log file, so this system has further improved security by other people yet.
It should be noted that among the said system embodiment that each included unit is just divided according to function logic, but is not limited to above-mentioned division, as long as can realize function corresponding; In addition, the concrete title of each functional unit also just for the ease of mutual differentiation, is not limited to protection scope of the present invention.
In addition; One of ordinary skill in the art will appreciate that all or part of step that realizes in the foregoing description method is to instruct relevant hardware to accomplish through program; Corresponding program can be stored in a kind of computer-readable recording medium; The above-mentioned storage medium of mentioning can be a ROM (read-only memory), disk or CD etc.
In sum, technical scheme provided by the invention has safe advantage.
The above is merely preferred embodiment of the present invention, not in order to restriction the present invention, all any modifications of within spirit of the present invention and principle, being done, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. the method for user's login in the internet is characterized in that said method comprises the steps:
After the user logins success, generate the log file that carries log-on message;
Said log file is kept in the internal memory of local device.
2. method according to claim 1 is characterized in that, the step in the said internal memory that said log file is kept at local device specifically comprises:
Random assignment one memory headroom is kept at this log file in the said memory headroom in the internal memory of local device.
3. method according to claim 1 is characterized in that, also comprises after the step of said method in the internal memory that said log file is kept at local device:
Confirm when under attack, in the internal memory of local device, distribute another shelf space again;
Said log file is kept in said another shelf space.
4. method according to claim 1 is characterized in that, said method also comprises after generation carries the step of log file of log-on message:
With the user browse recorded and stored in the internal memory of local device, user's browsing content is kept at local cache; Or
User's the browsing content of browsing record and user is kept in the internal memory of local device.
5. method according to claim 1 is characterized in that, said log-on message comprises: the account and the password of user's login, said log file is the Cookie file.
6. the system of user's login in the internet is characterized in that said system comprises:
Generation unit is used for after the user logins success, generates the log file that carries log-on message;
Preserve the unit, be used for said log file is kept in the internal memory of local device.
7. system according to claim 6 is characterized in that, said preservation unit specifically comprises:
Distribution module is used for internal memory Random assignment one memory headroom at local device;
Preserve module, be used for this log file is kept in the said memory headroom.
8. system according to claim 6 is characterized in that, said system also comprises:
Allocation units are used for confirming in the internal memory of local device, to distribute another shelf space again when under attack;
Said preservation unit also is used for said log file is kept in said another shelf space.
9. system according to claim 6 is characterized in that, said preservation unit also be used for the user browse recorded and stored in the internal memory of local device, user's browsing content is kept at local cache; Or with the user browse record and user's browsing content is kept in the internal memory of local device.
10. system according to claim 6 is characterized in that, said log-on message comprises: the account and the password of user's login, said log file is the Cookie file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010250363.2A CN102346823B (en) | 2010-08-03 | 2010-08-03 | The method and system that in a kind of internet, user logs in |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010250363.2A CN102346823B (en) | 2010-08-03 | 2010-08-03 | The method and system that in a kind of internet, user logs in |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102346823A true CN102346823A (en) | 2012-02-08 |
| CN102346823B CN102346823B (en) | 2016-02-03 |
Family
ID=45545495
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010250363.2A Active CN102346823B (en) | 2010-08-03 | 2010-08-03 | The method and system that in a kind of internet, user logs in |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102346823B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103685494A (en) * | 2013-12-05 | 2014-03-26 | 北京奇虎科技有限公司 | Method and device for recognizing Cookies and method and device clearing Cookies |
| CN103905497A (en) * | 2012-12-27 | 2014-07-02 | 腾讯科技(深圳)有限公司 | Method, device and application platform for realizing login of third-party application service website |
| CN104348612A (en) * | 2013-07-23 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Third-party website login method based on mobile terminal and mobile terminal |
| CN104683334A (en) * | 2015-02-11 | 2015-06-03 | 百度在线网络技术(北京)有限公司 | Method and device for processing logging data |
| CN105743700A (en) * | 2016-01-28 | 2016-07-06 | 北京量科邦信息技术有限公司 | Simulation login method based on APP (Application) native page |
| CN106856470A (en) * | 2015-12-09 | 2017-06-16 | 中国电信股份有限公司 | For the method and device of guarding network attack |
| CN106961420A (en) * | 2013-11-08 | 2017-07-18 | 北京奇虎科技有限公司 | The processing method and processing device of cookie information |
| CN110084024A (en) * | 2019-04-29 | 2019-08-02 | 四川长虹教育科技有限公司 | Terminal device, the system and method for software login are carried out based on movable storage device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101621498A (en) * | 2008-06-30 | 2010-01-06 | 成都市华为赛门铁克科技有限公司 | Method, device and equipment for defending against network attacks |
| CN101764841A (en) * | 2009-12-16 | 2010-06-30 | 中兴通讯股份有限公司 | Method and device for synchronizing user data |
-
2010
- 2010-08-03 CN CN201010250363.2A patent/CN102346823B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101621498A (en) * | 2008-06-30 | 2010-01-06 | 成都市华为赛门铁克科技有限公司 | Method, device and equipment for defending against network attacks |
| CN101764841A (en) * | 2009-12-16 | 2010-06-30 | 中兴通讯股份有限公司 | Method and device for synchronizing user data |
Non-Patent Citations (1)
| Title |
|---|
| 郑志勇: "攻防课堂之挖掘小甜饼", 《电脑迷》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103905497A (en) * | 2012-12-27 | 2014-07-02 | 腾讯科技(深圳)有限公司 | Method, device and application platform for realizing login of third-party application service website |
| US9794242B2 (en) | 2012-12-27 | 2017-10-17 | Tencent Technology (Shenzhen) Company Limited | Method, apparatus and application platform for realizing logon to an application service website |
| CN103905497B (en) * | 2012-12-27 | 2018-04-27 | 腾讯科技(深圳)有限公司 | Realize the method, apparatus and application platform of third-party application business website log |
| CN104348612A (en) * | 2013-07-23 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Third-party website login method based on mobile terminal and mobile terminal |
| CN106961420A (en) * | 2013-11-08 | 2017-07-18 | 北京奇虎科技有限公司 | The processing method and processing device of cookie information |
| CN103685494A (en) * | 2013-12-05 | 2014-03-26 | 北京奇虎科技有限公司 | Method and device for recognizing Cookies and method and device clearing Cookies |
| CN104683334A (en) * | 2015-02-11 | 2015-06-03 | 百度在线网络技术(北京)有限公司 | Method and device for processing logging data |
| CN106856470A (en) * | 2015-12-09 | 2017-06-16 | 中国电信股份有限公司 | For the method and device of guarding network attack |
| CN105743700A (en) * | 2016-01-28 | 2016-07-06 | 北京量科邦信息技术有限公司 | Simulation login method based on APP (Application) native page |
| CN110084024A (en) * | 2019-04-29 | 2019-08-02 | 四川长虹教育科技有限公司 | Terminal device, the system and method for software login are carried out based on movable storage device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102346823B (en) | 2016-02-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102346823A (en) | User logging method and system in internet | |
| US10270758B2 (en) | Login method, server, and login system | |
| TWI687113B (en) | Method and server for determining whether the terminal logging in to the website is a mobile terminal | |
| CN104283843B (en) | A kind of method, apparatus and system that user logs in | |
| CN113347206B (en) | Network access method and device | |
| CN102857484B (en) | A kind of method, system and device realizing single-sign-on | |
| US10607016B2 (en) | Decrypting files for data leakage protection in an enterprise network | |
| TWI671642B (en) | Method for sharing data across applications and web browser | |
| Tsai et al. | Information security issue of enterprises adopting the application of cloud computing | |
| CN102413151B (en) | Network resource sharing method and system | |
| US9203815B1 (en) | Systems and methods for secure third-party data storage | |
| CN109756337B (en) | Secure access method and device for service interface | |
| CN102420836A (en) | Sign-on method and sign-on management system for service information system | |
| Singh et al. | Overview of security issues in cloud computing | |
| US20180198675A1 (en) | Techniques for accessing logical networks via a virtualized gateway | |
| US9021578B1 (en) | Systems and methods for securing internet access on restricted mobile platforms | |
| Kumar | Cloud computing: threats, attacks and solutions | |
| CN106919348A (en) | Distributed memory system and storage method that anti-violence is cracked | |
| CN104426834A (en) | Webpage requesting method, client, server and system | |
| CN106685906B (en) | authentication processing method, node and system | |
| US10356112B2 (en) | Method of mitigating cookie-injection and cookie-replaying attacks | |
| KR101459261B1 (en) | Apparatus and Method for Switching Browser Automatically in a Logical Network Separation | |
| Suthar et al. | Encryscation: An secure approach for data security using encryption and obfuscation techniques for iaas and daas services in cloud environment | |
| CN103957252A (en) | Method and system for obtaining log of cloud storage system | |
| CN105893862A (en) | Browser cache data protection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |