CN102571701A - Access method, device and system for security certification site - Google Patents
Access method, device and system for security certification site Download PDFInfo
- Publication number
- CN102571701A CN102571701A CN2010106005227A CN201010600522A CN102571701A CN 102571701 A CN102571701 A CN 102571701A CN 2010106005227 A CN2010106005227 A CN 2010106005227A CN 201010600522 A CN201010600522 A CN 201010600522A CN 102571701 A CN102571701 A CN 102571701A
- Authority
- CN
- China
- Prior art keywords
- safety certification
- website
- terminal
- information
- certification website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides an access method, device and system for a security certification site. The access method comprises the following steps of: receiving an HTTP (HyperText Transfer Protocol) access request which is transmitted by a terminal and comprises security certification site information to be accessed; acquiring certification configuration information adapted to a certification requirement of the security certification site according to the security certification site information; generating a certification request according to the certification configuration information and transmitting the certification request to the security certification site; and establishing a security channel after the certification between every two security certification sites according to the certification request is succeeded and carrying out information interaction between the terminal and the security certification site through the security channel. According to the access method, device and system disclosed by the invention, a standard HTTP protocol is required to be supported without basic transformation when the terminal accesses to the security certification site, so that the expandability is improved.
Description
Technical field
The present invention relates to the data service field, be specifically related to a kind of access method, Apparatus and system of safety certification website.
Background technology
Along with the enhancing of mobile phone terminal ability and the development of Internet service; Surfing Internet with cell phone the user constantly increase; And also develop rapidly of electronic commerce affair such as Web bank, shopping online; Major part is served the provider visit such as WWW/WAP page channel all is provided, and makes through the mobile device access internet and to carry out the demand of miscellaneous service more and more.Safety encipher when shopping online at present and Web bank etc. serve the provider and all used user capture is technological, is used to protect safety of user information.The realization of these safety enciphers technology needs the support of user terminal with collaborative, with serve the provider and carry out alternately based on comparatively complicated general or privately owned security protocol.
As, be in the one Chinese patent application file of " 200910087630.6 " at application number, announced a kind of safety certification service platform system, apparatus and method based on portable terminal.Safety certification service platform system in this scheme; Comprise portable terminal, network application system and safety certification service platform device; Be used to receive safety certification request, safety certification request person's identity carried out verification, and the safety certification content is verified from network application system; Checksum validation through after safety certification request submitted to portable terminal carry out digital signature, and the portable terminal digital signature is verified; The checking through after digital signature result and timestamp are returned to network application system.Wherein, this safety certification service platform device comprises signature server, signature service application gateway, service mobile phone gateway and ca authentication center.Concrete authentication method comprises: the interface module of network application system is submitted secure authenticated information to signature server; Signature server carries out proof of identity, and the ca authentication center is verified its certificate, submits to client to carry out digital signature through back service mobile phone gateway; After client is received safety certification request,, take out the private key line of numbers signature of going forward side by side, the result of signature is submitted to signature server according to content input private key password; After the signature server checking is passed through, timestamp and result are submitted to application gateway; Interface module is received back informing network application system execution transaction, and safety certification process finishes.Wherein " checksum validation through after safety certification request submitted to portable terminal carry out digital signature ", content such as " after client receives safety certification request; according to content input private key password; take out the private key line of numbers signature of going forward side by side; the result that will sign submits to signature server " needs client to realize technology such as digital signature, public and private key encryption, main flow mobile phone terminal on the present market and browser can't be realized without transformation; For in this patent application " the checking through after digital signature result and timestamp are returned to network application system " description content; Authentication, the cipher mode that adopts because of the existing system on the Internet market (the general encryption technology of the employing W3C that has that has nothing in common with each other; The plug-in unit encryption technology that the employing that has is proprietary); Network application system is satisfied supports to the designation number signature algorithm and the mode that adopts this patent application must be wanted; Can conclude the business, the method that promptly requires server to be directed against this invention description is transformed.
This shows that existing Security Authentication Service scheme based on the terminal all needs each service provider to support the transformation of this scheme, and require portable terminal need support the mutual of safety certification function.Yet existing mobile phone terminal is handled the scarce capacity of safety encipher technology, and most of mobile phone browser all adopts the http protocol access websites of standard, does not support the interaction process of the HTTPS page; In addition, proprietary plug-in unit need be installed in a lot of professional websites (like Internet bank website) on client, and these proprietary plug-in units only can be installed on some particular browser on the PC, have limited the visit of portable terminal to e-commerce website to a greater degree.So existing Security Authentication Service plan hard based on the terminal is applicable to that extensibility is relatively poor because of hardware and/or the limited terminal of not supporting Security Authentication Service of software.
Summary of the invention
First purpose of the present invention is the access method that proposes the strong safety certification website of a kind of autgmentability.
Second purpose of the present invention is the access means that proposes the strong safety certification website of a kind of autgmentability.
The 3rd purpose of the present invention is the access system that proposes the strong safety certification website of a kind of autgmentability.
For realizing above-mentioned first purpose, the invention provides a kind of access method of safety certification website, comprising: the HTTP access request that comprises safety certification site information to be visited that receiving terminal sends; Obtain according to the safety certification site information and to be used for the authenticated configuration information adaptive with the authentication requesting of safety certification website; And generate authentication request, and authentication request is sent to the safety certification website according to authenticated configuration information; After the safety certification website is according to authentication request and safety certification website authentication success, set up escape way, terminal and safety certification website carry out information interaction through escape way.
For realizing above-mentioned second purpose, the invention provides a kind of access means of safety certification website, comprising: receiver module is used for the HTTP access request that comprises safety certification site information to be visited that receiving terminal sends; First processing module is used for obtaining according to the safety certification site information and is used for the authenticated configuration information adaptive with the authentication requesting of safety certification website; And generate authentication request, and authentication request is sent to the safety certification website according to authenticated configuration information; Second processing module is used for after the safety certification website is according to authentication request and safety certification website authentication success, sets up the escape way that is used for terminal and safety certification website information interaction.
For realizing above-mentioned the 3rd purpose, the invention provides a kind of access system of safety certification website, comprising: gateway is used to transmit the HTTP access request that comprises safety certification site information to be visited that send at the terminal; The access means of safety certification website is used for obtaining according to the safety certification site information of the HTTP access request of gateway forwards and is used for the authenticated configuration information adaptive with the authentication requesting of safety certification website; And according to authenticated configuration information generation authentication request; And authentication request is sent to the safety certification website; And after the safety certification website is according to authentication request and safety certification website authentication success, set up the escape way that is used for terminal and safety certification website information interaction.
Among each embodiment of the present invention; Through obtaining authenticated configuration information; And then generation and the adaptive authentication request of safety certification website carry out authentication operation, when having realized terminal access safety certification website, need not carry out basis transformation; Only need the http protocol of support standard to get final product, improve extensibility.
Description of drawings
Accompanying drawing is used to provide further understanding of the present invention, and constitutes the part of specification, is used to explain the present invention in the lump with embodiments of the invention, is not construed as limiting the invention.In the accompanying drawings:
Fig. 1 is embodiment one flow chart of the access method of safety certification website of the present invention;
Fig. 2 is the access method and system implementation example two signaling diagrams of safety certification website of the present invention;
Fig. 3 is the example structure figure of the access means of safety certification website of the present invention;
Fig. 4 is the example structure figure of the access system of safety certification website of the present invention.
Embodiment
Below in conjunction with accompanying drawing the preferred embodiments of the present invention are described, should be appreciated that preferred embodiment described herein only is used for explanation and explains the present invention, and be not used in qualification the present invention.
Method embodiment
Fig. 1 is embodiment one flow chart of the access method of safety certification website of the present invention.As shown in Figure 1, present embodiment comprises:
Step 102: the HTTP access request that comprises safety certification site information to be visited that receiving terminal sends;
Step 104: obtain according to the safety certification site information and to be used for the authenticated configuration information adaptive with the authentication requesting of safety certification website; And generate authentication request, and authentication request is sent to the safety certification website according to authenticated configuration information;
Step 106: after the safety certification website is according to authentication request and safety certification website authentication success, set up escape way, terminal and safety certification website carry out information interaction through escape way.
Present embodiment is through obtaining authenticated configuration information; And then generation and the adaptive authentication request of safety certification website carry out authentication operation, when having realized terminal access safety certification website, need not carry out basis transformation; Only need the http protocol of support standard to get final product, improve extensibility.
Fig. 2 is embodiment two flow charts of the access method of safety certification website of the present invention.The terminal is the example explanation that makes an explanation with the portable terminal in the present embodiment; It will be appreciated by those skilled in the art that; The terminal can be multiple portable terminal in the various embodiments of the present invention; Comprise intelligence and non intelligent mobile phone, mobile communication equipment (MID) of keyboard-type, touch-screen etc., can also comprise other-end, like computer.As shown in Figure 2, comprising:
Step 201, portable terminal utilize the module of browsing that carries to comprise the safety certification site information to be visited and the HTTP access request of end message to the internet gateway submission according to user's operation; Step 202, gateway is transmitted to the authentication transcoding server with the HTTP access request;
Step 203; The authentication transcoding server is according to the configuration information of the end message in this HTTP access request to this portable terminal of end message library inquiry; The display requirement at this configuration information and this terminal is adaptive, includes but not limited to terminal screen resolution, operating system version etc.; It will be understood by those skilled in the art that when concrete operations the configuration information at each terminal also can be pre-stored in this authentication transcoding server;
Step 204, the end message storehouse returns to the authentication transcoding server with this terminal detailed configuration information; Step 205, the authentication transcoding server customizes the data format that this terminal is supported according to the configuration information at this terminal that obtains, and promptly confirms the data customization form to this terminal transmits information; As through knowing terminal resolution, the authentication transcoding server can be confirmed the data converted form, so that terminal bandwagon effect preferably;
Step 206, authentication transcoding server be to the safety certification repository inquiry adaptive authenticated configuration information of authentication requesting with safety certification website to be visited, authentication mode of supporting like this safety certification website and type etc.; It will be understood by those skilled in the art that when concrete operations the authenticated configuration information of each safety certification website also can be pre-stored in this authentication transcoding server;
Step 207, the safety certification repository returns to the authentication transcoding server with authenticated configuration information;
Step 208, the authentication transcoding server generates authentication request according to the authenticated configuration information of obtaining; For example carry out alternately with gmail.com, obtaining its authenticated configuration information is measured " TLS v1.0128bitARC4 (1024bit RSA/SHA) ", and then the authentication transcoding server will carry out the authentication request based on TLSV1.0/ARC4 according to this configuration information;
Step 209, the authentication transcoding server sends authentication request to the safety certification website, sends to the safety certification website;
Step 210; The safety certification website is according to self type of supporting (like TLS or own plug-in unit form); Return the authentication information (including but not limited to certificate and AES etc.) of website to the authentication transcoding server; For example: safety certification website gmail is to the version number that transcoding server transmits ssl protocol, the kind of AES, random number, self certificate and other relevant information;
Step 211, authentication transcoding server are verified like certificate authentication information, set up the bidirectional safe passage with the safety certification website; As; TLS authentication mode to safety certification website gmail.com employing; Transcoding server utilizes gmail.com to pass the legitimacy of the Information Authentication gmail.com that comes, and the legitimacy of safety certification website comprises: whether certificate is expired, and whether the CA of issued certificate is reliable; Can the Public key of publisher's certificate correct Solution open L/C " digital signature of publisher " of book, and whether the domain name on the certificate is complementary with the actual domain name of safety certification website.If legitimate verification does not pass through, communication will be broken off; If legitimate verification passes through, the authentication transcoding server will be accomplished bipartite secure authenticated channel foundation with interactive step safety certification website gmail.com through a series of, and indicate the communication key that subsequent communications adopts according to the AES that receives;
It will be appreciated by those skilled in the art that; During concrete operations; Can directly after the safety certification website is according to authentication request and authentication transcoding server authentication success, set up this escape way, in the step 210-step 211, the authentication transcoding server is verified authentication information; And in escape way, carry out coded communication, be preferred version; Step 210-step 211 is mainly used in has explained the verification process of authentication transcoding server to the safety certification website; Setting up escape way, as, the authentication transcoding server is as the authentication of client to Web bank's website; During concrete operations; Can also comprise the verification process of safety certification website, accomplish verification process as the portable terminal agency, repeat no more by the authentication transcoding server to the authentication transcoding server;
Step 212, the authentication transcoding server returns to gateway with authentication result through the HTTP mode; Particularly, the authentication transcoding server carries out adaptation processing according to established data custom formats in the step 205 (being the data format that the terminal is supported) with the content that the safety certification website returns, and converts the http protocol content to;
Operation in the step 212 mainly is because verification process is to accomplish between authentication transcoding server and safety certification website; Authentication result is transparent to gateway and portable terminal fully; The authentication result here is the response to the HTTP access request; For example: the data customization form customization according to user terminal is supported represents the gmail.com homepage;
Step 213, gateway is transmitted to portable terminal through the HTTP mode with responses such as authentication results;
Above-mentioned steps 201 to 213 is the request of authentication transcoding server according to the terminal, sets up the process of escape way with the safety certification website; Based on this escape way, can realize that various terminals and safety certification website carry out security authentication process and carry out follow-up interaction flow, have improved the extensibility based on terminal access safety certification website;
Step 214; Portable terminal is browsed module through request (abbreviation access request or the visit information of HTTP mode with the access security website through what carry; This access request is the visit of request actual content; This access request comprises and is not limited to Post request that the user imports usemame/password carrying out authentification of user based on the escape way of setting up, and follow-up and the accessing page request internet authentication website, submits to gateway;
Step 215, gateway is transmitted to the authentication transcoding server with access request;
Step 216, authentication transcoding server utilize the key of confirming in the step 211 that access request is encrypted, and submit to the safety certification website, and both sides set up the bidirectional data interaction passage;
It will be understood by those skilled in the art that the cryptographic operation in the step 216 is the preferred version corresponding to step 210-step 211;
Step 217, the authentication transcoding server carries out adaptation processing according to established data custom formats in the step 205 (being the data format that the terminal is supported) with the content that the safety certification website returns, and converts the http protocol content to; Concrete as; The WWW page is done element filter and the processing of setting type again, be converted into the form that mobile phone is easy to represent, for example: if portable terminal is to JavaScript, Flash; Elements such as Gif picture are not supported; Then the authentication transcoding server filters out these elements, and carries out the work such as adjustment, literal reset of picture size according to the screen width of portable terminal, and the content that will handle converts http response into and sends to browser of mobile terminal;
It will be appreciated by those skilled in the art that; Realized the adaptive of content that the safety certification website returns and terminal display requirement according to step 205 established data custom formats in the step 217, like this, safety certification website (being the Internet service provider) need not with each terminal suitable; Further improved extensibility based on terminal access safety certification website; So step 217 is a preferred version, correspondingly, step 203-205 also is a preferred version;
Step 218, the content after the authentication transcoding server will be changed sends to gateway;
Step 219, gateway returns to portable terminal through the HTTP mode with content of pages; Through the repetitive operation of step 213 to step 219, accomplish repeatedly access to content and the interactive operation of portable terminal A to safety certification website B.
Present embodiment obtains authenticated configuration information through the service of authentication transcoding; And then generation and the adaptive authentication request of safety certification website are carried out authentication operation; When having realized terminal access safety certification website; Need not carry out basis transformation, only need the http protocol of support standard to get final product, improve extensibility; Simultaneously; Obtain the configuration information at terminal through the service of authentication transcoding; And then according to the information such as data customization form return authentication result adaptive with the terminal display requirement; It is adaptive to have realized that the safety certification website need not customize because of the restriction at terminal yet, can continue to use original authentication mechanism, further improves extensibility.
Device embodiment
Fig. 3 is the example structure figure of the access means of safety certification website of the present invention.Each method embodiment shown in Fig. 1 and 2 all can be applicable to present embodiment.Present embodiment comprises: receiver module 30 is used for the HTTP access request that comprises safety certification site information to be visited that receiving terminal sends; First processing module 32 is used for obtaining according to the safety certification site information and is used for the authenticated configuration information adaptive with the authentication requesting of safety certification website; And generate authentication request, and authentication request is sent to the safety certification website according to authenticated configuration information; Second processing module 34 is used for after the safety certification website is according to authentication request and safety certification website authentication success, sets up the escape way that is used for terminal and safety certification website information interaction.The access means that it will be understood by those skilled in the art that the safety certification website of present embodiment is appreciated that and is the authentication transcoding server among Fig. 2.
During concrete operations, the access means of this safety certification website can also comprise: acquisition module 36 is used for obtaining the configuration information adaptive with the display requirement at terminal according to the end message of HTTP access request; Data format module 38 is used for confirming the data customization form to terminal transmits information according to configuration information.
This second processing module 34 can also comprise:
First passage submodule 342 is used for after the safety certification website is according to authentication request and safety certification website authentication success, setting up escape way;
The first mutual submodule 344, the format conversion of the return information that is used for the safety certification website is transmitted through this escape way is the data customization form, and the return information after will changing is sent to the terminal through this escape way;
Second channel submodule 346 is used to receive the authentication information (including but not limited to AES, certificate etc.) that the safety certification website sends according to authentication request; To authentication information, verify like certificate, and confirm communication key according to AES, set up the bidirectional safe passage with the safety certification website;
The second mutual submodule 348, being used for the format conversion of safety certification website through the return information of this bidirectional safe channel transfer is the data customization form, and the return information after will changing is sent to the terminal through this bidirectional safe passage; Be used for the visit information of receiving terminal, and visit information encrypted, and the visit information after will encrypting is sent to the safety certification website according to adding communication key through this bidirectional safe channel transfer.
It will be appreciated by those skilled in the art that; The second channel submodule 346 and the second mutual submodule 348 are respectively the preferred operations module of the first passage submodule 342 and the first mutual submodule 344; Can operate by the first passage submodule 342 and the first mutual submodule 344 during concrete operations; Perhaps operate, can also be provided with and select module (figure does not show) to be used for selecting to operate or operate by the second channel submodule 346 and the second mutual submodule 348 by the first passage submodule 342 and the first mutual submodule 344 by the second channel submodule 346 and the second mutual submodule 348.
The present embodiment through safety certification access means of website is connected with the safety certification website as TSM Security Agent; First processing module 32 is obtained and is used for the authenticated configuration information adaptive with the authentication requesting of safety certification website; And then the generation authentication request is carried out safety certification to set up escape way; Solved the terminal cause because of performance is not enough can't access security authentication website problem, promoted extensibility; Realize coded communication through the second channel submodule 346 and the second mutual submodule 348 simultaneously; Further improve the fail safe of communication; In addition; Realized that through acquisition module 36 and data format module 38 basis and the adaptive data format in terminal are information such as terminal return authentication result and accessed content, realized carrying out content customization, further promoted extensibility to the ability at terminal.
System embodiment
Fig. 4 is the example structure figure of the access system of safety certification website of the present invention.Each method embodiment shown in Fig. 1 and 2 all can be applicable to present embodiment.Present embodiment comprises: gateway 40 is used to transmit the HTTP access request that comprises safety certification site information to be visited that send at the terminal; The access means 42 of safety certification website is used for obtaining according to the safety certification site information of the HTTP access request of gateway forwards and is used for the authenticated configuration information adaptive with the authentication requesting of safety certification website; And according to authenticated configuration information generation authentication request; And authentication request is sent to the safety certification website; And after the safety certification website is according to authentication request and safety certification website authentication success; Foundation is used for the escape way of terminal and safety certification website information interaction, carries out the information interaction between terminal and safety certification website.
During concrete operations; The access system of this safety certification website can also comprise: end message storehouse 44; Be used to store the configuration information adaptive, and, configuration information be sent to access means 42 according to the query requests that access means 42 is sent with the display requirement at terminal; Confirm the data customization form to terminal transmits information, this configuration information can comprise the operating system version, screen resolution, network transmission protocol support at terminal etc.; Authenticated configuration storehouse 46; Be used for the authentication storage configuration information; And, authenticated configuration information being sent to access means 42 according to the request of obtaining that access means 42 is sent, this authenticated configuration information comprises authentication mode, type and the authentication mechanism etc. that the safety certification website is supported.
Wherein, gateway 40 is the gateway commonly used that is connected with the terminal, like the gateway that is connected with portable terminal, accomplishes that terminal models is obtained, the functions such as encoding and decoding of protocol conversion, internet site's content, and the secure communication at guarantee and terminal;
The access means 42 of safety certification website (authentication authorization and accounting transcoding server) is as TSM Security Agent; Receive the also interactive request of response gateway on the one hand; As virtual terminal, pseudo-terminal and safety certification website are set up secure link on the other hand, realize the secure communication with the safety certification website; During concrete operations; The access means 42 of this safety certification website can comprise terminal adaptation module 422 (being equivalent to acquisition module 36 and data format module 38 among Fig. 3) and secure link module 424 (being equivalent to first processing module 32 among Fig. 3); Wherein, the HTTP access request of terminal adaptation module 422 receiving terminals is through setting up the terminal matched rule; The detailed ability and the configuration information of inquiry terminal in end message storehouse 44; Confirm the adaptive mode at terminal, for example set type and optimize to the terminal of different resolution, to terminal capability more weak web page element filtration etc. is provided; Secure link module 424 is according to the safety certification website of being visited in the HTTP access request, and query safe authenticated configuration storehouse 46 obtains the authenticated configuration information of mutual safety certification website, and then generates authentication request and carry out authentication operation.The access means 42 that it will be understood by those skilled in the art that the safety certification website can integratedly be provided with gateway 40.
The present invention through safety certification access means 42 of website realizes terminal access safety certification website with the TSM Security Agent mode; Realized not doing under the situation of infrastructure rebuilding at the terminal; Solve because of limited by terminal capability, problem that can't access security authentication website has improved extensibility; Simultaneously, 42 pairs of terminal display requirements of the access means of safety certification website are adaptive, realized not doing under the situation of infrastructure rebuilding at the safety certification website, satisfy the terminal display requirement, further improved extensibility.
What should explain at last is: more than be merely the preferred embodiments of the present invention; Be not limited to the present invention; Although the present invention has been carried out detailed explanation with reference to previous embodiment; For a person skilled in the art, it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (11)
1. the access method of a safety certification website is characterized in that, comprising:
The HTTP access request that comprises safety certification site information to be visited that receiving terminal sends;
Obtain according to said safety certification site information and to be used for the authenticated configuration information adaptive with the authentication requesting of said safety certification website; And generate authentication request, and said authentication request is sent to said safety certification website according to said authenticated configuration information;
After said safety certification website is according to said authentication request and said safety certification website authentication success, set up escape way, said terminal and said safety certification website carry out information interaction through said escape way.
2. the access method of safety certification website according to claim 1 is characterized in that, after the step of the HTTP access request that comprises safety certification site information to be visited that said receiving terminal sends, also comprises:
Obtain the configuration information adaptive according to the end message in the said HTTP access request with the display requirement at said terminal;
Confirm data customization form according to said configuration information to said terminal transmits information.
3. the access method of safety certification website according to claim 2 is characterized in that, said terminal and said safety certification website comprise through the step that said escape way carries out information interaction:
The format conversion of the return information that said safety certification website is transmitted through said escape way is said data customization form, and the return information after will changing is sent to said terminal through said escape way.
4. require the access method of each described safety certification website among the 1-3 according to aforesaid right; It is characterized in that; Said after said safety certification website is according to said authentication request and said safety certification website authentication success, the step of setting up escape way comprises:
Receive AES and certificate that said safety certification website sends according to said authentication request;
Said certificate is verified, and confirmed communication key, set up the bidirectional safe passage with said safety certification website according to said AES.
5. the access method of safety certification website according to claim 4 is characterized in that, said terminal and said safety certification website comprise through the step that said escape way carries out information interaction:
Receive the visit information of said terminal, and said visit information is encrypted, and the visit information after will encrypting is sent to said safety certification website through said bidirectional safe passage according to said communication key through said bidirectional safe channel transfer.
6. the access means of a safety certification website is characterized in that, comprising:
Receiver module is used for the HTTP access request that comprises safety certification site information to be visited that receiving terminal sends;
First processing module is used for obtaining according to said safety certification site information and is used for the authenticated configuration information adaptive with the authentication requesting of said safety certification website; And generate authentication request, and said authentication request is sent to said safety certification website according to said authenticated configuration information;
Second processing module is used for after said safety certification website is according to said authentication request and said safety certification website authentication success, sets up the escape way that is used for said terminal and said safety certification website information interaction.
7. the access means of safety certification website according to claim 6 is characterized in that, also comprises:
Acquisition module is used for obtaining the configuration information adaptive with the display requirement at said terminal according to the end message of said HTTP access request;
The data format module is used for confirming the data customization form to said terminal transmits information according to said configuration information.
8. the access means of safety certification website according to claim 7 is characterized in that, said second processing module comprises:
The first passage submodule is used for after said safety certification website is according to said authentication request and said safety certification website authentication success, setting up escape way;
The first mutual submodule, the format conversion of the return information that is used for said safety certification website is transmitted through said escape way is said data customization form, and the return information after will changing is sent to said terminal through said escape way.
9. according to the access means of claim 7 or 8 described safety certification websites, it is characterized in that said second processing module comprises:
The second channel submodule is used to receive AES and the certificate that said safety certification website sends according to said authentication request; Said certificate is verified, and confirmed communication key, set up the bidirectional safe passage with said safety certification website according to said AES;
The second mutual submodule, being used for the format conversion of said safety certification website through the return information of said bidirectional safe channel transfer is said data customization form, and the return information after will changing is sent to said terminal through said bidirectional safe passage; Be used to receive the visit information of said terminal, and said visit information encrypted, and the visit information after will encrypting is sent to said safety certification website through said bidirectional safe passage according to said communication key through said bidirectional safe channel transfer.
10. the access system of a safety certification website is characterized in that, comprising:
Gateway is used to transmit the HTTP access request that comprises safety certification site information to be visited that send at the terminal;
The access means of safety certification website is used for obtaining according to the safety certification site information of the HTTP access request of said gateway forwards and is used for the authenticated configuration information adaptive with the authentication requesting of said safety certification website; And according to said authenticated configuration information generation authentication request; And said authentication request is sent to said safety certification website; And after said safety certification website is according to said authentication request and said safety certification website authentication success, set up the escape way that is used for said terminal and said safety certification website information interaction.
11. the access system of safety certification website according to claim 10 is characterized in that, also comprises:
The end message storehouse is used to store the configuration information adaptive with the display requirement at said terminal, and according to the query requests that said access means is sent, said configuration information is sent to said access means, confirms the data customization form to said terminal transmits information;
The authenticated configuration storehouse is used to store said authenticated configuration information, and according to the request of obtaining that said access means is sent, said authenticated configuration information is sent to said access means.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010600522.7A CN102571701B (en) | 2010-12-16 | 2010-12-16 | The access method of security certification site, Apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010600522.7A CN102571701B (en) | 2010-12-16 | 2010-12-16 | The access method of security certification site, Apparatus and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102571701A true CN102571701A (en) | 2012-07-11 |
| CN102571701B CN102571701B (en) | 2015-12-16 |
Family
ID=46416189
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010600522.7A Active CN102571701B (en) | 2010-12-16 | 2010-12-16 | The access method of security certification site, Apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102571701B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017088396A1 (en) * | 2015-11-27 | 2017-06-01 | 乐视控股(北京)有限公司 | Video service providing method, access authentication method, server, and system |
| CN112003702A (en) * | 2020-07-08 | 2020-11-27 | 武汉旷视金智科技有限公司 | Authentication method, authentication device, electronic equipment, computer storage medium and authentication system |
| CN112584156A (en) * | 2020-11-18 | 2021-03-30 | 卓旺(安徽)航空科技产业股份有限公司 | Transcoding 4K video algorithm based on 2K video data deep learning |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1310526A (en) * | 2001-04-06 | 2001-08-29 | 北京网警创新信息安全技术有限公司 | Illegal network activity intercepting, monitoring, tracing, evidence collecting and emergency reacting system and method |
| US20030115142A1 (en) * | 2001-12-12 | 2003-06-19 | Intel Corporation | Identity authentication portfolio system |
| CN1549493A (en) * | 2003-05-23 | 2004-11-24 | 联想(北京)有限公司 | Network safety system of computer network and controlling method thereof |
| CN1575579A (en) * | 2001-10-23 | 2005-02-02 | 英特尔公司 | Selecting a security format conversion for wired and wireless devices |
| CN101175234A (en) * | 2006-10-31 | 2008-05-07 | 报联新动力(北京)科技有限公司 | System and method for implementing data propelling movement by mobile information terminal |
| CN101312437A (en) * | 2007-05-21 | 2008-11-26 | 中国移动通信集团公司 | Mobile proxy server, interaction system and method |
| CN101447999A (en) * | 2008-10-31 | 2009-06-03 | 神州数码金程(北京)科技有限公司 | Security exchange system and realization method thereof |
| CN101447862A (en) * | 2008-10-31 | 2009-06-03 | 神州数码金程(北京)科技有限公司 | Security exchange system and security exchange method thereof |
| CN101883084A (en) * | 2009-05-04 | 2010-11-10 | 李新宇 | Method, adaptor and adaptor system for adapting to network service communication, |
-
2010
- 2010-12-16 CN CN201010600522.7A patent/CN102571701B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1310526A (en) * | 2001-04-06 | 2001-08-29 | 北京网警创新信息安全技术有限公司 | Illegal network activity intercepting, monitoring, tracing, evidence collecting and emergency reacting system and method |
| CN1575579A (en) * | 2001-10-23 | 2005-02-02 | 英特尔公司 | Selecting a security format conversion for wired and wireless devices |
| US20030115142A1 (en) * | 2001-12-12 | 2003-06-19 | Intel Corporation | Identity authentication portfolio system |
| CN1549493A (en) * | 2003-05-23 | 2004-11-24 | 联想(北京)有限公司 | Network safety system of computer network and controlling method thereof |
| CN101175234A (en) * | 2006-10-31 | 2008-05-07 | 报联新动力(北京)科技有限公司 | System and method for implementing data propelling movement by mobile information terminal |
| CN101312437A (en) * | 2007-05-21 | 2008-11-26 | 中国移动通信集团公司 | Mobile proxy server, interaction system and method |
| CN101447999A (en) * | 2008-10-31 | 2009-06-03 | 神州数码金程(北京)科技有限公司 | Security exchange system and realization method thereof |
| CN101447862A (en) * | 2008-10-31 | 2009-06-03 | 神州数码金程(北京)科技有限公司 | Security exchange system and security exchange method thereof |
| CN101883084A (en) * | 2009-05-04 | 2010-11-10 | 李新宇 | Method, adaptor and adaptor system for adapting to network service communication, |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017088396A1 (en) * | 2015-11-27 | 2017-06-01 | 乐视控股(北京)有限公司 | Video service providing method, access authentication method, server, and system |
| CN112003702A (en) * | 2020-07-08 | 2020-11-27 | 武汉旷视金智科技有限公司 | Authentication method, authentication device, electronic equipment, computer storage medium and authentication system |
| CN112003702B (en) * | 2020-07-08 | 2023-12-26 | 武汉旷视金智科技有限公司 | Authentication method, authentication device, electronic equipment, computer storage medium and authentication system |
| CN112584156A (en) * | 2020-11-18 | 2021-03-30 | 卓旺(安徽)航空科技产业股份有限公司 | Transcoding 4K video algorithm based on 2K video data deep learning |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102571701B (en) | 2015-12-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11777911B1 (en) | Presigned URLs and customer keying | |
| AU2002251480B2 (en) | Terminal communication system | |
| CN103380592B (en) | Method, server and system for personal authentication | |
| JP4808903B2 (en) | Method for digitally signing a document using a personal computer and a personal terminal device | |
| CN105556894A (en) | Network connection automation | |
| WO2013101358A1 (en) | System and method for secure network login | |
| CN101527634B (en) | System and method for binding account information with certificates | |
| CN101206741B (en) | System and method for processing mobile security payment | |
| CN102045715B (en) | Method, device and system for realizing mobile signature | |
| WO2009094949A1 (en) | Creditable remote service method and system | |
| CN102571701B (en) | The access method of security certification site, Apparatus and system | |
| KR20040083272A (en) | Method and System for Authentication of User on Web and/or Wireless Network by Using Mobile Terminal Loaded a Challenge/Response Based Mobile One-Time Password Module | |
| CN104767740A (en) | User platform credible authentication and access method | |
| JP5630245B2 (en) | Accreditation information verification apparatus, accreditation information verification program, accreditation information verification system, and accreditation information verification method | |
| KR20130078842A (en) | Recording medium, server for 2-factor authentication use of image code and one time password | |
| KR102001891B1 (en) | Method providing user authentication service, web server and user terminal | |
| CN105187356A (en) | Method and system for verifying identity of website user | |
| Feifei | Research on security of mobile payment model based on trusted third party | |
| Chen et al. | Applications of multi-channel safety authentication protocols in wireless networks | |
| KR20130093793A (en) | Recording medium, method and system for log-in confirmation use of image code | |
| CN108234136B (en) | A kind of safety access method, terminal device and system | |
| TWI475866B (en) | An authentication method of a chain structure | |
| CN116318776A (en) | Digital identity login method, device, computer equipment and storage medium | |
| KR20120097240A (en) | Method for controlling user log-in | |
| CN108270769A (en) | Websocket-based dual-factor authentication system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |