CN102684884A - Portal Web server and method for preventing off-line request forgery - Google Patents
Portal Web server and method for preventing off-line request forgery Download PDFInfo
- Publication number
- CN102684884A CN102684884A CN2012101652802A CN201210165280A CN102684884A CN 102684884 A CN102684884 A CN 102684884A CN 2012101652802 A CN2012101652802 A CN 2012101652802A CN 201210165280 A CN201210165280 A CN 201210165280A CN 102684884 A CN102684884 A CN 102684884A
- Authority
- CN
- China
- Prior art keywords
- user
- string
- address
- encryption
- source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
A method for preventing off-line request forgery includes: enabling a Portal Web server to store a fixed secret key, generate a random secret key for each user passing through authentication, generate a final encrypted string by means of two-time encryption according to the random secret key and the fixed secret key, and transmit the encrypted string to the user by carrying the encrypted string in a response message; and performing back-stepping decryption for the encrypted string to analyze a source IP (internet protocol) address corresponding to the encrypted string if an off-line request of the user carries encrypted string information, comparing the analyzed source IP address with a source IP address of the user in the message, allowing the user to be off-line if the comparison is consistent, and if the comparison is inconsistent, the request message is considered to be forged, and making no response. By the aid of the technical scheme, internal memory of the Portal Web server is released, and performance and operating efficiency of the Portal Web server are improved.
Description
Technical field
The present invention relates to gate verification, relate in particular to the Portal authentication and prevent to forge the technology that rolls off the production line and ask.
Background technology
The Portal authentication is also referred to as web authentication usually, generally the Portal authentication website is called portal website.During the unauthenticated user online, the equipment force users signs in to particular station, and the user can free access service wherein.When the user needs the out of Memory in the access internet, must carry out authentication in portal website, just can the access internet resource after having only authentication to pass through.
The user can initiatively visit known Portal authentication website, and the input username and password carries out authentication, and the mode of this beginning Portal authentication is called initiatively authentication.Otherwise, if the user attempts will be forced visit Portal authentication website through other outer nets of HTTP visit, thus beginning Portal verification process, and this mode is called forcible authentication.
In forcible authentication, the user can use client and browser dual mode to initiate authentication.When the user uses browser to initiate the Portal authentication; User's access request is redirected on the Portal web authentication homepage of Portal system during through BAS equipment; After user's input authentication information in the authentication homepage is submitted to; Via Portal Web and Portal Server server user's authentication information is passed to BAS equipment, BAS communicates by letter with aaa server (being also referred to as the Radius server) and carries out authentication and charging then, if authentication is passed through; BAS can open the path of user and the Internet, and the user can access internet.
Portal Web server one side through after the authentication request, generates IP address and the one-to-one relationship of encrypting string the user in order to safeguard online user's information, responds the user who reaches the standard grade to request, is kept in the server a simultaneously.If there is the user to ask to roll off the production line, need its own IP address and corresponding encryption string of in the message that request is rolled off the production line, carrying.After the Portal Web server is received request message,, do comparison with encrypting string,, agree its request of rolling off the production line if consistent with the IP address of self depositing according to user's IP address that parses in the request message and corresponding encryption string; Otherwise, will not roll off the production line.
In the application of reality; The Portal Web server often exists memory headroom and the not enough problem of performance; Especially in having a large number of users amount authentication environment; The Portal Web server needs abundant memory headroom deposit a large amount of IP address and the corresponding relation of encrypting string, and the user reaches the standard grade to roll off the production line and also makes the memory headroom of Portal Web server face the test that internal memory discharges and refresh etc. problem.
Summary of the invention
In view of this, the application provides a kind of Portal Web server, is used for the access client of network is carried out the door access authentication, and said server comprises authentication module, encrypting module and comparison module, wherein,
Authentication module, said authentication module are used to receive user's authentication logging request, and after the user was through authentication, the notice encrypting module calculated corresponding encryption string according to user's source IP address and preset encryption rule.
Said encrypting module is used for the store fixed key; And to each authenticated generation random key; Behind the source IP address combination random key generation original encryption string according to the user; According to preset regular composite characters string, generate final encryption string according to fixed key again, and said encryption string is carried at sends to authenticated in the response message;
Said comparison module is used for behind the request message that rolls off the production line that receives user's transmission, according to fixed key and the anti-ciphering process that pushes away that encrypting module is preserved the encryption string that carries in the said request message that rolls off the production line being decoded, and parses the pairing source IP address of this encryption string; And do comparison in request message with the IP address that the user carries; If consistent, then allow user offline, if inconsistent; Then think counterfeit message, will not respond.
Said one step of comparison module is used for, if do not carry said encryption string information in the described request message, thinks directly that then it is the forged request message, will not respond.
Based on same thought, the application also provides a kind of method that prevents to forge the request of rolling off the production line, and is used for the Portal authentication, and said method comprises:
Steps A: the Portal Web server is preserved fixed key, generates a random key to each user through authentication, and according to said random key said user's IP address is encrypted, and obtains an original encryption string; To said original encryption string, according to preset regular composite characters string, encrypt to said composite characters string through said fixed key again, generate final encryption string, and said encryption string is carried at sends to the user in the response message;
Whether step B:Portal Web server is received the request of rolling off the production line from the user, check to carry in user's the message and encrypt string information, if the string of encryption information is arranged; Then push away deciphering, parse its corresponding source IP address, user's in itself and the message source IP address is done comparison said encryption string is counter; If consistent, then allow user offline, if inconsistent; Then think to respond the request message forged.
Step C:Portal Web server receives the http logging request from user browser, and the process checking after the user is allowed to access, is encrypted string calculating according to user's IP address and preset encryption rule.
Wherein, the preset rule of said composite characters string is: encrypt string+random key+key length.
Fixed key according to Portal Web server self is preserved is deciphered the composite characters string that obtains to encrypting string;
According to the length of end two bit representations of said composite characters string, from the said composite characters string character of intercepting random key part from back to front, the remaining character part of said composite characters string then is the original encryption string;
With said random key said original encryption string is deciphered, obtained said user's IP address.
The application makes the Portal Web server except a fixed key through such scheme, the information of the IP address that does not need cache user and corresponding encryption string.Also just avoid concurrent problems such as its potential low memory and release refresh, promoted the performance and the efficient of Portal Web server greatly.
Description of drawings
Fig. 1 is that a kind of Portal Web server that the application provides is formed module diagram.
Fig. 2 is the method flow diagram of a kind of embodiment of providing of the application.
Fig. 3 is the application scenarios figure of a kind of embodiment of providing of the application.
Embodiment
In a kind of execution mode of the application; A kind of Portal Web server is provided, and as shown in Figure 1, said Portal Web server comprises authentication module, encrypting module and comparison module; Wherein, Said authentication module is used to receive user's authentication logging request, and after the user was through authentication, the notice encrypting module calculated the encryption string according to user's source IP address; Said encrypting module is used for the store fixed key; And to each authenticated generation random key; Behind the source IP address combination random key generation original encryption string according to authenticated; Encryption rule composite characters string according to preset serially adds the final encryption string of close generation according to fixed key to said composite characters again, and said encryption string is carried among the cookie of response message and sends to authenticated; Said comparison module is used for behind the request message that rolls off the production line that receives user's transmission, if do not carry said encryption string information in the described request message, thinking directly that then it is the forged request message; Will not respond,, then decode according to the fixed key of encrypting module preservation and the preset anti-ciphering process that pushes away of encryption rule if carry said encryption string information; Parse the pairing source IP address of this encryption string, and do comparison in request message, if consistent with the IP address that the user carries; Then allow user offline; If inconsistent, then think counterfeit message, will not respond.
In a kind of embodiment that the application provides, the workflow of each module of Portal Web server is as shown in Figure 2, specifically comprises:
Step 11, Portal Web server receive the http logging request from user browser, and through the authentication module checking, if checking is passed through, then the user is allowed to access, and writes down the IP address of authenticated simultaneously earlier.
Step 12 is preserved fixed key in the encrypting module of Portal Web server, generates a random key to each user through authentication, and combines said user's source IP address to encrypt according to said random key, obtains an original encryption string; To said original encryption string; Further according to preset encryption rule composite characters string; For example: with the synthetic character string of the mode of " encrypting string+random key+key length "; Encrypt to said composite characters string through a fixed key again, generate final encryption string, and said encryption string is carried in the response message with that every kind of browser is all supported, other Cookie characteristic of proceeding internal memory level sends to the user.Here the composition rule of character string can be provided with according to user definition; As long as can carry user's random key and when decoding, can identify corresponding data; This is for the those skilled in the art; Have multiple rule to be provided with flexibly in actual use, the application no longer gives unnecessary details this one by one, does not constitute the application's qualification at this composition rule that provides.
Whether step 13, Portal Web server are received the http request of rolling off the production line from the user, check through comparison module to carry in user's the message and encrypt string information, if do not have, then think to respond the message forged; If the string information of encrypting is arranged, then push away deciphering to said encryption string is counter, parse its corresponding source IP address; User's in itself and the message source IP address is done comparison,, then allow user offline if consistent; If inconsistent, then think to respond the request message forged.
Wherein, Deciphering to said encryption string is resolved through the anti-ciphering process that pushes away, and the fixed key of at first preserving according to Portal Web server self is deciphered available composite characters string to encrypting string; And encrypt in the process of string in above-mentioned generation; The length of composite characters string is synthesized with set form according to preset rules, so can resolve synthetic character string according to preset rule, obtains synthetic preceding enciphered message: random key and the original encryption string after random key is encrypted; According to random key the original encryption string is deciphered again, then can be accessed initial data: user's source IP address." encrypting string+random key+key length " synthesis mode with above-mentioned ciphering process is an example; Last two of said composite characters string, sign be the length of random key, in the time of deciphering; According to above-mentioned composition rule; Can be from the length of end two bit representations of said composite characters string, from said composite characters string from back to front the character of intercepting random key part, the remaining character part of that said composite characters string then is the original encryption string; With said random key said original encryption string is deciphered, thereby obtained the data of original encryption: user's source IP address.
In application scenarios as shown in Figure 3 provided by the invention, specifically may further comprise the steps:
Step 21; The Portal Web server has been received the logging request that the user terminal browser sends; Portal web server is after the user is through authentication; Calculate the corresponding code value of this user, and in response message, add the cookie information of carrying said code, for example: Set-Cookie:code=ERTWERTDGDFG==; Wherein, the value of code is based on the request message source IP address encryption string that authenticated is sent that passes through that receives.
Wherein, the generating mode of code value:
The Portal Web server generates a random key (like ABCD) at random; IP (as: 1.2.3.4) to the user that reaches the standard grade encrypts; At first obtain an original encryption string (as: asdfsfsfs); Then; According to the synthetic character string (as: ABCDasdfsfsfs04) of composition rule of preset " encrypting string+random key+key length ", re-use on the Portal Web server fixed key synthetic character string is encrypted, obtain final code and encrypt and go here and there (as: ERTWERTDGDFG==).
Step 22; User terminal is received the response message of Portal web server; Standard according to http protocol; User browser can obtain the code information of cookie in the response message and be saved in the browser process internal memory, this means, this process all can be carried this information if initiate any request to Portal web once more.For example: code=ERTWERTDGDFG==;
Step 23, Portal web server is received user's the http request of rolling off the production line, if there is not code information, can think the request of rolling off the production line of forging, and directly refuses; If there is code information, then to decode, decoded content is consistent with the message source address, the operation of then rolling off the production line, otherwise, think the http that the forges request of rolling off the production line, refuse.
The application passes through such scheme; Make the enciphered message of the final authenticated that generates disperseed to store in the browser internal memory of each user terminal by distributed earth; And at Portal Web server end except a fixed key, the information of the IP address that does not need cache user and corresponding encryption string.Also just avoid concurrent problems such as its potential low memory and release refresh, promoted the performance and the efficient of Portal Web server greatly.
The above only is the preferable implementation of the present invention, and any modification of being made based on the present invention's spirit that is equal to all should be covered by in the claim scope of the present invention.
Claims (11)
1. a Portal Web server is used for the client of network is carried out the door access authentication, it is characterized in that said server comprises encrypting module and comparison module, wherein,
Said encrypting module is used for the store fixed key, and produces the encryption string corresponding with this authenticated source IP address to each authenticated, and said encryption string is carried at sends to authenticated in the response message;
Said comparison module is used for behind the request message that rolls off the production line that receives user's transmission, according to fixed key and the anti-ciphering process that pushes away that encrypting module is preserved the encryption string that carries in the said request message that rolls off the production line being decoded, and parses the pairing source IP address of this encryption string; And do comparison in request message with the IP address that the user carries; If consistent, then allow user offline, if inconsistent; Then think counterfeit message, will not respond.
2. server according to claim 1; It is characterized in that the said encryption string that sends to authenticated in the response message that is carried at realizes through following mode that specifically said encrypting module produces random key according to the fixed key of its storage; After each authentification of user passes through; Behind the source IP address combination random key generation original encryption string according to the user,, encrypt according to said fixed key again and generate final encryption string according to preset regular composite characters string.
3. server according to claim 1; It is characterized in that; Said server further comprises authentication module; Said authentication module is used to receive user's authentication logging request, and after the user was through authentication, the notice encrypting module calculated corresponding encryption string according to user's source IP address and preset encryption rule.
4. server according to claim 1 is characterized in that, said one step of comparison module is used for, if do not carry said encryption string information in the described request message, thinks directly that then it is the forged request message, will not respond.
5. a method that prevents to forge the request of rolling off the production line is used for the Portal authentication, it is characterized in that said method comprises:
Steps A: the Portal Web server is preserved fixed key, and produces the encryption string corresponding with this authenticated source IP address to each authenticated, and said encryption string is carried at sends to authenticated in the response message;
Whether step B:Portal Web server is received the request of rolling off the production line from the user, check to carry in user's the message and encrypt string information, if the string of encryption information is arranged; Then push away deciphering, parse its corresponding source IP address, user's in itself and the message source IP address is done comparison said encryption string is counter; If consistent, then allow user offline, if inconsistent; Then think to respond the request message forged.
6. method according to claim 5 is characterized in that, the encryption string that said steps A sends to authenticated specifically is to be carried among the cookie of said response message.
7. method according to claim 6; It is characterized in that the encryption string that sends to authenticated in the said steps A realizes through following mode that specifically said Portal server produces random key according to the fixed key of its storage; After each authentification of user passes through; Behind the source IP address combination random key generation original encryption string according to the user,, encrypt according to said fixed key again and generate final encryption string according to preset regular composite characters string.
8. method according to claim 7 is characterized in that, the preset rule of said composite characters string is: encrypt string+random key+key length.
9. method according to claim 7 is characterized in that, among the said step B the anti-decrypting process that pushes away of the encryption string that carries in the user offline request message is specially:
Fixed key according to Portal Web server self is preserved is deciphered the composite characters string that obtains to encrypting string;
According to the length of end two bit representations of said composite characters string, from the said composite characters string character of intercepting random key part from back to front, the remaining character part of said composite characters string then is the original encryption string;
With said random key said original encryption string is deciphered, obtained said user's source IP address.
10. method according to claim 5 is characterized in that, among the said step B,
Receive the request of rolling off the production line when the Portal Web server, check whether to carry in user's the message and encrypt string information,, then think to respond the request message forged if do not encrypt string information from the user.
11. method according to claim 5 is characterized in that, said method takes a step forward in steps A and comprises:
Step C:Portal Web server receives the http logging request from user browser, and the process checking after the user is allowed to access, is encrypted string calculating according to user's source IP address and preset encryption rule.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210165280.2A CN102684884B (en) | 2012-05-24 | 2012-05-24 | A kind of Portal Web server and the method preventing from forging the request of rolling off the production line thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210165280.2A CN102684884B (en) | 2012-05-24 | 2012-05-24 | A kind of Portal Web server and the method preventing from forging the request of rolling off the production line thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102684884A true CN102684884A (en) | 2012-09-19 |
| CN102684884B CN102684884B (en) | 2016-08-03 |
Family
ID=46816287
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210165280.2A Active CN102684884B (en) | 2012-05-24 | 2012-05-24 | A kind of Portal Web server and the method preventing from forging the request of rolling off the production line thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102684884B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102882897A (en) * | 2012-10-31 | 2013-01-16 | 杭州迪普科技有限公司 | Cookie protecting method and device |
| CN103001770A (en) * | 2012-10-24 | 2013-03-27 | 北京奇虎科技有限公司 | User verification method, user verification server and user verification system |
| CN104683490A (en) * | 2013-11-27 | 2015-06-03 | 华为技术有限公司 | Internet protocol address recovery method and internet protocol address recovery device |
| CN106549925A (en) * | 2015-09-23 | 2017-03-29 | 阿里巴巴集团控股有限公司 | Prevent method, the apparatus and system of cross-site request forgery |
| CN107592316A (en) * | 2017-09-20 | 2018-01-16 | 山东渔翁信息技术股份有限公司 | A kind of ciphering and deciphering device and method |
| CN109617895A (en) * | 2018-12-27 | 2019-04-12 | 东莞见达信息技术有限公司 | Access safety control method and system |
| CN111698080A (en) * | 2019-03-14 | 2020-09-22 | 西安诺瓦电子科技有限公司 | Program file exporting and importing method and device and multimedia playing box |
| CN111818038A (en) * | 2020-07-01 | 2020-10-23 | 拉扎斯网络科技(上海)有限公司 | Network data acquisition and identification method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588853A (en) * | 2004-07-13 | 2005-03-02 | 中国工商银行 | Uniform identication method and system based on network |
| CN101163000A (en) * | 2006-10-13 | 2008-04-16 | 中兴通讯股份有限公司 | Secondary authentication method and system |
| CN101360021A (en) * | 2008-10-14 | 2009-02-04 | 中国电信股份有限公司 | Monitoring method and system for wireless wideband user status |
| CN101959186A (en) * | 2009-07-20 | 2011-01-26 | 中国移动通信集团山东有限公司 | Log-off processing method, system and device for WLAN (Wireless Local Area Network) user |
| CN102065067A (en) * | 2009-11-11 | 2011-05-18 | 杭州华三通信技术有限公司 | Method and device for preventing replay attack between portal server and client |
-
2012
- 2012-05-24 CN CN201210165280.2A patent/CN102684884B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588853A (en) * | 2004-07-13 | 2005-03-02 | 中国工商银行 | Uniform identication method and system based on network |
| CN101163000A (en) * | 2006-10-13 | 2008-04-16 | 中兴通讯股份有限公司 | Secondary authentication method and system |
| CN101360021A (en) * | 2008-10-14 | 2009-02-04 | 中国电信股份有限公司 | Monitoring method and system for wireless wideband user status |
| CN101959186A (en) * | 2009-07-20 | 2011-01-26 | 中国移动通信集团山东有限公司 | Log-off processing method, system and device for WLAN (Wireless Local Area Network) user |
| CN102065067A (en) * | 2009-11-11 | 2011-05-18 | 杭州华三通信技术有限公司 | Method and device for preventing replay attack between portal server and client |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103001770A (en) * | 2012-10-24 | 2013-03-27 | 北京奇虎科技有限公司 | User verification method, user verification server and user verification system |
| CN103001770B (en) * | 2012-10-24 | 2016-06-01 | 北京奇虎科技有限公司 | A kind of user rs authentication method, server and system |
| CN102882897A (en) * | 2012-10-31 | 2013-01-16 | 杭州迪普科技有限公司 | Cookie protecting method and device |
| CN104683490A (en) * | 2013-11-27 | 2015-06-03 | 华为技术有限公司 | Internet protocol address recovery method and internet protocol address recovery device |
| CN104683490B (en) * | 2013-11-27 | 2018-05-04 | 华为技术有限公司 | The recovery method and device of Internet protocol address |
| CN106549925A (en) * | 2015-09-23 | 2017-03-29 | 阿里巴巴集团控股有限公司 | Prevent method, the apparatus and system of cross-site request forgery |
| CN107592316A (en) * | 2017-09-20 | 2018-01-16 | 山东渔翁信息技术股份有限公司 | A kind of ciphering and deciphering device and method |
| CN109617895A (en) * | 2018-12-27 | 2019-04-12 | 东莞见达信息技术有限公司 | Access safety control method and system |
| CN111698080A (en) * | 2019-03-14 | 2020-09-22 | 西安诺瓦电子科技有限公司 | Program file exporting and importing method and device and multimedia playing box |
| CN111698080B (en) * | 2019-03-14 | 2024-03-15 | 西安诺瓦星云科技股份有限公司 | Program file export and import method and device and multimedia playing box |
| CN111818038A (en) * | 2020-07-01 | 2020-10-23 | 拉扎斯网络科技(上海)有限公司 | Network data acquisition and identification method and device |
| CN111818038B (en) * | 2020-07-01 | 2023-01-31 | 拉扎斯网络科技(上海)有限公司 | Network data acquisition and identification method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102684884B (en) | 2016-08-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102684884A (en) | Portal Web server and method for preventing off-line request forgery | |
| CN110493261B (en) | Verification code obtaining method based on block chain, client, server and storage medium | |
| CN105812366B (en) | Server, anti-crawler system and anti-crawler verification method | |
| CN104009989B (en) | A kind of anti-stealing link method of media file, system and server | |
| CN104618334A (en) | Method and system for generating and verifying dynamic two-dimensional code | |
| CN113691502B (en) | Communication method, device, gateway server, client and storage medium | |
| CN109543434B (en) | Block chain information encryption method, decryption method, storage method and device | |
| CN103560879A (en) | Method for achieving lightweight authentication and key agreement | |
| CN106060078B (en) | User information encryption method, register method and verification method applied to cloud platform | |
| CN102138300A (en) | Message authentication code pre-computation with applications to secure memory | |
| CN109428867A (en) | A kind of message encipher-decipher method, network equipment and system | |
| WO2021218088A1 (en) | Communication data processing method and apparatus, and computer system and storage medium | |
| CN105025019A (en) | Data safety sharing method | |
| CN106850603A (en) | A kind of whitepack password Bidirectional identity authentication method, terminal, service end and system | |
| US11425547B2 (en) | Master-slave system for communication over a Bluetooth Low Energy connection | |
| CN106470103B (en) | Method and system for sending encrypted URL request by client | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| CN110061967A (en) | Business datum providing method, device, equipment and computer readable storage medium | |
| CN106899610A (en) | A kind of checking code verification method without storage | |
| CN105847005A (en) | Encryption device and method | |
| CN103414727A (en) | Encryption protection system for input password input box and using method thereof | |
| CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
| CN107707562A (en) | A kind of method, apparatus of asymmetric dynamic token Encrypt and Decrypt algorithm | |
| CN106712939A (en) | Offline key transmission method and device | |
| CN105282090A (en) | Public URL encryption coding method for preventing illegal access on internet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou science and Technology Development Zone, Zhejiang high tech park, No. six and road, No. 310 Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CP03 | Change of name, title or address |