CN102821106A - Electronic document non-repudiation method - Google Patents

Electronic document non-repudiation method Download PDF

Info

Publication number
CN102821106A
CN102821106A CN2012102992021A CN201210299202A CN102821106A CN 102821106 A CN102821106 A CN 102821106A CN 2012102992021 A CN2012102992021 A CN 2012102992021A CN 201210299202 A CN201210299202 A CN 201210299202A CN 102821106 A CN102821106 A CN 102821106A
Authority
CN
China
Prior art keywords
client
dynamic password
coordinate
user
repudiation
Prior art date
Application number
CN2012102992021A
Other languages
Chinese (zh)
Inventor
田少鹏
Original Assignee
句容市盛世软件有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 句容市盛世软件有限公司 filed Critical 句容市盛世软件有限公司
Priority to CN2012102992021A priority Critical patent/CN102821106A/en
Publication of CN102821106A publication Critical patent/CN102821106A/en

Links

Abstract

The invention discloses an electronic document non-repudiation method, which comprises following steps that (1) when a user logs in a client, a user name is inputted, and the client transmits an authentication request to an authentication server; (2) the authentication server verifies the user name, if the user name exists, a step (3) is executed, and if the user does not exist, error information is transmitted to the client; (3) the authentication server dynamically generates a coordinate of a dynamic password card according to the user name and returns the coordinate to the client; (4) the user inputs a password to the client according to the dynamic coordinate returned by the client; and (5) the client transmits the dynamic password to the authentication server, the authentication server verifies the dynamic password, if the dynamic password is correct, the user is successful to log in, and if the dynamic password is incorrect, the error information is transmitted to the client. Due to the adoption of the electronic document non-repudiation method, the password is not easy to steal, so that the safety potential danger of the password disclosure in a traditional log-in way can be eliminated, the safety and accuracy in the identity authentication can be guaranteed, and the loss of enterprises can be reduced.

Description

A kind of electronic document anti-repudiation method

Technical field

The present invention relates to a kind of user identity method of calibration, belong to information security field.

Background technology

In recent years, along with the raising of manufacturing business's level of informatization, operation flow processs such as the research and development of enterprise, production and selling more and more depend on information system.Informationalized introducing, the lifting that has brought enterprise work efficient, but meanwhile also challenge has been proposed for the information security management of enterprise.Enterprise such as various CAI, CAE design documentation, CAD drawing, technical document and commercial planning book etc. often drop into the core value that creates after great amount of manpower and the fund.The technological achievement that gets for taking infinite pains, enterprise's protection of being careful does not hope that the painstaking effort of oneself have but been done bottom drawer for other people cost several years.In order to protect these data, though many measures have been done by a lot of enterprise.

But a little less than the fail safe very of the identification authentication mode of " user name+password " that uses at present, the user name and password is prone to be stolen and causes loss.

Summary of the invention

Goal of the invention:, the purpose of this invention is to provide the electronic document anti-repudiation method that a kind of high safety, the user name and password are difficult for being stolen, reducing loss of enterprises to the problem and shortage that above-mentioned prior art exists.

Technical scheme: for realizing the foregoing invention purpose, the technical scheme that the present invention adopts is a kind of electronic document anti-repudiation method, carries out as follows:

(1) during user's logging on client, according to the interface prompt of client, input user name, client is sent authentication request to certificate server;

(2) certificate server verified users name, if user name exists, then execution in step (3) if user name does not exist, is then sent error message to client, client ejects information at the interface;

(3) certificate server dynamically generates the coordinate of dynamic password card according to user name, and coordinate is turned back to client;

(4) the dynamic coordinate that returns according to client of user, the dynamic password in the inquiry dynamic password card, and password is input to client;

(5) client is sent to certificate server with dynamic password, certificate server verification dynamic password, if correct, then the user successfully logins, if incorrect, then sends error message to client, and client ejects information at the interface.

To being further defined to of technical scheme of the present invention, described user name and the unique correspondence of described dynamic password card.

Further, the coordinate of the dynamic password card described in the step (3) is two dimension or three-dimensional coordinate.

Further, the coordinate of dynamic password card generates at random described in the step (3), and is stored in the database of certificate server with the form of ciphertext.

Further, in the step (4), during the input dynamic password, client is set timer, is used for limited subscriber and imports dynamic password at the appointed time.

Further, said client is communicated with through local area network (LAN) or the Internet with said certificate server.

Beneficial effect: a kind of user identity method of calibration of the present invention; Dynamically generate password through dynamic password card, password is difficult for being stolen, and has eliminated the potential safety hazard that password is revealed in traditional login mode; Guarantee the fail safe and the accuracy of authentication, reduced the loss of enterprise; Simultaneously, this method only need be equipped with dynamic password card to the user, and is easy to use, and low price has reduced the threshold that uses, even common safety management system also can use, is convenient to popularize.

Description of drawings

Fig. 1 is a flow chart of the present invention.

Embodiment

Below in conjunction with accompanying drawing and specific embodiment; Further illustrate the present invention; Should understand these embodiment only be used to the present invention is described and be not used in the restriction scope of the present invention; After having read the present invention, those skilled in the art all fall within the application's accompanying claims institute restricted portion to the modification of the various equivalent form of values of the present invention.

As shown in Figure 1, a kind of electronic document anti-repudiation method, carry out as follows:

(1) during user's logging on client, according to the interface prompt of client, input user name, client is sent authentication request to certificate server.

Before user's login, need on certificate server, register, during registration, certificate server carries out the uniqueness verification to user name, if user's English character by name is then case sensitive.User name through the uniqueness authentication succeeds in registration, and when user name succeeds in registration, generates dynamic password card at random, and said user name is unique corresponding with said dynamic password card.

Said dynamic password card is two dimension or three charts, if be the three-dimensional coordinate card, then password is safer, more difficult being cracked.The coordinate of stating dynamic password card generates at random, encrypts through the encryption method of MD5, and is stored in the database of certificate server with the form of ciphertext.

(2) certificate server verified users name, if user name exists, then execution in step (3) if user name does not exist, is then sent error message to client, client ejects information at the interface.

User name is preserved with the form of encrypting in certificate server, when certificate server needs the user name of verification input, the user name in the ergodic data storehouse, and to the deciphering of the user name in the database with need the user name of verification to compare.

(3) certificate server dynamically generates the coordinate of dynamic password card according to user name, and coordinate is turned back to client.

The coordinate that generates at random is with a unique corresponding dynamic password, and dynamic password only allows input once, if incorrect then re-enter password, reduces the situation of guessing password thus.

(4) the dynamic coordinate that returns according to client of user, the dynamic password in the inquiry dynamic password card, and password is input to client.

When importing the dynamic password in the dynamic password card; Client terminal start-up timer, limited subscriber are imported dynamic password in official hour, if user's input time is overtime; Then dynamic password lost efficacy; Need apply for dynamic coordinate again, like this, can prevent effectively that password from being plagiarized or stealing with other modes.

(5) client is sent to certificate server with dynamic password, certificate server verification dynamic password, if correct, then the user successfully logins, if incorrect, then sends error message to client, and client ejects information at the interface.

During certificate server verification dynamic password, take out the dynamic password in the database, after the MD5 deciphering, the dynamic password of importing with the user compares, if contrast is correct, then dynamic password is correct, if contrast mistake, then password mistake.

Claims (6)

1. an electronic document anti-repudiation method is characterized in that, carries out as follows:
(1) during user's logging on client, according to the interface prompt of client, input user name, client is sent authentication request to certificate server;
(2) certificate server verified users name, if user name exists, then execution in step (3) if user name does not exist, is then sent error message to client, client ejects information at the interface;
(3) certificate server dynamically generates the coordinate of dynamic password card according to user name, and coordinate is turned back to client;
(4) the dynamic coordinate that returns according to client of user, the dynamic password in the inquiry dynamic password card, and password is input to client;
(5) client is sent to certificate server with dynamic password, certificate server verification dynamic password, if correct, then the user successfully logins, if incorrect, then sends error message to client, and client ejects information at the interface.
2. a kind of electronic document anti-repudiation method according to claim 1 is characterized in that, described user name and the unique correspondence of described dynamic password card.
3. a kind of electronic document anti-repudiation method according to claim 1 is characterized in that, the coordinate of the dynamic password card described in the step (3) is two dimension or three-dimensional coordinate.
4. a kind of electronic document anti-repudiation method according to claim 1 is characterized in that the coordinate of dynamic password card generates at random described in the step (3), and is stored in the database of certificate server with the form of ciphertext.
5. a kind of electronic document anti-repudiation method according to claim 4 is characterized in that the encryption method the when coordinate of said dynamic password card is preserved is md5 encryption in database.
6. a kind of electronic document anti-repudiation method according to claim 1 is characterized in that, in the step (4), during the input dynamic password, client is set timer, is used for limited subscriber and imports dynamic password at the appointed time.
CN2012102992021A 2012-08-22 2012-08-22 Electronic document non-repudiation method CN102821106A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2012102992021A CN102821106A (en) 2012-08-22 2012-08-22 Electronic document non-repudiation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2012102992021A CN102821106A (en) 2012-08-22 2012-08-22 Electronic document non-repudiation method

Publications (1)

Publication Number Publication Date
CN102821106A true CN102821106A (en) 2012-12-12

Family

ID=47304963

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2012102992021A CN102821106A (en) 2012-08-22 2012-08-22 Electronic document non-repudiation method

Country Status (1)

Country Link
CN (1) CN102821106A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104079405A (en) * 2013-03-27 2014-10-01 阿里巴巴集团控股有限公司 User identity verification method, device and system based on matrix value
CN104766003A (en) * 2015-04-08 2015-07-08 福建联迪商用设备有限公司 Method and system for transmitting password in bar code mode
WO2017129071A1 (en) * 2016-01-29 2017-08-03 中兴通讯股份有限公司 Password authentication method, device and application server

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1780207A (en) * 2004-11-24 2006-05-31 北京游戏之星软件有限公司 Internet accounting number confirmation
CN1956375A (en) * 2005-10-24 2007-05-02 潘静 Dynamic password identity authentication method and system based on network
CN1987938A (en) * 2006-12-25 2007-06-27 中国工商银行股份有限公司 Dynamic cipher method, system and dynamic cipher card
CN101145905A (en) * 2007-10-25 2008-03-19 中国工商银行股份有限公司 An authentication method, device and system for online payment of phone bank
CN101166091A (en) * 2006-10-19 2008-04-23 阿里巴巴公司 A dynamic password authentication method and service end system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1780207A (en) * 2004-11-24 2006-05-31 北京游戏之星软件有限公司 Internet accounting number confirmation
CN1956375A (en) * 2005-10-24 2007-05-02 潘静 Dynamic password identity authentication method and system based on network
CN101166091A (en) * 2006-10-19 2008-04-23 阿里巴巴公司 A dynamic password authentication method and service end system
CN1987938A (en) * 2006-12-25 2007-06-27 中国工商银行股份有限公司 Dynamic cipher method, system and dynamic cipher card
CN101145905A (en) * 2007-10-25 2008-03-19 中国工商银行股份有限公司 An authentication method, device and system for online payment of phone bank

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104079405A (en) * 2013-03-27 2014-10-01 阿里巴巴集团控股有限公司 User identity verification method, device and system based on matrix value
CN104079405B (en) * 2013-03-27 2017-08-22 阿里巴巴集团控股有限公司 User identity method of calibration based on matrix value, apparatus and system
CN104766003A (en) * 2015-04-08 2015-07-08 福建联迪商用设备有限公司 Method and system for transmitting password in bar code mode
WO2017129071A1 (en) * 2016-01-29 2017-08-03 中兴通讯股份有限公司 Password authentication method, device and application server

Similar Documents

Publication Publication Date Title
US10630667B2 (en) Client, server, method and identity verification system
US9923885B2 (en) Systems and methods for using imaging to authenticate online users
US20190312858A1 (en) Two factor authentication with authentication objects
US9432339B1 (en) Automated token renewal using OTP-based authentication codes
US10567385B2 (en) System and method for provisioning a security token
JP6653268B2 (en) System and method for communicating strong authentication events on different channels
EP3123692B1 (en) Techniques to operate a service with machine generated authentication tokens
US10284547B2 (en) Facilitating users to obfuscate user credentials in credential responses for user authentication
US10873573B2 (en) Authenticating a user and registering a wearable device
US9215223B2 (en) Methods and systems for secure identity management
US10382426B2 (en) Authentication context transfer for accessing computing resources via single sign-on with single use access tokens
EP2772078B1 (en) Two-factor authentication systems and methods
CN104094270B (en) User certificate is protected for computing device
US8807426B1 (en) Mobile computing device authentication using scannable images
US20190098001A1 (en) Secure authorization systems and methods
US9537843B2 (en) Method, client, server and system of login verification
US8555079B2 (en) Token management
WO2017197974A1 (en) Biometric characteristic-based security authentication method, device and electronic equipment
US8601602B1 (en) Enhanced multi-factor authentication
US20150356290A1 (en) Alternate authentication
JP5802137B2 (en) Centralized authentication system and method with secure private data storage
US9235695B2 (en) Alias-based social media identity verification
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
CN103312796B (en) For the login interface selection of computing environment User logs in
CN103167491B (en) A kind of mobile terminal uniqueness authentication method based on software digital certificate

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20121212