CN102868533A - Method and system for verifying resource access authorization - Google Patents
Method and system for verifying resource access authorization Download PDFInfo
- Publication number
- CN102868533A CN102868533A CN2012103385346A CN201210338534A CN102868533A CN 102868533 A CN102868533 A CN 102868533A CN 2012103385346 A CN2012103385346 A CN 2012103385346A CN 201210338534 A CN201210338534 A CN 201210338534A CN 102868533 A CN102868533 A CN 102868533A
- Authority
- CN
- China
- Prior art keywords
- resource
- request
- supply system
- client
- parameter information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a method and a system for verifying resource access authorization. The method is used for resource access between a client-side request system and a resource providing system. The method comprises the following steps: S1, the client-side request system sends out a resource request instruction, wherein the resource request instruction comprises verification key and user parameter information; S2, the resource providing system receives the resource request instruction, and verifies the verification key, wherein the step S3 is carried out if the verification is passed; and S3, the resource providing system verifies request authorization according to the user parameter information, wherein the resource which corresponds to the resource request instruction is returned after the request authorization is verified to be passed. Due to the multi-verification such as the verification key, the request authorization verification and the like, the safety of resource can be guaranteed; and all the verifications are completed by the resource providing system, so that the illegal distortion on the client-side request system can be effectively avoided, and the safety of the resource can be improved.
Description
Technical field
The present invention relates to the Internet resources security fields, more particularly, relate to a kind of resource access authorization verification method and system that can be used between at least two systems.
Background technology
Current network Development is more and more faster, and the propagation velocity of information increases day by day.Protect for the resource on the network, paid close attention to by vast IT enterprises.The resource here includes, but are not limited to: the electronic scanned document of invoice bill, pay sheet, reimbursement voucher, encrypt file transmission, charge video, audio frequency, various documents etc.If resource is not protected, very possible chain, the file event such as divulge a secret occurs to steal.
Generally browsing complete page of an important phenomenon is not once all to be sent to client.If the request be one with the page of many pictures and out of Memory, it is the text of this page that Http request so at first is transmitted what return, then by the browser of client the explanation of this section text is carried out, find wherein to also have picture, the browser of client can send a Http request more so, this picture file can be sent to client so after this request is processed, then browser can be placed to picture the tram of the page, and complete page perhaps will can be by complete demonstration through sending many Http requests like this.
Based on such mechanism, will produce a problem, that steals the chain problem exactly: if be exactly the said information in the page that do not rise in the website, pictorial information for example, it fully can be with other website that is connected to of this picture so.Like this without any the website use of resource the resource of other website show the viewer, improved the visit capacity of oneself, and most of viewer can not find at an easy rate, obvious like this, be inequitable for that website that has been utilized resource.Some objectionable websites expand own site contents in order not increase cost, often usurp the link of other websites.Damage on the one hand the legitimate interests of original web, increased the weight of again on the other hand the burden of server.
If steal the easily image resource of browser server of chain person, just there is the possibility of divulging a secret in the significant data that comprises in the image so, and steals the URL link that the chain person only need to know picture, can download, deposit this locality to picture, be forwarded to other websites.
Summary of the invention
The technical problem to be solved in the present invention is, a kind of resource access authorization verification method and system that can effectively guarantee resource security is provided.
The technical solution adopted for the present invention to solve the technical problems is: a kind of resource access authorization verification method is provided, is used for the resource access between client-requested system and the Resource Supply system, may further comprise the steps:
S1: the client-requested system sends the resource request instruction, includes authentication secret and customer parameter information in the described resource request instruction;
S2: the Resource Supply system receives described resource request instruction, and described authentication secret is verified, checking is by then entering step S3;
S3: the Resource Supply system carries out the request permissions checking according to customer parameter information, after the request permissions checking is passed through, returns the resource corresponding with described resource request instruction.
In resource access authorization verification method of the present invention, described client-requested system and Resource Supply system are the Web application system.
In resource access authorization verification method of the present invention, described method also comprises step S4: described client-requested system and Resource Supply system be common to consult privately owned shared key, is provided with the key authentication database in the described Resource Supply system;
In described step S2, the authentication secret in the described resource request instruction is verified in described key authentication database checking is by then entering step S3, have no right visit information otherwise return.
In resource access authorization verification method of the present invention, described step S3 comprises:
S3-1: described Resource Supply system carries out the request permissions checking with the matched data in the internal memory of described customer parameter information and described Resource Supply system, after the request permissions checking is passed through, execution in step S3-2, when the request permissions checking can't be passed through, execution in step S3-3;
S3-2: described Resource Supply system is according to the described resource request instruction load resource output page, and when loading resource corresponding to resource output page face, again from the client-requested system that sends described resource request instruction, obtain customer parameter information, and carry out the request permissions checking with the matched data in the internal memory of described Resource Supply system, after the request permissions checking is passed through, return corresponding resource;
S3-3: the user library of storing in described customer parameter information and the described Resource Supply system is mated in described Resource Supply system, after coupling is passed through, described customer parameter information is written in the matched data in the internal memory of described Resource Supply system, again execution in step S3-1 and S3-2; When coupling can't by the time, return and have no right visit information.
In the described step S3-1 of resource access authorization verification method of the present invention, described customer parameter information comprises user name and the user right corresponding with user name; Described matched data comprises authorized user name and the authorized user authority corresponding with the authorized user name; Carrying out request permissions when checking, when described user name and user right can be with described authorized user name and authorized user permission matchs, by the request permissions checking, otherwise can't pass through.
In the described step S3-2 of resource access authorization verification method of the present invention, when loading resource corresponding to resource output page face, the OPADD of resolving resource corresponding label is transmitted to a Handle processing to every address; After this Handle receives the request of address, get access to the parameter value in the address, and again get acquisition customer parameter information in the client-requested system, after the request permissions checking is passed through, return corresponding resource according to the parameter value in the address.
In the described step S3-3 of resource access authorization verification method of the present invention, the mandate interface module of described Resource Supply system is called by described client-requested system by Web Service, by authorizing interface module to receive described customer parameter information, and with described Resource Supply system in the user library stored mate, after coupling is passed through, described customer parameter information is written in the matched data in the internal memory of described Resource Supply system.
The present invention also provides a kind of resource access authorization verification system, the client-requested system and the Resource Supply system that comprise connecting communication, described client-requested system comprises request module, be used for sending the resource request instruction, include authentication secret and customer parameter information in the described resource request instruction;
Described Resource Supply system comprises:
The access authentication module is used for checking from the authentication secret of described client-requested system;
The Authority Verification module is used for carrying out the request permissions checking from the customer parameter information of described client-requested system;
Processing module is used for the result according to described access authentication module and Authority Verification module, to processing from the resource request instruction of described client-requested system; And
Memory module stores key authentication database and user library.
In resource access authorization verification system of the present invention, described Resource Supply system also comprises:
Internal memory is used for the storage matched data; And
Authorize interface module, with described Memory linkage, be used for and mate from customer parameter information and the described user library of described client-requested system, and the described customer parameter information processing that will mate is described matched data, and be stored in the described internal memory.
In resource access authorization verification system of the present invention, described Authority Verification module and described Memory linkage will carry out the request permissions checking from customer parameter information and the matched data in the described internal memory of described client-requested system.
Implement the present invention and have following beneficial effect: by multiple-authentications such as authentication secret, request permissions checkings, guaranteed the fail safe of resource; And all checkings are all finished in the Resource Supply system, can effectively avoid illegally distorting of client-requested system, the fail safe that has improved resource.
In addition, since request permissions checking only need with internal memory in matching list carry out, matching list is as the relation data of light weight, avoided taking too much Resource Supply system resource, and database, the client-requested system with memory module of need not frequently carries out mutual frequently, Effective Raise runnability.
In addition, even leak at resource link, also can ensure the safety of this resource, because when disabled user's request resource is arranged, all the time all can arrive the Resource Supply system resource that conducts interviews, and during access resources, must verify mandate, the disabled user can't read resource all the time like this, thereby has guaranteed the fail safe of resource.
Description of drawings
The invention will be further described below in conjunction with drawings and Examples, in the accompanying drawing:
Fig. 1 is the schematic block diagram of an embodiment of resource access authorization verification system of the present invention;
Fig. 2 is the schematic flow diagram of authorisation step of an embodiment of resource access authorization verification method of the present invention;
Fig. 3 is the schematic flow diagram of resource request of an embodiment of resource access authorization verification method of the present invention.
Embodiment
As shown in Figure 1, be an embodiment of resource access authorization verification system of the present invention, but comprise client-requested system 10 and Resource Supply system 20 that communication connects.In the present embodiment, this client-requested system 10 and Resource Supply system 20 are the Web application system.Wherein, the Web application system is applied to Web Service technology, and Web Service is an application component, and its logicality is to provide geodata and services for other application programs.Each application program visits Web Service by some standard data formats (Http, XML, Soap) of procotol and regulation, obtains results needed by inner execution of Web Service.Web Service can carry out any function from simple request to complicated business processing.In case after disposing, the service that it is disposed can be found and call to other Web Service application programs.
Wherein, client-requested system 10 is used for to Resource Supply system 20 request resource, comprises request module 11, is used for sending the resource request instruction.Include authentication secret and customer parameter information etc. in this resource request instruction, certainly, also comprise the specifying information of request resource etc.
This Resource Supply system 20 for client-requested system 10 provides resource, comprises access authentication module 21, Authority Verification module 22, processing module 22, memory module 24, internal memory 25 etc. as server.
This access authentication module 21 is used for to verifying from the authentication secret of client-requested system 10, by authentication secret and key authentication database are compared checking, to determine that whether client-requested system 10 is as validated user.
This Authority Verification module 22 is used for carry out the request permissions checking from the customer parameter information of client-requested system 10, by the matched data in customer parameter information and the internal memory 25 is compared, to determine this client-requested system 10 whether the authority of corresponding resource is arranged.
The result that this processing module 22 is used for according to access authentication module 21 and Authority Verification module 22 is processed the resource request instruction from client-requested system 10, to return the resource of request by checking and request with authority.
This memory module 24 is used for storage key validation database and user library etc., and for verifying, licensing.
Further, this Resource Supply system 20 also is provided with authorizes interface module 26, be connected with internal memory 25, be used for and mate from the customer parameter information of client-requested system 10 and the user library of memory module 24, and with the coupling the customer parameter information processing be matched data, and be stored in the internal memory 25, use for Authority Verification module 22, be about to carry out the request permissions checking from customer parameter information and the matched data in the internal memory 25 of client-requested system 10.
Shown in Fig. 2,3, be an embodiment of resource access authorization verification method of the present invention.In the present embodiment, the method comprises checking configuration step, authorisation step and checking authorisation step etc.
(not shown) in configuration step, client-requested system 10 and the Resource Supply system 20 common privately owned shared keys (such as the Passport key) of consulting, be provided with the key authentication database in the Resource Supply system 20, identify thus whether Internet access Resource Supply system 20 of client-requested system 10.
Before providing system 20, access resources can read the key authentication database one time, the key that checking client Request System 10 is held.If meet the key that 20 allowances of Resource Supply system are called, just accessible resource provides system 20.If key does not meet, will be judged to be malice and authorize or authorize and illegally distorted, return and have no right to access.
This key can adopt the Passport key, specifies a private cipher key to deposit in the allocation list field of key authentication database by Resource Supply system 20.Key can carry to Resource Supply system 20 in client-requested system 10, carries out key authentication.If key conforms to the allocation list field, then think these client-requested system 10 Internet access; Otherwise visit information is had no right in output, for example, returns and haves no right access notifications, the notice etc. of makeing mistakes.
As shown in Figure 2, when client-requested system 10 sends resource request instruction request resource to Resource Supply system 20 (S201), must carry out request permissions checking (S202), Resource Supply system 20 carries out the request permissions checking with the matched data in customer parameter information and the internal memory 25, after the request permissions checking is passed through, return the resource corresponding with the resource request instruction (S203); When the request permissions checking can't be passed through, need authorize client-requested system 10.
The mandate interface module 26 of Resource Supply system 20 is called by client-requested system 10 by Web Service, by authorizing interface module 26 to receive customer parameter information (S204), and with the memory module 24 of Resource Supply system 20 in the user library of storage mate (S205), after coupling is passed through, customer parameter information is written in the matched data of internal memory 25 of Resource Supply system 20 (S206); When coupling can't by the time, return and have no right visit information (S207).
Understandable, can preserve overall matched data in this internal memory 25, preserve all authorized user names and the authorized user authority corresponding with this authorized user name in this table.And Resource Supply system 20 can record the authority record of this authorized user name, generates daily record, deposits database in.
Exactly because in internal memory 25, preserve the relation data of light weight, thus reach namely can be not too much the resource that takies Resource Supply system 20, can be not frequently not mutual with database, client-requested system 10 yet, the Effective Raise runnability.
As shown in Figure 3, be the flow chart that client-requested system 10 sends a resource request, at first, the user is to client-requested system 10 request resource.These users of checking of client-requested system 10 request of sending of whether having the right, if having the right, then client-requested system 10 sends the resource request instruction, includes authentication secret and customer parameter information in the resource request instruction; If have no right, then output haves no right to check prompting.
Client-requested system 10 loads user's resource request instruction, and the resource request instruction is issued to Resource Supply system 20, for example exports Resource Supply system 20 to by Web Server.
Resource Supply system 20 receives the resource request instruction, and the authentication secret of resource request instruction is verified, when checking can't be passed through, output had no right to check prompting; When checking is passed through, when this customer parameter information does not also write the internal memory 25 of Resource Supply system 20, carry out the foregoing step that client-requested system 10 is authorized.
When customer parameter information had deposited internal memory 25 in, client-requested system 10 quoted the resource output page of Resource Supply system 20; And, these users of checking of Resource Supply system 20 requests for page of whether having the right.
Resource Supply system 20 carries out the request permissions checking with the matched data in customer parameter information and the internal memory 25.Customer parameter information comprises user name and the user right corresponding with user name; Matched data comprises authorized user name and the authorized user authority corresponding with the authorized user name.Carrying out request permissions when checking, when user name and user right can be with authorized user name and authorized user permission matchs, by the request permissions checking, otherwise can't pass through.
When checking client Request System 10 was had no right the access resources output page, output had no right to check indication.
When the checking client Request System 10 Internet access resources output page, continue the corresponding resource whether checking has the right to ask this page, after checking is passed through, normal output.Otherwise output haves no right to check indication.
When loading resource corresponding to resource output page face, the OPADD of resolving resource corresponding label is transmitted to a Handle processing to every address; After this Handle receives the request of address, get access to the parameter value in the address, and again get acquisition customer parameter information in the client-requested system 10, after the request permissions checking is passed through, return corresponding resource according to the parameter value in the address; Thereby, even if the link of resource page is leaked or is circulated away, the visitor is when carrying out the page resource access, also need again authentication of users parameter information, the disabled user can't be by checking, just have no right to browse the resource of actual request, also can't carry out subscriber authorisation, further improved Security of the system.
In addition, even the resource of the client-requested system 10 output page is revealed or circulated away, illegal user still needs can play the risk that prevents resource stealing equally through above-mentioned mandate, checking, has further improved Security of the system.
Can be combined into as required various embodiment between above-mentioned each technical characterictic, again not do and give unnecessary details.Understandable, above embodiment has only expressed preferred implementation of the present invention, and it describes comparatively concrete and detailed, but can not therefore be interpreted as the restriction to claim of the present invention; Should be pointed out that for the person of ordinary skill of the art, without departing from the inventive concept of the premise, can carry out independent assortment to above-mentioned technical characterstic, can also make some distortion and improvement, these all belong to protection scope of the present invention; Therefore, all equivalents and modifications of doing with claim scope of the present invention all should belong to the covering scope of claim of the present invention.
Claims (10)
1. a resource access authorization verification method is used for the resource access between client-requested system and the Resource Supply system, it is characterized in that, may further comprise the steps:
S1: the client-requested system sends the resource request instruction, includes authentication secret and customer parameter information in the described resource request instruction;
S2: the Resource Supply system receives described resource request instruction, and described authentication secret is verified, checking is by then entering step S3;
S3: the Resource Supply system carries out the request permissions checking according to customer parameter information, after the request permissions checking is passed through, returns the resource corresponding with described resource request instruction.
2. resource access authorization verification method according to claim 1 is characterized in that, described client-requested system and Resource Supply system are the Web application system.
3. resource access authorization verification method according to claim 1, it is characterized in that, described method also comprises step S4: described client-requested system and Resource Supply system be common to consult privately owned shared key, is provided with the key authentication database in the described Resource Supply system;
In described step S2, the authentication secret in the described resource request instruction is verified in described key authentication database checking is by then entering step S3, have no right visit information otherwise return.
4. resource access authorization verification method according to claim 3 is characterized in that, described step S3 comprises:
S3-1: described Resource Supply system carries out the request permissions checking with the matched data in the internal memory of described customer parameter information and described Resource Supply system, after the request permissions checking is passed through, execution in step S3-2, when the request permissions checking can't be passed through, execution in step S3-3;
S3-2: described Resource Supply system is according to the described resource request instruction load resource output page, and when loading resource corresponding to resource output page face, again from the client-requested system that sends described resource request instruction, obtain customer parameter information, and carry out the request permissions checking with the matched data in the internal memory of described Resource Supply system, after the request permissions checking is passed through, return corresponding resource;
S3-3: the user library of storing in described customer parameter information and the described Resource Supply system is mated in described Resource Supply system, after coupling is passed through, described customer parameter information is written in the matched data in the internal memory of described Resource Supply system, again execution in step S3-1 and S3-2; When coupling can't by the time, return and have no right visit information.
5. resource access authorization verification method according to claim 4 is characterized in that, in described step S3-1, described customer parameter information comprises user name and the user right corresponding with user name; Described matched data comprises authorized user name and the authorized user authority corresponding with the authorized user name; Carrying out request permissions when checking, when described user name and user right can be with described authorized user name and authorized user permission matchs, by the request permissions checking, otherwise can't pass through.
6. resource access authorization verification method according to claim 4 is characterized in that, in described step S3-2, when loading resource corresponding to resource output page face, the OPADD of resolving resource corresponding label is transmitted to a Handle processing to every address; After this Handle receives the request of address, get access to the parameter value in the address, and again get acquisition customer parameter information in the client-requested system, after the request permissions checking is passed through, return corresponding resource according to the parameter value in the address.
7. resource access authorization verification method according to claim 4, it is characterized in that, in described step S3-3, the mandate interface module of described Resource Supply system is called by described client-requested system by Web Service, by authorizing interface module to receive described customer parameter information, and with described Resource Supply system in the user library stored mate, after coupling is passed through, described customer parameter information is written in the matched data in the internal memory of described Resource Supply system.
8. resource access authorization verification system, the client-requested system and the Resource Supply system that comprise connecting communication, it is characterized in that, described client-requested system comprises request module, be used for sending the resource request instruction, include authentication secret and customer parameter information in the described resource request instruction;
Described Resource Supply system comprises:
The access authentication module is used for checking from the authentication secret of described client-requested system;
The Authority Verification module is used for carrying out the request permissions checking from the customer parameter information of described client-requested system;
Processing module is used for the result according to described access authentication module and Authority Verification module, to processing from the resource request instruction of described client-requested system; And
Memory module stores key authentication database and user library.
9. resource access authorization verification system according to claim 8 is characterized in that, described Resource Supply system also comprises:
Internal memory is used for the storage matched data; And
Authorize interface module, with described Memory linkage, be used for and mate from customer parameter information and the described user library of described client-requested system, and the described customer parameter information processing that will mate is described matched data, and be stored in the described internal memory.
10. resource access authorization verification system according to claim 9, it is characterized in that, described Authority Verification module and described Memory linkage will carry out the request permissions checking from customer parameter information and the matched data in the described internal memory of described client-requested system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210338534.6A CN102868533B (en) | 2012-09-13 | 2012-09-13 | resource access authorization verification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210338534.6A CN102868533B (en) | 2012-09-13 | 2012-09-13 | resource access authorization verification method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102868533A true CN102868533A (en) | 2013-01-09 |
| CN102868533B CN102868533B (en) | 2016-05-25 |
Family
ID=47447139
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210338534.6A Active CN102868533B (en) | 2012-09-13 | 2012-09-13 | resource access authorization verification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102868533B (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103220289A (en) * | 2013-04-15 | 2013-07-24 | 北京京东尚科信息技术有限公司 | Resource verification system and resource verification method based on web application |
| CN104021351A (en) * | 2014-05-28 | 2014-09-03 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for data resource access |
| CN104767766A (en) * | 2015-05-08 | 2015-07-08 | 广州视源电子科技股份有限公司 | Web Service interface verification method, Web Service server and client side |
| CN105100032A (en) * | 2014-05-23 | 2015-11-25 | 腾讯科技(北京)有限公司 | Method and apparatus for preventing resource steal |
| CN105187449A (en) * | 2015-09-30 | 2015-12-23 | 北京恒华伟业科技股份有限公司 | Interface calling method and device |
| CN105871801A (en) * | 2015-12-07 | 2016-08-17 | 乐视云计算有限公司 | Stolen chain detection method and device |
| CN106528640A (en) * | 2016-10-13 | 2017-03-22 | 厦门中控生物识别信息技术有限公司 | Browser-based fingerprint check method and system |
| CN106959982A (en) * | 2016-01-08 | 2017-07-18 | 深圳市星电商科技有限公司 | Obtain methods, devices and systems, monitoring method and the device of resource |
| CN107015996A (en) * | 2016-01-28 | 2017-08-04 | 阿里巴巴集团控股有限公司 | A kind of resource access method, apparatus and system |
| CN107196943A (en) * | 2017-05-26 | 2017-09-22 | 浙江大学 | A kind of security display implementation method of private data in third-party platform |
| CN108243172A (en) * | 2016-12-27 | 2018-07-03 | 武汉斗鱼网络科技有限公司 | A kind of method and system for sending verification information |
| CN110995526A (en) * | 2019-11-04 | 2020-04-10 | 苏州浪潮智能科技有限公司 | Database resource isolation test method, system, terminal and storage medium |
| CN114157503A (en) * | 2021-12-08 | 2022-03-08 | 北京天融信网络安全技术有限公司 | Access request authentication method and device, API gateway equipment and storage medium |
| CN114363373A (en) * | 2021-12-31 | 2022-04-15 | 中国第一汽车股份有限公司 | Application communication management system, method, device, electronic device and storage medium |
| CN115065530A (en) * | 2022-06-13 | 2022-09-16 | 北京华信傲天网络技术有限公司 | Trusted data interaction method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101083556A (en) * | 2007-07-02 | 2007-12-05 | 蔡水平 | Region based layered wireless information publishing, searching and communicating application system |
| CN101350710A (en) * | 2007-07-16 | 2009-01-21 | 华为技术有限公司 | Network system, authority issuing server, authority issuing and executing method |
| CN101951603A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Access control method and system for wireless local area network |
| CN102017572A (en) * | 2008-04-25 | 2011-04-13 | 诺基亚公司 | Methods, apparatuses, and computer program products for providing a single service sign-on |
| CN102685086A (en) * | 2011-04-14 | 2012-09-19 | 天脉聚源(北京)传媒科技有限公司 | File access method and system |
-
2012
- 2012-09-13 CN CN201210338534.6A patent/CN102868533B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101083556A (en) * | 2007-07-02 | 2007-12-05 | 蔡水平 | Region based layered wireless information publishing, searching and communicating application system |
| CN101350710A (en) * | 2007-07-16 | 2009-01-21 | 华为技术有限公司 | Network system, authority issuing server, authority issuing and executing method |
| CN102017572A (en) * | 2008-04-25 | 2011-04-13 | 诺基亚公司 | Methods, apparatuses, and computer program products for providing a single service sign-on |
| CN101951603A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Access control method and system for wireless local area network |
| CN102685086A (en) * | 2011-04-14 | 2012-09-19 | 天脉聚源(北京)传媒科技有限公司 | File access method and system |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103220289A (en) * | 2013-04-15 | 2013-07-24 | 北京京东尚科信息技术有限公司 | Resource verification system and resource verification method based on web application |
| CN105100032A (en) * | 2014-05-23 | 2015-11-25 | 腾讯科技(北京)有限公司 | Method and apparatus for preventing resource steal |
| CN104021351A (en) * | 2014-05-28 | 2014-09-03 | 宇龙计算机通信科技(深圳)有限公司 | Method and device for data resource access |
| CN104021351B (en) * | 2014-05-28 | 2017-11-17 | 宇龙计算机通信科技(深圳)有限公司 | The access method and device of a kind of data resource |
| CN104767766B (en) * | 2015-05-08 | 2018-03-27 | 广州视源电子科技股份有限公司 | A kind of Web Service interfaces verification method, Web Service servers, client |
| CN104767766A (en) * | 2015-05-08 | 2015-07-08 | 广州视源电子科技股份有限公司 | Web Service interface verification method, Web Service server and client side |
| CN105187449A (en) * | 2015-09-30 | 2015-12-23 | 北京恒华伟业科技股份有限公司 | Interface calling method and device |
| CN105187449B (en) * | 2015-09-30 | 2018-10-02 | 北京恒华伟业科技股份有限公司 | A kind of interface call method and device |
| CN105871801A (en) * | 2015-12-07 | 2016-08-17 | 乐视云计算有限公司 | Stolen chain detection method and device |
| WO2017096840A1 (en) * | 2015-12-07 | 2017-06-15 | 乐视控股(北京)有限公司 | Method and device for detecting hotlinking |
| CN106959982A (en) * | 2016-01-08 | 2017-07-18 | 深圳市星电商科技有限公司 | Obtain methods, devices and systems, monitoring method and the device of resource |
| CN107015996A (en) * | 2016-01-28 | 2017-08-04 | 阿里巴巴集团控股有限公司 | A kind of resource access method, apparatus and system |
| CN106528640B (en) * | 2016-10-13 | 2019-10-18 | 厦门中控生物识别信息技术有限公司 | A kind of finger-mark check method and system based on browser |
| CN106528640A (en) * | 2016-10-13 | 2017-03-22 | 厦门中控生物识别信息技术有限公司 | Browser-based fingerprint check method and system |
| CN108243172A (en) * | 2016-12-27 | 2018-07-03 | 武汉斗鱼网络科技有限公司 | A kind of method and system for sending verification information |
| CN108243172B (en) * | 2016-12-27 | 2020-08-04 | 武汉斗鱼网络科技有限公司 | Method and system for sending verification information |
| CN107196943A (en) * | 2017-05-26 | 2017-09-22 | 浙江大学 | A kind of security display implementation method of private data in third-party platform |
| CN110995526A (en) * | 2019-11-04 | 2020-04-10 | 苏州浪潮智能科技有限公司 | Database resource isolation test method, system, terminal and storage medium |
| CN114157503A (en) * | 2021-12-08 | 2022-03-08 | 北京天融信网络安全技术有限公司 | Access request authentication method and device, API gateway equipment and storage medium |
| CN114363373A (en) * | 2021-12-31 | 2022-04-15 | 中国第一汽车股份有限公司 | Application communication management system, method, device, electronic device and storage medium |
| CN114363373B (en) * | 2021-12-31 | 2024-03-15 | 中国第一汽车股份有限公司 | Application communication management system, method, device, electronic equipment and storage medium |
| CN115065530A (en) * | 2022-06-13 | 2022-09-16 | 北京华信傲天网络技术有限公司 | Trusted data interaction method and system |
| CN115065530B (en) * | 2022-06-13 | 2024-01-23 | 北京华信傲天网络技术有限公司 | Trusted data interaction method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102868533B (en) | 2016-05-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102868533B (en) | resource access authorization verification method and system | |
| KR102514325B1 (en) | Model training system and method, storage medium | |
| US10146948B2 (en) | Secure network access | |
| US11290446B2 (en) | Access to data stored in a cloud | |
| CN102724204B (en) | Secure and trusted capability opening platform | |
| CN104718526A (en) | Secure mobile framework | |
| US20110252480A1 (en) | Secure storage and retrieval of confidential information | |
| CN102077208A (en) | Licensing protected content to application sets | |
| CN102089767A (en) | Authenticated database connectivity for unattended applications | |
| WO2023030450A1 (en) | Data sharing method and electronic device | |
| CN101989988A (en) | Copyright protection system and method of ebook online reading | |
| EP3920056B1 (en) | Digital artwork display device, management method, and electronic device | |
| US20160125177A1 (en) | Information processing system, information processing apparatus, access control method, and program | |
| US9407654B2 (en) | Providing multi-level password and phishing protection | |
| WO2019175427A1 (en) | Method, device and medium for protecting work based on blockchain | |
| CN113486122A (en) | Data sharing method and electronic equipment | |
| JP2002041347A (en) | Information presentation system and device | |
| US11861037B2 (en) | Unified data fabric for managing data lifecycles and data flows | |
| Chen et al. | A secure mobile DRM system based on cloud architecture | |
| Narayana | Security analysis of web application for industrial internet of things | |
| Simske et al. | Apex: Automated policy enforcement exchange | |
| JP2007249690A (en) | Member management system, service providing terminal and its method | |
| US8819453B1 (en) | Protection of user-generated information in the cloud | |
| Kumar et al. | [Retracted] Data Verification of Logical Pk‐Anonymization with Big Data Application and Key Generation in Cloud Computing | |
| KR20080048321A (en) | Method for issuing certificate including legal guardian's agreements and apparatus thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | ||
| CP03 | Change of name, title or address |
Address after: 518031 Guangdong province Futian District Shangbu Road West of the city of Shenzhen Shenzhen science and technology building 15 layer (1502-1504, 1506) Patentee after: CHINA NUCLEAR POWER TECHNOLOGY RESEARCH INSTITUTE Patentee after: China General Nuclear Power Corporation Address before: 518000 Guangdong, Futian District, Yitian Road, building A, block, building on the whole floor of A1301-1320 13 Patentee before: Zhongkehua Nuclear Power Technology Institute Co., Ltd. Patentee before: China Guangdong Nuclear Power Group Co., Ltd. |