CN102882882B - A kind of user resources authorization method - Google Patents
A kind of user resources authorization method Download PDFInfo
- Publication number
- CN102882882B CN102882882B CN201210382135.XA CN201210382135A CN102882882B CN 102882882 B CN102882882 B CN 102882882B CN 201210382135 A CN201210382135 A CN 201210382135A CN 102882882 B CN102882882 B CN 102882882B
- Authority
- CN
- China
- Prior art keywords
- authorized
- mandate
- authorized users
- mark
- status information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of user resources authorization method, comprising: mandate mark is carried in challenge message and sends to authorized user end by service end; Receive that authorized user end returns carry the response message of authorization message after, create and comprise described mandate authority of authorizing mark, authorization message and random number seed and licensing status information; Described mandate authority is sent to authorized users end, random number seed in described mandate authority and licensing status information are used for authorized users end and generate bill, described authorized users end can according to describedly authorizing mark, the bill of authorization message and generation obtains the resource of authorizing from service end.The embodiment of the present invention also provides corresponding equipment and system.Technical solution of the present invention achieves the high-precision resource authorization between user side and user side.
Description
Technical field
The present invention relates to communication technical field, be specifically related to a kind of user resources authorization method.
Background technology
China Telecom IPTV specification " Set Top Box and IPTV service operation platform Technical Interface Specification " V2 provides a kind of authentication scheme based on challenge handshake authentication protocol (Challenge Handshake Authentication Protocol, CHAP).The program adopts unilateral authentication mechanism, comprises the following steps:
After user side initiates authentication request to service end, service end sends challenge (Challenge) message to user side, and this challenge message comprises a random number; User side for initial value with this random number, utilizes one-way Hash function to calculate a cryptographic Hash as authentication code, replys; Service end checks this authentication code according to the cryptographic Hash that self calculates, if value coupling, certification is passed through.
Above, prior art provides the authentication scheme between user side and service end.But, along with the development of IPTV and internet television, interactivity ability between digital cable customers and user is had higher requirement, between user, the shared of own resource and control are become extremely important, and to the not corresponding technical scheme of the resource authorization between user side in prior art.
Summary of the invention
The embodiment of the present invention provides a kind of user resources authorization method, and the method can realize the high-precision resource authorization between user and user.The embodiment of the present invention also provides corresponding equipment and system.
The technical scheme that the embodiment of the present invention provides is as follows:
A kind of user resources authorization method, comprising:
Mandate mark is carried in challenge message and sends to authorized user end by service end;
Receive that authorized user end returns carry the response message of authorization message after, create and comprise described mandate authority of authorizing mark, authorization message and random number seed and licensing status information;
Described mandate authority is sent to authorized users end, random number seed in described mandate authority and licensing status information are used for authorized users end and generate bill, described authorized users end can according to describedly authorizing mark, the bill of authorization message and generation obtains the resource of authorizing from service end.
A kind of user resources authorisation device, comprising:
First sending module, sends to authorized user end for mandate mark being carried in challenge message;
Receiver module, for receiving the response message carrying authorization message that authorized user end returns;
Creation module, comprises described mandate authority of authorizing mark, authorization message and random number seed and licensing status information for creating;
Second sending module, for described mandate authority is sent to authorized users end, random number seed in described mandate authority and licensing status information are used for authorized users end and generate bill, described authorized users end can according to describedly authorizing mark, the bill of authorization message and generation obtains authorized resource from service end.
A kind of user resources authoring system, comprising: service end, authorized user end and authorized users end;
Described service end, authorized user end is sent to for mandate mark being carried in challenge message, receive that authorized user end returns carry the response message of authorization message after, create and comprise described mandate authority of authorizing mark, authorization message and random number seed and licensing status information, described mandate authority is sent to authorized users end, the resource of mandate is provided to authorized users end;
Described authorized user end, carries the challenge message of authorizing mark for what receive that service end sends, and authorization message is carried and send to service end in the response message;
Described authorized users end, for receiving the mandate authority that service end sends, generates bill according to the random number seed of authorizing in authority and licensing status information, and according to describedly authorizing mark, the bill of authorization message and generation obtains the resource of authorizing from service end.
The embodiment of the present invention extends challenge handshake authentication scheme, service end can obtain authorization message by challenge handshake authentication process from authorized user end, create and send comprise this authorization message mandate authority to authorized users end, authorized users end can generate bill according to information such as the random number seeds comprised in mandate authority, and then obtain the resource of authorizing from service end according to this bill, thus achieve the high-precision resource authorization between authorized user end and authorized users end.
Accompanying drawing explanation
Fig. 1 is the flow chart of the user resources authorization method of the embodiment of the present invention;
Fig. 2 is the schematic diagram of the user resources authorization method of the embodiment of the present invention;
Fig. 3 is the schematic diagram of the user resources authorisation device of the embodiment of the present invention.
Embodiment
The embodiment of the present invention provides a kind of user resources authorization method, and the method can realize the high-precision resource authorization between user and user.The embodiment of the present invention also provides corresponding equipment and system.Below be described in detail respectively.
Embodiment one,
Please refer to Fig. 1 and Fig. 2, the embodiment of the present invention provides a kind of family resource authorization method.The method relate to equipment comprise service end S and at least two user side.Hereafter to comprise two user side A and B.
Wherein, service end S is a public operation platform, includes certificate server; User side A and B connects with this service end S-phase, be the validated user of service end S, and the resource that user side A and B has is provided by service end and manages.Service end S can carry out certification to user side A or B, but does not support direct certification between user side A and user side B.User side A and user side B applies for there is one section of memory space respectively on service end S, and namely Space A and Space B, preserves respective resource.In prior art, user side B can not the calling party end A resource in Space A space of applying for, user side A can not the calling party end B resource in Space B space of applying for.
The problem that the embodiment of the present invention will solve is, part or all of resource authorization on its storage space S pace A can be accessed to user side B by user side A, or, the part or all of resource authorization on its storage space S pace B can be accessed to user side A by user side B.Hereafter for user side A, the part or all of resource authorization on its storage space S pace A is described to user side B access.After this, user side A is called authorized user end, user side B is called authorized users end.
As shown in Figure 1, the user resources authorization method that the embodiment of the present invention provides, comprising:
110, mandate mark is carried in challenge message and sends to authorized user end by service end.
In order to identify each mandate, service end S can authorize mark (authorization identity, Auth_id) for each mandate generates one.This mandate mark can be carried in the challenge message for challenge handshake authentication and send to authorized user end.Authorize mark generation have two kinds opportunity, a kind of be service end S receive authorized user end A send authorization requests time, a kind of be service end S receive authorized users end B send be authorized request time.
When authorized user end A needs to authorize authorized users end B, initiatively can send authorization requests to service end S.After service end S receives this authorization requests, identify the authorization requests mark wherein comprised, return corresponding challenge message to authorized user end A.The message of this challenge message as shown in Fig. 2 (1), content at least comprises a random number R for challenge handshake authentication
swith one for identifying mandate mark (Auth_id) of this mandate.After user A receives challenge message, calculate authentication code and arrange authorization message, authorization message comprises: authorized object, and authorized resource, authorizes restriction etc.; Wherein, authorized object and authorized users end, authorize restriction to comprise time restriction, or number of times restriction, or read-write comment etc.Authorized user end responds this challenge, returns the response message carrying authentication code and authorization message, as the message (2) in Fig. 2.The response message that service end S authenticated user end A sends over, contrasts authentication code after comprising deciphering response message, the identity of confirmation user side A, and by database manipulation, confirms authorized object, authorization resources and mandate restriction etc.; Service end S also needs certification this authorization privilege whether under the existing authority of user side A.If authentication failure or authority do not meet, then service end S returns error code immediately, and this time is authorized and terminated.
Authorized users end B also can provide the resource under authority to access to B by initiative authorized user end A, and now, authorized users end B sends the request of being authorized to service end S.Service end S with the identity of the challenge handshake authentication authenticates user B of challenge-response mode and request, as the challenge message (01) in Fig. 2 and response message (02).This challenge message (01) comprises a random number for challenge handshake authentication
one for identifying mandate mark (Auth_id) of this mandate.If service end S check that this is authorized to ask content in the authority tolerance band of user A itself, then this content of being authorized to ask is carried in challenge message when authorized user end A is online and sends to authorized user end A, this challenge message comprises the random number R for challenge handshake authentication
sthe content (text1) of (Auth_id) and this request of being authorized is identified for the mandate identifying this mandate, as the message (1) in Fig. 2 with one.If authorized user end A agrees to, then respond this challenge message, authorization message be set, return carry authorization message response message to service end S.
120, receive that authorized user end returns carry the response message of authorization message after, create and comprise described mandate authority of authorizing mark, authorization message and random number seed and licensing status information.
Service end S obtains authorization message from the response message that authorized user end A returns.Then, service end S creates one and authorizes authority, and this mandate authority comprises authorizes mark and authorization message, also comprises random number seed (seed) and licensing status information.
Wherein, authorization message comprises authorized object, and authorized resource, authorizes restriction etc.; Authorized object and authorized users end, can identify with IP address etc.; Authorized resource can with reference to use DOI(DigitalObject Unique identifier, Digital Object Unique Identifier) or URI(Uniform ResourceIdentifier, resource locator) as globally unique identifier; Restriction is authorized to comprise time restriction, or number of times restriction, or read-write comment etc.Licensing status information includes authorizes restriction by situation about using, and such as, the number of times restriction of mandate by situation about using, that is, is employed several times, also the surplus chance of use several times etc.Random number seed is generated by service end S, at follow-up generation bill.
The mandate authority that service end creates and stores is designated index, i.e. T to authorize
index=Auth_id, as shown in (5) in Fig. 2, follow-up, can retrieve corresponding mandate authority by authorizing mark.Service end S generates random number seed seed, means that this time authorizes the establishment of authority to complete.Random number seed in authority is for calculating bill (T), and bill is used for the resource of the authorized user end A in authorized users end B access services end S.The generation of bill depends on Hash (hash) the chain inverse operation of authorizing random number seed in authority and licensing status information, and bill has disposable feature.The validity of bill is the respective service once got.Service end S can generate corresponding bill as required according to the random number seed of authorizing in authority and licensing status information and store and checking.Licensing status information changes along with the service provided for authorized object and authorized users end.
130, described mandate authority is sent to authorized users end, random number seed in this mandate authority and licensing status information are used for authorized users end and generate bill, described authorized users end can according to describedly authorizing mark, the bill of authorization message and generation obtains the resource of authorizing from service end.
Service end S can send to authorized users end B with the form of safety the mandate authority of this generation, as the message (4) in Fig. 2.This secured fashion refers to the protection of confidentiality and information integrity, as digital signature and HMAC(Hash-based Message Authentication Code) etc. disclosed safe practice, can use public-key cipher mechanism or Symmetric Cryptography.After authorized users end B gets and authorizes authority, integrality and the source of authority is authorized in checking.The destruction of authority integrality can be caused this to provide and be authorized authority unsuccessful, need service end to retransmit.Authorized users end B stores the random number seed (seed) of authorizing in authority with the encrypted form that can decipher, as the message (4) in Fig. 2, also licensing status information etc. is stored in this locality simultaneously.
Authorized users end B can according to store licensing status information and random number seed calculate the bill of this access through hash chain, and show authorize mark and this bill to service end, as shown in (6) in Fig. 2.Service end is according to the mandate authority of authorizing mark to retrieve storage from database, also a bill is calculated according to the random number seed of authorizing in authority and licensing status information, the bill shown with authorized users end B contrasts, if inconsistent, then returns error message; If consistent, be then verified, illustrate that this request service of user B is in the mandate restriction of authorizing authority, then provide respective service, the resource of mandate is supplied to authorized users end B and accesses.
After user B gets service, upgrade licensing status information, such as, authorize number of times to subtract 1 etc., as shown in (7) in Fig. 2.Service end S is same after providing service upgrades corresponding licensing status information.
In the embodiment of the present invention, the data of authorizing authority and interior licensing status information thereof to safeguard with service end are as the criterion.If the licensing status information of authorized users end B or mandate limit inaccurate or lose, authorized users end B can identify to the correct licensing status information of service end request and mandate restriction according to authorizing.If a random number seed of authorized users end B is tampered, can identify to the correct random number seed of service end request and licensing status information according to authorizing.If authorize the whole loss of authority or destruction, authorized users end B can resend all one's own all mandate authority by request service end S.
In the embodiment of the present invention, the service condition of authorized user end A and authorized users end B by authorizing mark to know this mandate of granting.Authorized user A is also by authorizing mark change and upgrade this mandate.Service end and can authorize mark to manage mandate authority according to user side mark.
To sum up, embodiments provide a kind of user resources authorization method, the embodiment of the present invention extends challenge handshake authentication scheme, service end can obtain authorization message by challenge handshake authentication process from authorized user end, create and send comprise this authorization message mandate authority to authorized users end, authorized users end can generate bill according to information such as the random number seeds comprised in mandate authority, and then obtain the resource of authorizing from service end according to this bill, thus achieve the high-precision resource authorization between authorized user end and authorized users end.This technical scheme efficiency is high, is simple and easy to use, easily incorporates existing authentication scheme, realizes the security extension of business function.Especially, embodiment of the present invention technical scheme can be used for the mutual mandate realizing resource between internet television user.The mandate precise particle of embodiment of the present invention technical scheme is little, and authorized user and service end can review tracking licensing status, easily follows the trail of mandate and manages.
Embodiment of the present invention technical scheme is the expansion on existing challenge handshake authentication technical scheme basis, based on challenge handshake authentication scheme can adopt one in three kinds of following unilateral authentication technology, these three kinds of schemes come from following standard respectively: ISO/IEC 9798-2, ISO/IEC 9798-3, ISO/IEC 9798-4.
These three kinds of schemes can represent by formula below respectively:
The first:
S→C:R
S‖text1
C→S:Token
CS=text2‖ε
KCS(R
S‖S‖text2)
The second:
S→C:R
S‖text1
C→S:Token
CS=text2‖f
KCS(R
S‖S‖text2)
The third:
S→C:R
S‖text1
C → S:CertC ‖ Token
cS, wherein, Token
cS=R
c‖ R
s‖ text2 ‖ S ‖ sig
c(R
c‖ R
s‖ S ‖ text2)
In above-mentioned formula, C represents user side, and S represents service end, carries out unilateral authentication by S to C.
S → C or C → S represents once inquiry or response alternately.C or S represents the identify label of C or S.Text1 or text2 represents the message that will authenticate and respond.Token
cSrepresent a set of the message body of response, can be described as bill.R
cor R
sfor one section of random number that C or S generates.ε
kCSbe symmetric encipherment algorithm, the KCS shared with C and S is for key.F
kCSrefer to the safe hash function of band key in essence.CertC is the public key certificate of C.Sig
crepresent the private key signature algorithm of C.
Bill in the embodiment of the present invention adopts Hash chain technique computes, and the one-way function in Hash chain technology comprises Md5, SHA1 and their mutation, also can refer to their combination and repeatedly computing, as the key in ISO-18033-2 obtains function.
In the embodiment of the present invention, authorize the restriction can be correlated with containing number of times in restriction.If authority limited number of times corresponds to authorize entirety, then the value in first time bill can calculate n time according to random number seed one-way function in mandate authority, and n is the number of times restriction that entirety is authorized in this time.The calculating one-way function calculation times of later bill is successively decreased once.If number of times corresponds to concrete rights service action, then there are two kinds of modes.The first, the value for the first time in bill is calculate n time according to the ASCII value one-way function of random number seed in authority and authorization service action, and n is the number of times restriction that action is authorized in this time, and the calculating one-way function calculation times of later bill is successively decreased once; The second, agreement negotiates multiple seed value, and each seed value corresponds to one and authorizes action.Authorize in restriction and also can not comprise the relevant restriction of number of times.Now, the generation of bill still can use hash chain to carry out computing.The value of number of times can use a theoretic large value or acquiescence agreement generates after initial time numerical value is used up.
The embodiment of the present invention adds in challenge-response process authorizes mark for index this mandate, thus authorizes authority in recovery, synchronously authorizes authority state, browses the aspects such as authorization message and more easily realize.The embodiment of the present invention is sent by believable service end and authorizes authority, thus realizes the mutual mandate between user side.Being generated by service end authorizes authority that business is carried out more easily with accurate.The embodiment of the present invention quotes hash chain safe practice, realizes authorizing number of times restriction, and each bill difference obtaining service also makes scheme safer.
Embodiment two,
Please refer to Fig. 3, the embodiment of the present invention provides a kind of user resources authorisation device, comprising:
First sending module 310, sends to authorized user end for mandate mark being carried in challenge message;
Receiver module 320, for receiving the response message carrying authorization message that authorized user end returns;
Creation module 330, comprises described mandate authority of authorizing mark, authorization message and random number seed and licensing status information for creating;
Second sending module 340, for described mandate authority is sent to authorized users end, random number seed in described mandate authority and licensing status information are used for authorized users end and generate bill, described authorized users end can according to describedly authorizing mark, the bill of authorization message and generation obtains authorized resource from service end.
Further, this user resources authorisation device can also comprise:
Generation module, for receive authorized user end send authorization requests or authorized users end send be authorized request time, generate authorize mark.
Further, described creation module 330 can also be used for described mark of authorizing as the index of described mandate authority
Further, this user resources authorisation device can also comprise: authentication module and update module;
Described receiver module, also for receiving the service request comprising described mandate mark and bill that authorized users end sends;
Described authentication module, for the legitimacy of bill according to described random number seed and licensing status Information Authentication;
Described update module, for upgrading licensing status information.
To sum up, embodiments provide a kind of user resources authorisation device, this equipment can obtain authorization message by challenge handshake authentication process from authorized user end, create and send comprise this authorization message mandate authority to authorized users end, authorized users end can generate bill according to information such as the random number seeds comprised in mandate authority, and then obtain the resource of authorizing from service end according to this bill, thus achieve the high-precision resource authorization between authorized user end and authorized users end.
Embodiment three,
Please refer to Fig. 2, the embodiment of the present invention provides a kind of user resources authoring system, comprising:
Service end S, authorized user end A and authorized users end B;
Described service end S, authorized user end is sent to for mandate mark being carried in challenge message, receive that authorized user end returns carry the response message of authorization message after, create and comprise described mandate authority of authorizing mark, authorization message and random number seed and licensing status information, described mandate authority is sent to authorized users end, the resource of mandate is provided to authorized users end;
Described authorized user end A, carries the challenge message of authorizing mark for what receive that service end sends, and authorization message is carried and send to service end in the response message;
Described authorized users end B, for receiving the mandate authority that service end sends, generates bill according to the random number seed of authorizing in authority and licensing status information, and according to describedly authorizing mark, the bill of authorization message and generation obtains the resource of authorizing from service end.
To sum up, embodiments provide a kind of user resources authoring system, this system extension challenge handshake authentication scheme, service end can obtain authorization message by challenge handshake authentication process from authorized user end, create and send comprise this authorization message mandate authority to authorized users end, authorized users end can generate bill according to information such as the random number seeds comprised in mandate authority, and then obtain the resource of authorizing from service end according to this bill, thus achieve the high-precision resource authorization between authorized user end and authorized users end.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment can have been come by hardware, also can have been come by the hardware that program command is relevant, this program can be stored in a computer-readable recording medium, and storage medium can comprise: read-only memory, random-access memory, disk or CD etc.
The user resources authorization method provided the embodiment of the present invention above, equipment and system are described in detail, but the explanation of above embodiment just understands method of the present invention and core concept thereof for helping, and should not be construed as limitation of the present invention.Those skilled in the art are in the technical scope that the present invention discloses, and the change that can expect easily or replacement, all should be encompassed within protection scope of the present invention.
Claims (10)
1. a user resources authorization method, is characterized in that, comprising:
Mandate mark is carried in challenge message and sends to authorized user end by service end, described mandate be designated described service end receive described authorized user end send authorization requests time generate or described service end receive authorized users end send be authorized request time generate;
Receive that authorized user end returns carry the response message of authorization message after, create and comprise described mandate authority of authorizing mark, authorization message and random number seed and licensing status information;
Described mandate authority is sent to authorized users end, random number seed in described mandate authority and licensing status information are used for authorized users end and generate bill, described authorized users end can according to describedly authorizing mark, the bill of authorization message and generation obtains the resource of authorizing from service end;
Wherein, described licensing status information is stored in this locality by described authorized users end, after described authorized users end obtains the resource of mandate from service end, upgrades described licensing status information.
2. method according to claim 1, is characterized in that, mandate mark is carried in challenge message and sends to authorized user end to comprise by described service end:
When service end receives the authorization requests that authorized user end sends, generate and authorize mark, and this mandate mark is carried in challenge message and sends to authorized user end.
3. method according to claim 1, is characterized in that, mandate mark is carried in challenge message and sends to authorized user end to comprise by described service end:
When service end receives the request of being authorized of authorized users end transmission, generate and authorize mark;
The content described mandate identified and be authorized to ask is carried in challenge message and sends to authorized user end.
4. method according to claim 1, is characterized in that:
Described mandate authority is designated index with described mandate.
5. method according to claim 1, is characterized in that, also comprises after described mandate authority is sent to authorized users end:
Receive the service request comprising described mandate mark and bill that authorized users end sends;
The legitimacy of bill according to described random number seed and licensing status Information Authentication;
When described bill is legal, for authorized users end provides the resource of mandate, and upgrade licensing status information.
6. a user resources authorisation device, is characterized in that, comprising:
First sending module, send to authorized user end for mandate mark being carried in challenge message, described mandate be designated described user resources authorisation device receive described authorized user end send authorization requests time generate or described user resources authorisation device receive authorized users end send be authorized request time generate;
Receiver module, for receiving the response message carrying authorization message that authorized user end returns;
Creation module, comprises described mandate authority of authorizing mark, authorization message and random number seed and licensing status information for creating;
Second sending module, for described mandate authority is sent to authorized users end, random number seed in described mandate authority and licensing status information are used for authorized users end and generate bill, described authorized users end can according to describedly authorizing mark, the bill of authorization message and generation obtains authorized resource from described user resources authorisation device;
Wherein, described licensing status information is stored in this locality by described authorized users end, after described authorized users end obtains the resource of mandate from described user resources authorisation device, upgrades described licensing status information.
7. equipment according to claim 6, is characterized in that, also comprises:
Generation module, for receive authorized user end send authorization requests or authorized users end send be authorized request time, generate authorize mark.
8. equipment according to claim 6, is characterized in that:
Described creation module is also for authorizing described the index identified as described mandate authority.
9. equipment according to claim 6, is characterized in that, also comprises: authentication module and update module;
Described receiver module, also for receiving the service request comprising described mandate mark and bill that authorized users end sends;
Described authentication module, for the legitimacy of bill according to described random number seed and licensing status Information Authentication;
Described update module, for upgrading licensing status information.
10. a user resources authoring system, is characterized in that, comprising: service end, authorized user end and authorized users end;
Described service end, authorized user end is sent to for mandate mark being carried in challenge message, receive that authorized user end returns carry the response message of authorization message after, create and comprise described mandate authority of authorizing mark, authorization message and random number seed and licensing status information, described mandate authority is sent to authorized users end, the resource of mandate is provided to authorized users end, described mandate be designated described service end receive described authorized user end send authorization requests time generate or described service end receive authorized users end send be authorized request time generate;
Described authorized user end, carries the challenge message of authorizing mark for what receive that service end sends, and authorization message is carried and send to service end in the response message;
Described authorized users end, for receiving the mandate authority that service end sends, generates bill according to the random number seed of authorizing in authority and licensing status information, and according to describedly authorizing mark, the bill of authorization message and generation obtains the resource of authorizing from service end;
Wherein, described authorized users end, also for described licensing status information is stored in this locality, after described authorized users end obtains the resource of mandate from service end, upgrades described licensing status information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210382135.XA CN102882882B (en) | 2012-10-10 | 2012-10-10 | A kind of user resources authorization method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210382135.XA CN102882882B (en) | 2012-10-10 | 2012-10-10 | A kind of user resources authorization method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102882882A CN102882882A (en) | 2013-01-16 |
| CN102882882B true CN102882882B (en) | 2015-11-04 |
Family
ID=47484025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210382135.XA Active CN102882882B (en) | 2012-10-10 | 2012-10-10 | A kind of user resources authorization method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102882882B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104243491B (en) * | 2014-09-30 | 2017-08-29 | 深圳数字电视国家工程实验室股份有限公司 | A kind of control method and system of credible and secure service |
| CN106230603B (en) * | 2016-09-19 | 2019-08-16 | 中国传媒大学 | A kind of authentication authority method |
| CN111552935B (en) * | 2020-04-22 | 2023-09-29 | 中国银联股份有限公司 | Block chain data authorized access method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101394284A (en) * | 2008-11-13 | 2009-03-25 | 四川长虹电器股份有限公司 | One-time password authentication method |
| CN102195957A (en) * | 2010-03-19 | 2011-09-21 | 华为技术有限公司 | Resource sharing method, device and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101262342A (en) * | 2007-03-05 | 2008-09-10 | 松下电器产业株式会社 | Distributed authorization and validation method, device and system |
-
2012
- 2012-10-10 CN CN201210382135.XA patent/CN102882882B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101394284A (en) * | 2008-11-13 | 2009-03-25 | 四川长虹电器股份有限公司 | One-time password authentication method |
| CN102195957A (en) * | 2010-03-19 | 2011-09-21 | 华为技术有限公司 | Resource sharing method, device and system |
Non-Patent Citations (1)
| Title |
|---|
| 基于Hash函数和对称加密算法的一次性口令方案;孙克强等;《信息与电子工程》;20071231;第5卷(第6期);参见摘要,第1-2节 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102882882A (en) | 2013-01-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7175269B2 (en) | Internet-of-Things Device Record Verification Method and Apparatus, and ID Authentication Method and Apparatus | |
| CN101189827B (en) | Method for inclusive authentication and management of service provider, terminal and user identity module, and system and terminal device using the method | |
| US20190140844A1 (en) | Identity-linked authentication through a user certificate system | |
| US20190364032A1 (en) | Method for carrying out a two-factor authentication | |
| JP6586446B2 (en) | Method for confirming identification information of user of communication terminal and related system | |
| CN103795692B (en) | Open authorization method, system and certification authority server | |
| EP2255507B1 (en) | A system and method for securely issuing subscription credentials to communication devices | |
| CN109547445B (en) | Method and system for verifying legality of network request of client | |
| CN113691560B (en) | Data transmission method, method for controlling data use, and cryptographic device | |
| EP3425842B1 (en) | Communication system and communication method for certificate generation | |
| CN110990827A (en) | Identity information verification method, server and storage medium | |
| CN111275419B (en) | Block chain wallet signature right confirming method, device and system | |
| US10291567B2 (en) | System and method for resetting passwords on electronic devices | |
| KR101452708B1 (en) | CE device management server, method for issuing DRM key using CE device management server, and computer readable medium | |
| CN105409186A (en) | System and method for user authentication | |
| CN103490881A (en) | Authentication service system, user authentication method, and authentication information processing method and system | |
| CN101321064A (en) | Information system access control method and apparatus based on digital certificate technique | |
| JP5992535B2 (en) | Apparatus and method for performing wireless ID provisioning | |
| US11811739B2 (en) | Web encryption for web messages and application programming interfaces | |
| JP2017152880A (en) | Authentication system, key processing coordination method, and key processing coordination program | |
| CN114547583A (en) | Identity authentication system, method, device, equipment and computer readable storage medium | |
| CN101582876A (en) | Method, device and system for registering user generated content (UGC) | |
| CN115567312A (en) | Alliance chain data authority management system and method capable of meeting multiple scenes | |
| CN102882882B (en) | A kind of user resources authorization method | |
| CN108768650B (en) | Short message verification system based on biological characteristics |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent for invention or patent application | ||
| CB03 | Change of inventor or designer information |
Inventor after: Yu Xiaolong Inventor after: Li Xinguo Inventor after: Sun Zhuo Inventor after: Wan Ming Inventor after: Huang Huasong Inventor before: Yu Xiaolong Inventor before: Li Xinguo Inventor before: Sun Zhuo Inventor before: Huang Huasong |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: INVENTOR; FROM: YU XIAOLONG LI XINGUO SUN ZHUO HUANG HUASONG TO: YU XIAOLONG LI XINGUO SUNZHUO WAN MING HUANG HUASONG |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |