CN103067172A - Information safety management method and system - Google Patents
Information safety management method and system Download PDFInfo
- Publication number
- CN103067172A CN103067172A CN2012105681895A CN201210568189A CN103067172A CN 103067172 A CN103067172 A CN 103067172A CN 2012105681895 A CN2012105681895 A CN 2012105681895A CN 201210568189 A CN201210568189 A CN 201210568189A CN 103067172 A CN103067172 A CN 103067172A
- Authority
- CN
- China
- Prior art keywords
- password
- user
- program
- state
- change
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an information safety management method and a system. The method includes the steps of user account confirmation and user password confirmation, after the user account confirmation and the user password confirmation are conducted, the method further includes that if a wire or wireless net of a current device is communicated is detected, if not communicated, a second password confirmation procedure is started to require a user to input a second password to be confirmed again, and if the user is allowed to use or view corresponding information is decided according to confirmed results of a second password confirmation procedure. If the procedure is started, the second password confirmation procedure is started to require the user to input the second password to be confirmed again, and if the user is allowed to use or view the corresponding information according to the confirmation results of the second password confirmation procedure. If the procedure is closed, the second password is omitted, the user is allowed to use or view the corresponding information. The information safety management method and the system not only bring convenience to use by the user, but also can well protect information safety of the user.
Description
Technical field
The invention belongs to field of information security technology, be specifically related to a kind of information security management method and system.
Background technology
The method that is commonly used at present management information is exactly that an account and corresponding password are set, and the checking by account and password realizes information encryption.The user inputs account and password in use in landing frame, as long as can log in or open the corresponding information of checking after errorless by background authentication.
In order to be user-friendly to, usually in landing frame, all can be provided with one and remember the password option, if the user selected after, next login will no longer need to repeat to input account and password can log in or by checking.This kind situation is in or some relative environment such as office at the individual office computer, not too large problem.But when going on business or the not too safe environment of some network environments of Internet bar, or be in the personal terminal situation of losing, just probably steal the personal information chance for other people, thereby brought no small loss, especially trade secret or individual privacy.Do not remember the password option if do not choose, then all need to repeat to input corresponding account and password at every turn, use to the user and brought trouble.
Summary of the invention
In order to address the above problem, the object of the present invention is to provide a kind of information security management method and system, when being user-friendly to, can further ensure information safety.
In order to realize the foregoing invention purpose, the technical solution used in the present invention is as follows:
A kind of information security management method comprises the step of authentication of users account and user cipher, and is further comprising the steps of after having passed through aforementioned account and password authentification:
Whether the wired or cordless communication network that detects current device is communicated with;
If be not communicated with, then start the second password authentification program and again verify to require the user to input the second password, and determine whether allow the user to use or check corresponding information according to the result of described the second password program;
If be communicated with, judge then whether described the second password authentification program opens, the switch of described the second password authentification program can change by other equipment wired with current device or that wireless communication networks is connected;
If open, then start the second password authentification program and again verify to require the user to input the second password, and determine whether allow the user to use or check corresponding information according to the result of described the second password program;
If do not open, then skip the second password authentification and allow the user to use or check corresponding information.
Further, when other equipment change described the second password authentification program by wired or wireless communication network, specifically may further comprise the steps:
By the change request of wired or wireless communication network reception to described the second password authentification program switch state;
Random first state that generates changes password, and sends it on the portable terminal of user preset;
The second state that receives user's input changes password, and judges whether described the second state changes password identical with the first state change password;
If identical, then allow the user to change the on off state of described the second password program;
If different, then stop the user to change the on off state of described the second password program.
Further, described wireless network is GPRS, CDMA, WCDMA, TD-SCDMA or CDMA2000 wireless network.
Further, described current device is personal computer, mobile phone or palmtop PC.
A kind of Information Security Management System comprises the module of authentication of users account and user cipher, and this system also comprises with lower module:
Whether the network detection module after having passed through aforementioned account and password authentification, is communicated with for detection of the wired or cordless communication network of current device; If be not communicated with, then start the second password authentication module; If be communicated with, then setting up password switch judge module;
The second password authentication module starts the second password authentification program and again verifies to require the user to input the second password, and determines whether allow the user to use or check corresponding information according to the result of described the second password program;
The cipher switch judge module judges whether described the second password authentification program opens, and the switch of described the second password authentification program can change by other equipment wired with current device or that wireless communication networks is connected; If open, then start described the second password authentication module; If close, then skip the second password authentification and allow the user to use or check corresponding information.
Further, this system comprises that also the second password authentification program switch changes authentication module, be used for when other equipment change described the second password authentification program by wired or wireless communication network, by the change request of wired or wireless communication network reception to described the second password authentification program switch state; Random first state that generates changes password, and sends it on the portable terminal of user preset; The second state that receives user's input changes password, and judges whether described the second state changes password identical with the first state change password; If identical, then allow the user to change the on off state of described the second password program; If different, then stop the user to change the on off state of described the second password program.
Further, described wireless network is GPRS, CDMA, WCDMA, TD-SCDMA or CDMA2000 wireless network.
Further, described current device is personal computer, mobile phone or palmtop PC.
After adopting the present invention, the user generally can close the second password authentification program, avoid inputting the trouble that twice password brings to the user, thereby so that the user can remember that the password option is to make things convenient for its use by choosing.When these terminal equipments of user losing, stolen etc. not in self supervision scope the time; can automatically open the second password authentification programmed protection user information safety in the situation that equipment networks, can also be in the situation that the equipment networking passes through other opening of device second password authentification programmed protection user information safeties.
Therefore, the present invention both can be user-friendly to, and also can better protect user's information security.
Description of drawings
The picture that this description of drawings provides is used for assisting a further understanding of the present invention, consists of the application's a part, does not consist of to improper restriction of the present invention, in the accompanying drawings:
Fig. 1 is flow chart corresponding to the present invention;
Fig. 2 is system block diagram corresponding to the present invention;
Fig. 3 is the sub-process figure that the embodiment of the invention 2 increases on enforcement 1 basis;
Fig. 4 is the system block diagram of the embodiment of the invention 2 correspondences.
Embodiment
Embodiment 1:
As shown in Figure 1, the present embodiment discloses a kind of information security management method, may further comprise the steps:
(1) step of authentication of users account and user cipher, this step adopt existing identical method, are used for authentication of users account and user cipher, and checking just can't pass and do not allow the user to use or check corresponding information;
(2) after having passed through aforementioned account and password authentification, the present embodiment is not directly to allow the user to use or check corresponding information, but whether wired the or cordless communication network that detects current device is communicated with; If be not communicated with, then carried out for (31) step; If be communicated with, then carried out for (32) step; Because the switch of the second password authentification program can change by other equipment wired with current device or that wireless communication networks is connected; Other equipment are if change the on off state of its second proving program, must if current device can not be connected to the network, namely be to be in the complete uncontrollable state of user in network connection just, such as stolen, send and the unusual condition such as repair;
(31) start the second password authentification program and again verify to require the user to input the second password, and determine whether allow the user to use or check corresponding information according to the result of described the second password program; The purpose of this step is, makes current device in the complete uncontrollable situation of user (network is obstructed), prevents other people in the situation that the user has chosen and remembers the password option, very easily checks the information that the user meets;
(32) judge whether described the second password authentification program opens, the switch of described the second password authentification program can change by other equipment wired with current device or that wireless communication networks is connected; The purpose of this step is to arrange the second outpost of the tax office, and the user can change its on off state by communication network; If open, then carried out for (31) step; If do not open, then carried out for (4) step
(4) skipping the second password authentification allows the user to use or check corresponding information.
As shown in Figure 2, the present embodiment also discloses the Information Security Management System fully corresponding with preceding method, comprises the module 1 of authentication of users account and user cipher, and this system also comprises with lower module:
Whether network detection module 2 after having passed through aforementioned account and password authentification, is communicated with for detection of the wired or cordless communication network of current device; If be not communicated with, then start the second password authentication module; If be communicated with, then setting up password switch judge module;
The second password authentication module 3 starts the second password authentification program and again verifies to require the user to input the second password, and determines whether allow the user to use or check corresponding information according to the result of described the second password program;
Cipher switch judge module 4 judges whether described the second password authentification program opens, and the switch of described the second password authentification program can change by other equipment wired with current device or that wireless communication networks is connected; If open, then start described the second password authentication module; If close, then skip the second password authentification and allow the user to use or check corresponding information.
Wherein, described wireless network is GPRS, CDMA, WCDMA, TD-SCDMA or CDMA2000 wireless network.Need to prove; the described wireless network of the present embodiment includes but not limited to above-mentioned network; so long as can so that the user just can be connected to current device with the network of the on off state that changes the second proving program by this network, all be protection scope of the present invention.
Wherein, described current device is personal computer, mobile phone or palmtop PC.Need to prove, the described current device of the present embodiment includes but not limited to aforementioned device, comprises that also other can be by the equipment of user account and user cipher management information.
After adopting the present embodiment method and system, the user can relievedly choose and remember that the password option uses with convenient.Simultaneously, these terminal equipments of user lose, stolen etc. not in self supervision scope the time, can be automatically (equipment do not network situation) or open (during the equipment networking) second password authentification program by the user, further ensure information security.Such as: certain user's smart mobile phone is stolen, if being in open state and can connecting wireless communication networks on this equipment, the user just can in time start the second password authentication module protection user profile by other apparatus remotes so; When if the thief throws away or close its communication function with its Mobile phone card, system will start the second password authentication module protection user profile automatically.
The present embodiment discloses a kind of buffer memory method for synchronous of netting dish, except comprising embodiment 1 disclosed method step, the present embodiment is from the different of embodiment 1: in order further to ensure user's information security, as shown in Figure 3, when other equipment change described the second password authentification program by wired or wireless communication network, specifically may further comprise the steps:
(1) by the change request of wired or wireless communication network reception to described the second password authentification program switch state;
(2) generate at random the first state and change password, and send it on the portable terminal of user preset;
(3) receive the second state change password of user's input, and judge whether described the second state changes password identical with the first state change password; If identical, then carry out (41); If different, then carried out for (42) step;
(41) allow the user to change the on off state of described the second password program;
(42) stop the user to change the on off state of described the second password program.
As shown in Figure 4, the present embodiment also discloses a kind of system corresponding with the present embodiment method, except the module that embodiment 1 open system comprises, the present embodiment has also increased by the second password authentification program switch and has changed authentication module 5, be used for when other equipment change described the second password authentification program by wired or wireless communication network, by the change request of wired or wireless communication network reception to described the second password authentification program switch state; Random first state that generates changes password, and sends it on the portable terminal of user preset; The second state that receives user's input changes password, and judges whether described the second state changes password identical with the first state change password; If identical, then allow the user to change the on off state of described the second password program; If different, then stop the user to change the on off state of described the second password program.
So, the user just can one comes the switch of management and control the second password authentification program by portable terminal independently, thereby the malice that prevents computer-virus program changes, and reaches to improve the present embodiment security performance.
More than describe preferred embodiment of the present invention in detail, the ordinary skill that should be appreciated that this area need not creative work and just can design according to the present invention make many modifications and variations.Therefore, all in the art technical staff according to the present invention design on the prior art basis by logic analysis, reasoning or according to the available technical scheme of limited experiment, all should be among the determined protection range by these claims.
Claims (8)
1. information security management method comprises it is characterized in that the step of authentication of users account and user cipher, and is further comprising the steps of after having passed through aforementioned account and password authentification:
Whether the wired or cordless communication network that detects current device is communicated with;
If be not communicated with, then start the second password authentification program and again verify to require the user to input the second password, and determine whether allow the user to use or check corresponding information according to the result of described the second password program;
If be communicated with, judge then whether described the second password authentification program opens, the switch of described the second password authentification program can change by other equipment wired with current device or that wireless communication networks is connected;
If open, then start the second password authentification program and again verify to require the user to input the second password, and determine whether allow the user to use or check corresponding information according to the result of described the second password program;
If do not open, then skip the second password authentification and allow the user to use or check corresponding information.
2. information security management method according to claim 1 is characterized in that, when other equipment change described the second password authentification program by wired or wireless communication network, specifically may further comprise the steps:
By the change request of wired or wireless communication network reception to described the second password authentification program switch state;
Random first state that generates changes password, and sends it on the portable terminal of user preset;
The second state that receives user's input changes password, and judges whether described the second state changes password identical with the first state change password;
If identical, then allow the user to change the on off state of described the second password program;
If different, then stop the user to change the on off state of described the second password program.
3. information security management method according to claim 1 and 2 is characterized in that:
Described wireless network is GPRS, CDMA, WCDMA, TD-SCDMA or CDMA2000 wireless network.
4. information security management method according to claim 1 and 2 is characterized in that:
Described current device is personal computer, mobile phone or palmtop PC.
5. Information Security Management System comprises it is characterized in that the module of authentication of users account and user cipher, and this system also comprises with lower module:
Whether the network detection module after having passed through aforementioned account and password authentification, is communicated with for detection of the wired or cordless communication network of current device; If be not communicated with, then start the second password authentication module; If be communicated with, then setting up password switch judge module;
The second password authentication module starts the second password authentification program and again verifies to require the user to input the second password, and determines whether allow the user to use or check corresponding information according to the result of described the second password program;
The cipher switch judge module judges whether described the second password authentification program opens, and the switch of described the second password authentification program can change by other equipment wired with current device or that wireless communication networks is connected; If open, then start described the second password authentication module; If close, then skip the second password authentification and allow the user to use or check corresponding information.
6. Information Security Management System according to claim 5 is characterized in that:
This system comprises that also the second password authentification program switch changes authentication module, be used for when other equipment change described the second password authentification program by wired or wireless communication network, by the change request of wired or wireless communication network reception to described the second password authentification program switch state; Random first state that generates changes password, and sends it on the portable terminal of user preset; The second state that receives user's input changes password, and judges whether described the second state changes password identical with the first state change password; If identical, then allow the user to change the on off state of described the second password program; If different, then stop the user to change the on off state of described the second password program.
7. it is characterized in that according to claim 5 or 6 described Information Security Management System:
Described wireless network is GPRS, CDMA, WCDMA, TD-SCDMA or CDMA2000 wireless network.
8. it is characterized in that according to claim 5 or 6 described Information Security Management System:
Described current device is personal computer, mobile phone or palmtop PC.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012105681895A CN103067172A (en) | 2012-12-24 | 2012-12-24 | Information safety management method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012105681895A CN103067172A (en) | 2012-12-24 | 2012-12-24 | Information safety management method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103067172A true CN103067172A (en) | 2013-04-24 |
Family
ID=48109643
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012105681895A Pending CN103067172A (en) | 2012-12-24 | 2012-12-24 | Information safety management method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103067172A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104700010A (en) * | 2013-12-05 | 2015-06-10 | 腾讯科技(深圳)有限公司 | Personal information protection method and protection device |
| CN104796253A (en) * | 2014-01-20 | 2015-07-22 | 腾讯科技(深圳)有限公司 | Independent cipher verifying method and device and storage medium |
| CN106487789A (en) * | 2016-10-10 | 2017-03-08 | 广东欧珀移动通信有限公司 | A kind of method of the password of modification application account, device and mobile terminal |
| CN107317804A (en) * | 2017-06-19 | 2017-11-03 | 努比亚技术有限公司 | Private clound encryption data access method, terminal and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1787583A (en) * | 2004-12-06 | 2006-06-14 | 英华达(南京)科技有限公司 | Method for setting remote controlled movble telephone by news in brief service |
| CN101005662A (en) * | 2006-11-15 | 2007-07-25 | 深圳凯虹移动通信有限公司 | Mobile terminal with long-range control function and its long-range control method |
| CN101252703A (en) * | 2008-03-28 | 2008-08-27 | 宇龙计算机通信科技(深圳)有限公司 | Terminal data protecting method, system as well as mobile communication terminal |
| CN101616495A (en) * | 2008-06-23 | 2009-12-30 | 网秦无限(北京)科技有限公司 | The method and system of individual privacy in the protection mobile phone |
| CN101772017A (en) * | 2009-01-06 | 2010-07-07 | 三星电子(中国)研发中心 | Method for remotely destroying information of communication terminal and communication terminal thereof |
| CN102271332A (en) * | 2011-07-18 | 2011-12-07 | 中兴通讯股份有限公司 | Method and device for maintaining secrecy of terminal information |
| CN102413456A (en) * | 2011-09-02 | 2012-04-11 | 中国电信股份有限公司 | User terminal anti-theft method, user terminal anti-theft device and user terminal anti-theft system based on operation network |
| CN102790819A (en) * | 2011-05-17 | 2012-11-21 | 芯讯通无线科技(上海)有限公司 | Mobile terminal capable of protecting privacy and method |
-
2012
- 2012-12-24 CN CN2012105681895A patent/CN103067172A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1787583A (en) * | 2004-12-06 | 2006-06-14 | 英华达(南京)科技有限公司 | Method for setting remote controlled movble telephone by news in brief service |
| CN101005662A (en) * | 2006-11-15 | 2007-07-25 | 深圳凯虹移动通信有限公司 | Mobile terminal with long-range control function and its long-range control method |
| CN101252703A (en) * | 2008-03-28 | 2008-08-27 | 宇龙计算机通信科技(深圳)有限公司 | Terminal data protecting method, system as well as mobile communication terminal |
| CN101616495A (en) * | 2008-06-23 | 2009-12-30 | 网秦无限(北京)科技有限公司 | The method and system of individual privacy in the protection mobile phone |
| CN101772017A (en) * | 2009-01-06 | 2010-07-07 | 三星电子(中国)研发中心 | Method for remotely destroying information of communication terminal and communication terminal thereof |
| CN102790819A (en) * | 2011-05-17 | 2012-11-21 | 芯讯通无线科技(上海)有限公司 | Mobile terminal capable of protecting privacy and method |
| CN102271332A (en) * | 2011-07-18 | 2011-12-07 | 中兴通讯股份有限公司 | Method and device for maintaining secrecy of terminal information |
| CN102413456A (en) * | 2011-09-02 | 2012-04-11 | 中国电信股份有限公司 | User terminal anti-theft method, user terminal anti-theft device and user terminal anti-theft system based on operation network |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104700010A (en) * | 2013-12-05 | 2015-06-10 | 腾讯科技(深圳)有限公司 | Personal information protection method and protection device |
| CN104700010B (en) * | 2013-12-05 | 2021-06-01 | 腾讯科技(深圳)有限公司 | Personal information protection method and protection device |
| CN104796253A (en) * | 2014-01-20 | 2015-07-22 | 腾讯科技(深圳)有限公司 | Independent cipher verifying method and device and storage medium |
| CN106487789A (en) * | 2016-10-10 | 2017-03-08 | 广东欧珀移动通信有限公司 | A kind of method of the password of modification application account, device and mobile terminal |
| CN107317804A (en) * | 2017-06-19 | 2017-11-03 | 努比亚技术有限公司 | Private clound encryption data access method, terminal and storage medium |
| CN107317804B (en) * | 2017-06-19 | 2020-12-29 | 努比亚技术有限公司 | Private cloud encrypted data access method, terminal and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105654580B (en) | Access control method and system, electronic lock, management and visitor's terminal | |
| US20170236350A1 (en) | Electronic door lock system | |
| CN104637131B (en) | A kind of access control system authorization method, device and access control system | |
| CN101521886B (en) | Method and device for authenticating terminal and telecommunication smart card | |
| CN204833406U (en) | Electronic lock based on user identity characteristic recognition | |
| CN103929748A (en) | Internet of things wireless terminal, configuration method thereof and wireless network access point | |
| CN102509055A (en) | Mobile terminal and method for hiding programs of mobile terminal | |
| CN104091133A (en) | Method for protecting security of terminal, terminal and system | |
| CN105553924B (en) | A kind of safety protecting method, smart home and system applied to smart home | |
| CN103037370A (en) | Portable storage device and identity authentication method | |
| CN104517338A (en) | Remote door access control system based on wireless network and realization method of remote door access control system | |
| CN102833068B (en) | Method for bidirectional authentication of terminal and smart card, protocol and smart card | |
| CN102945526A (en) | Device and method for improving online payment security of mobile equipment | |
| CN105405185A (en) | Safety verifying method and apparatus thereof | |
| CN102663844A (en) | Method for controlling authority of mobile equipment under different conditions | |
| CN103067172A (en) | Information safety management method and system | |
| CN104820805A (en) | Method and device for burglary prevention of user identity identification card information | |
| CN104834867B (en) | The method and system of electronic equipment privacy protection are realized based on bluetooth | |
| CN104836794B (en) | The method and system of electronic equipment privacy protection are realized based on WIFI hot spot | |
| CN103488936A (en) | Mobile terminal and mobile terminal security code validation method and device | |
| CN205193906U (en) | Cell -phone system of opening door based on cloud platform | |
| CN102521169B (en) | Confidential USB (universal serial bus) memory disk with display screen and security control method of confidential USB memory disk | |
| CN102413146A (en) | Client authorized logon method based on dynamic codes | |
| CN104105092A (en) | Security monitoring method for wireless network | |
| CN101268712B (en) | Method and a device to suspend the access to a service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130424 |
|
| RJ01 | Rejection of invention patent application after publication |