CN103188677A - Client software authentication method and client software authentication device and client software authentication system - Google Patents

Client software authentication method and client software authentication device and client software authentication system Download PDF

Info

Publication number
CN103188677A
CN103188677A CN2011104525556A CN201110452555A CN103188677A CN 103188677 A CN103188677 A CN 103188677A CN 2011104525556 A CN2011104525556 A CN 2011104525556A CN 201110452555 A CN201110452555 A CN 201110452555A CN 103188677 A CN103188677 A CN 103188677A
Authority
CN
China
Prior art keywords
client software
portable terminal
authentication information
authentication
msisdn
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2011104525556A
Other languages
Chinese (zh)
Inventor
陈文平
刘驰洋
杨明哲
陈坤
安景学
曾庆伟
王林浩
李涛
李巍璐
赵杰
章玮
丁健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Group Beijing Co Ltd
Original Assignee
China Mobile Group Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Group Beijing Co Ltd filed Critical China Mobile Group Beijing Co Ltd
Priority to CN2011104525556A priority Critical patent/CN103188677A/en
Publication of CN103188677A publication Critical patent/CN103188677A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a client software authentication method, a client software authentication device and a client software authentication system. The client software authentication method includes a first step of receiving a login request carrying first authentication information sent by client software and then permitting a mobile terminal which the client software belongs to carry out data manipulation when confirming that the first authentication information coincides and a loss sign of the mobile terminal is in a resetting state, and a second step of configuring information according to the access authority of the mobile terminal which the client software belongs to, carrying out authority check on received data manipulation requests sent by the client software, and then returning corresponding data manipulation results to the client software with regard to the data manipulation requests which pass the authority check. Due to the fact that the authentication information can be verified when the mobile terminal is subjected to login authentication, the client software authentication method further includes the step of judging whether the mobile terminal reports the loss. A user can not access the system on the condition that the mobile terminal reports the loss or the authentication information does not pass validation. Consequently, the probability that the mobile terminal is stolen to cause illegal use of the client software and unsafe information is reduced.

Description

A kind of authentication method of client software, Apparatus and system
Technical field
The present invention relates to the mobile communication technology field, relate in particular to a kind of authentication method, Apparatus and system of client software.
Background technology
At present, each enterprise can use business intelligence (BI, Business Intelligence) system, obtains Useful Information from the mass data that production and operation produce, to improve management and administration.Be example with telecom operators, stored the mass data that the client produces in the BI system in a plurality of operation flows such as charging, business, account, can be used for fine-grained management such as business monitoring and business diagnosis.Wherein, every data based business association, business income and customer-oriented significance level have different data values in the BI system, and relatively, the more high confidentiality to data of data value requires also can be more high.
When mobile terminal accessing enterprise-level BI system, to consider the information security of BI system emphatically, in the information security management mechanism of enterprise-level BI system, should guarantee between database server and the portable terminal Information Security end to end, also to guarantee the fail safe of BI system.
In order to ensure information security, when mobile terminal accessing BI system, generally adopt following authentication mode at present:
1, the special peripheral apparatus such as USB token of employing and number of the account binding carry out identification authentication, or on the basis of mobile subscriber's international number MSISDN and number of the account binding authentication, further expand the USB token that uses with the number of the account binding and carry out identification authentication.This authentication mode is extremely inconvenient when reality is used, if only having carried portable terminal, the user do not carry special peripheral apparatus, perhaps do not carry the connecting line of peripheral apparatus, just can not carry out the visit of the client software of portable terminal, cause user's inconvenience.
2, employing is carried out authentication with the automatic binding of the International Mobile Equipment Identity sign indicating number IMEI of MSISDN, number of the account and portable terminal.This authentication mode is owing to bind number of the account and IMEI, so, the user will revise the own binding IMEI information that presets before each replacing portable terminal, in case the IMEI information that does not have time update to preset after changing planes, just can't carry out the visit of client software smoothly, cause user's use inconvenience.
3, employing is carried out authentication with the automatic binding of the international mobile subscriber identity IMSI of MSISDN, number of the account and SIM card.Use this authentication mode, lose and do not do under the situation of replacement SIM card operation at user's portable terminal, the user just can't report the loss, and still can extract corresponding IMSI information on the data of network side automatically, and then may cause the risk of information security.
In sum, more than existing authentication mode ubiquity user uses inconvenience, the problem that fail safe is not high enough.
Summary of the invention
The embodiment of the invention provides a kind of authentication method, Apparatus and system of client software, can improve the fail safe that client software uses on basis easy to use.
The authentication method of a kind of client software that the embodiment of the invention provides comprises:
Receive the logging request that carries first authentication information that client software sends;
Confirm whether described first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the described client software is for resetting;
When confirm that first authentication information conforms to and the described state of reporting the loss sign when resetting, allow the affiliated portable terminal of described client software to carry out data manipulation;
Receive the data operation request that described client software sends, according to the access rights configuration information of the portable terminal under the described client software, the data operation request that the described client software that receives sends is carried out scope check;
For the data operation request by scope check, return corresponding data manipulation result to described client software.
The authenticate device of a kind of client software that the embodiment of the invention provides comprises:
Receiving element is used for receiving the logging request that carries first authentication information that client software sends, and receives the data operation request that described client software sends;
The authentication unit be used for confirming whether described first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the described client software is for resetting; When described authentication unit confirm that first authentication information conforms to and the described state of reporting the loss sign when resetting, allow the portable terminal under the described client software to carry out data manipulation;
The control of authority unit is used for the access rights configuration information according to the portable terminal under the described client software, and the data operation request that the described client software that described receiving element is received sends is carried out scope check;
The data interaction unit is used for for the data operation request by scope check, returns corresponding data manipulation result to described client software.
The Verification System of a kind of client software that the embodiment of the invention provides comprises:
Certificate server is used for receiving the logging request that carries first authentication information that client software sends; Confirm whether described first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the described client software is for resetting; When confirm that first authentication information conforms to and the described state of reporting the loss sign when resetting, allow the affiliated portable terminal of described client software to carry out data manipulation; Receive the data operation request that described client software sends, according to the access rights configuration information of the portable terminal under the described client software, the data operation request that the described client software that receives sends is carried out scope check; Transmit data operation request by scope check to database server, and return described database server feedback data operating result to described client software;
Database server is used for receiving the data operation request that described certificate server is transmitted, after carrying out corresponding data manipulation, to described certificate server feedback data operating result.
The beneficial effect of the embodiment of the invention comprises:
The authentication method of a kind of client software that the embodiment of the invention provides, Apparatus and system, after receiving the logging request that carries first authentication information of client software transmission, when confirm that first authentication information conforms to and client software under the state of reporting the loss sign of portable terminal when resetting, allow the affiliated portable terminal of client software to carry out data manipulation; Access rights configuration information according to the portable terminal under the client software, the data operation request that the client software that receives sends is carried out scope check, for the data operation request by scope check, return corresponding data manipulation result to client software.The embodiment of the invention can be on the basis that authentication information is verified when the login to portable terminal authenticates, judge whether this portable terminal is reported the loss, under the situation that this portable terminal is reported the loss or authentication information passes through to verify, the user can not access system, like this, can reduce portable terminal when stolen or client software is caused the unsafe possibility of system information by illegal the use; And the authentication method that the embodiment of the invention provides do not need to increase peripheral apparatus, and is so user-friendly yet; And, when carrying out data manipulation, can effectively operate according to user's access rights control user, can further improve the Information Security of system.
Description of drawings
The flow chart of the authentication method of the client software that Fig. 1 provides for the embodiment of the invention;
The flow chart that issues of the client software that Fig. 2 provides for the embodiment of the invention;
The structural representation of the authenticate device of the client software that Fig. 3 provides for the embodiment of the invention;
The structural representation of the Verification System of the client software that Fig. 4 provides for the embodiment of the invention.
Embodiment
Below in conjunction with accompanying drawing, the authentication method of the client software that the embodiment of the invention is provided, the embodiment of Apparatus and system are described in detail.
The authentication method of a kind of client software that the embodiment of the invention provides, as shown in Figure 1, idiographic flow may further comprise the steps:
The logging request that carries first authentication information that S101, reception client software send;
Whether S102, affirmation first authentication information conform to stored user information, and whether the state of reporting the loss sign of the portable terminal under the client software is for resetting; If, execution in step S103; If not, execution in step S106;
Portable terminal under S103, the permission client software carries out data manipulation;
The data operation request that S104, reception client software send according to the access rights configuration information of the portable terminal under the client software, is carried out scope check to the data operation request that the client software that receives sends;
S105, for the data operation request by scope check, return corresponding data manipulation result to client software;
S106, process ends.
Specific implementation to above steps is described in detail below.
Wherein, first authentication information in above-mentioned steps S101 can comprise: through the installation series number (SN of the number of the account name (USENAME) of digital signature, password (PASSWORD), client software, Series Number) and mobile terminal user identification code (IMSI, International Mobile Subscriber Identification Number); In first authentication information, add the SN of client software, can illegal client software be filtered, so also can improve the fail safe of system.
In the specific implementation, the user can be at login interface input USENAME and the PASSWORD of portable terminal by client software, the IMSI that client software extracts with USENAME, PASSWORD, from portable terminal and the SN of client software merge, after digital signature, form first authentication information, be submitted to certificate server by network link.
Particularly, when certificate server receives the logging request that comprises above-mentioned first authentication information, can check that whether the state of reporting the loss sign of the portable terminal that client software is affiliated is for resetting, namely whether this user reports the loss, and can USENAME, PASSWORD, SN and the IMSI through digital signature be decrypted; According to the mobile subscriber's international number in the stored user information (MSISDN, Mobile Subscriber International ISDN/PSTN number), from the charge system server, obtain the IMSI corresponding with MSISDN; Then, the IMSI of the MSISDN correspondence of using USENAME, PASSWORD, SN, the MSISDN in the stored user information and getting access to, the USENAME that deciphering is obtained, PASSWORD, SN and IMSI verify respectively, and the process of checking belongs to prior art, does not repeat them here.
If this user reports the loss, perhaps first authentication information does not pass through checking, and then the user identity of explanation application login is illegal, and this user's login will be refused by system, in the specific implementation, can return the response realization of login failure to the user.By the portable terminal that checking and user do not report the loss, will allow portable terminal to carry out data manipulation for first authentication information, further, also need the user's data operation requests is carried out scope check, to guarantee the fail safe of system.
Further, from sign in to the process that withdraws from, can before carrying out each data manipulation, all carry out the inspection of number of the account legitimacy and access rights the user, further strengthen the fail safe of system.
Further, in the said method that the embodiment of the invention provides, before client software is authenticated, can also comprise the process that issues client software, particularly, the process that client software issues can realize by following step as shown in Figure 2:
S201, according to client software user list current to be issued, send the prompting message that has the installation sequence sign indicating number SN corresponding with each portable terminal to each portable terminal of waiting to issue in the user list, whether carry out the installation of client software with the inquiry user;
In the specific implementation, SN can generate when generating message content, each SN is corresponding one by one with each portable terminal, namely the SN corresponding to each portable terminal of Sheng Chenging has nothing in common with each other, guaranteed that like this other users can not use this SN application download client software, avoid the disabled user that the possibility that client software causes a hidden trouble to system is installed.
Particularly, SN can not do restriction at this for any one random number more than 15.
The download request that carries second authentication information that S202, mobile terminal receive return; Second authentication information comprises: SN, IMSI and MSISDN;
S203, determine to receive download request the moment whether in the effective time window, namely the user must ask download client software just effective after receiving prompting message in effective time; If, execution in step S204; If not, execution in step S207;
S204, confirm whether second authentication information conforms to stored user information, whether the state of reporting the loss sign of portable terminal is for resetting, and whether the installment state of the SN of portable terminal correspondence is for not installing; If, execution in step S205; If not, execution in step S207;
Particularly, if portable terminal had been installed this client software, this portable terminal is reported the loss or second authentication information does not pass through checking, the user can not download this client software.
S205, send the installation procedure of client software to portable terminal;
S206, the installment state of the SN of portable terminal correspondence is updated to installs, stop other users and initiate the possibility downloaded by this SN again;
S207, process ends.
With respect in the prior art client software being placed in the public application software download platform, can unrestricted random download, above-mentioned steps S201~the S207 of the employing embodiment of the invention carries out client software and issues, guarantee only to allow the user in the particular range can obtain client software, the user scope of control download client software, for this application software system that needs higher-security of for example BI system, improved the fail safe that client software uses.
Based on same inventive concept, the embodiment of the invention also provides a kind of certificate server and system of client software, because the principle that this certificate server and system deal with problems is similar to the authentication method of aforementioned a kind of client software, therefore the enforcement of this certificate server and system can repeat part and repeat no more referring to the enforcement of method.
The certificate server of a kind of client software that the embodiment of the invention provides as shown in Figure 3, comprising:
Receiving element 301 is used for receiving the logging request that carries first authentication information that client software sends, and receives the data operation request that client software sends;
Authentication unit 302 be used for confirming whether first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the client software is for resetting; When confirm that first authentication information conforms to and the state of reporting the loss sign when resetting, allow the affiliated portable terminal of client software to carry out data manipulation;
Control of authority unit 303 is used for the access rights configuration information according to the portable terminal under the client software, and the data operation request that the client software that receiving element 301 is received sends is carried out scope check;
Data interaction unit 304 is used for for the data operation request by scope check, returns corresponding data manipulation result to client software.
Further, the authentication unit 302 in the above-mentioned certificate server, the concrete MSISDN that is used for according to stored user information obtains the IMSI corresponding with MSISDN from the charge system server; To being decrypted through USENAME, the PASSWORD of digital signature, SN and the IMSI of client software; The IMSI of the MSISDN correspondence of using USENAME, PASSWORD, SN, the MSISDN in the stored user information and getting access to, the USENAME that deciphering is obtained, PASSWORD, SN and IMSI verify respectively.
Further, in the above-mentioned certificate server, as shown in Figure 3, can also comprise: transmitting element 305 and software dispatch unit 306;
Transmitting element 305 is used for according to client software user list current to be issued, and sends the prompting message that has the installation sequence sign indicating number SN corresponding with each portable terminal to each portable terminal of waiting to issue in the user list;
Receiving element 301 also is used for the download request that carries second authentication information that mobile terminal receive returns; This second authentication information comprises: SN, IMSI and MSISDN;
Authentication unit 302, also be used for if in the time of setting, receiving element 301 receives the download request that carries second authentication information that portable terminal returns, confirm then whether second authentication information conforms to stored user information, whether the state of reporting the loss sign of portable terminal is for resetting, and whether the installment state of the SN of portable terminal correspondence is for not installing; When definite result is when being, 306 send the software dispatch response to the software dispatch unit;
Software dispatch unit 306 is used for receiving the software dispatch response that authentication unit 302 sends, and sends the client software installation procedure to portable terminal.
The Verification System of a kind of client software that the embodiment of the invention provides as shown in Figure 4, comprising:
Certificate server 401 is used for receiving the logging request that carries first authentication information that client software sends; Confirm whether first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the client software is for resetting; When confirm that first authentication information conforms to and the state of reporting the loss sign when resetting, allow the affiliated portable terminal of client software to carry out data manipulation; Receive the data operation request that client software sends, according to the access rights configuration information of the portable terminal under the client software, the data operation request that the client software that receives sends is carried out scope check; Transmit data operation request by scope check to database server 402, and to the data manipulation result of client software return data storehouse server feedback;
Database server 402 is used for receiving the data operation request that certificate server 401 is transmitted, after carrying out corresponding data manipulation, to certificate server feedback data operating result.
Further, said system also comprises as shown in Figure 4: charge system server 403;
Certificate server 401, the concrete MSISDN that is used for according to stored user information obtains the IMSI corresponding with MSISDN from charge system server 403; To being decrypted through USENAME, the PASSWORD of digital signature, SN and the IMSI of client software; The IMSI of the MSISDN correspondence of using USENAME, PASSWORD, SN, the MSISDN in the stored user information and getting access to, the USENAME that deciphering is obtained, PASSWORD, SN and IMSI verify respectively;
Charge system server 403 is for the corresponding relation that each IMSI and MSISDN are provided to certificate server 401.
Through the above description of the embodiments, those skilled in the art can be well understood to the embodiment of the invention and can realize by hardware, also can realize by the mode that software adds necessary general hardware platform.Based on such understanding, the technical scheme of the embodiment of the invention can embody with the form of software product, it (can be CD-ROM that this software product can be stored in a non-volatile memory medium, USB flash disk, portable hard drive etc.) in, comprise some instructions with so that computer equipment (can be personal computer, server, the perhaps network equipment etc.) carry out the described method of each embodiment of the present invention.
It will be appreciated by those skilled in the art that accompanying drawing is the schematic diagram of a preferred embodiment, the module in the accompanying drawing or flow process might not be that enforcement the present invention is necessary.
It will be appreciated by those skilled in the art that the module in the device among the embodiment can be distributed in the device of embodiment according to the embodiment description, also can carry out respective change and be arranged in the one or more devices that are different from present embodiment.The module of above-described embodiment can be merged into a module, also can further split into a plurality of submodules.
The invention described above embodiment sequence number does not represent the quality of embodiment just to description.
The authentication method of a kind of client software that the embodiment of the invention provides, Apparatus and system, after receiving the logging request that carries first authentication information of client software transmission, when confirm that first authentication information conforms to and client software under the state of reporting the loss sign of portable terminal when resetting, allow the affiliated portable terminal of client software to carry out data manipulation; Access rights configuration information according to the portable terminal under the client software, the data operation request that the client software that receives sends is carried out scope check, for the data operation request by scope check, return corresponding data manipulation result to client software.The embodiment of the invention can be on the basis that authentication information is verified when the login to portable terminal authenticates, judge whether this portable terminal is reported the loss, under the situation that this portable terminal is reported the loss or authentication information passes through to verify, the user can not access system, like this, can reduce portable terminal when stolen or client software is caused the unsafe possibility of system information by illegal the use; And the authentication method that the embodiment of the invention provides do not need to increase peripheral apparatus, and is so user-friendly yet; And, when carrying out data manipulation, can effectively operate according to user's access rights control user, can further improve the Information Security of system.
Further, with respect in the prior art client software being placed in the public application software download platform, can unrestricted random download, the client software that the method that the embodiment of the invention provides comprises issues process, can guarantee only to allow the user in the particular range can obtain client software, the user scope of control download client software for this application software system that needs higher-security of for example BI system, has improved the fail safe that client software uses.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.

Claims (9)

1. the authentication method of a client software is characterized in that, comprising:
Receive the logging request that carries first authentication information that client software sends;
Confirm whether described first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the described client software is for resetting;
When confirm that first authentication information conforms to and the described state of reporting the loss sign when resetting, allow the affiliated portable terminal of described client software to carry out data manipulation;
Receive the data operation request that described client software sends, according to the access rights configuration information of the portable terminal under the described client software, the data operation request that the described client software that receives sends is carried out scope check;
For the data operation request by scope check, return corresponding data manipulation result to described client software.
2. the method for claim 1 is characterized in that, described first authentication information comprises: through number of the account name USENAME, the password PASSWORD of digital signature, installation series number SN and the mobile terminal user identification code IMSI of client software.
3. method as claimed in claim 2 is characterized in that, whether described first authentication information of described affirmation conforms to stored user information, specifically comprises:
Mobile subscriber's international number MSISDN according in the stored user information obtains the IMSI corresponding with described MSISDN from the charge system server;
USENAME, PASSWORD, SN and IMSI through digital signature are decrypted;
The IMSI of the MSISDN correspondence of using USENAME, PASSWORD, SN, the MSISDN in the stored user information and getting access to, the USENAME that deciphering is obtained, PASSWORD, SN and IMSI verify respectively.
4. as each described method of claim 1-3, it is characterized in that, before the logging request that carries first authentication information that receives the client software transmission, also comprise:
According to described client software user list current to be issued, send the prompting message that has the installation sequence sign indicating number SN corresponding with each portable terminal to described each portable terminal of waiting to issue in the user list;
If in the time of setting, receive the download request that carries second authentication information that portable terminal returns, confirm then whether described second authentication information conforms to stored user information, the state of reporting the loss sign of described portable terminal whether be reset and the installment state of the SN that described portable terminal is corresponding whether for not installing, when definite result is when being, send the installation procedure of described client software to described portable terminal, and the installment state of the SN of described portable terminal correspondence is updated to installs; Described second authentication information comprises: SN, IMSI and MSISDN.
5. the certificate server of a client software is characterized in that, comprising:
Receiving element is used for receiving the logging request that carries first authentication information that client software sends, and receives the data operation request that described client software sends;
The authentication unit be used for confirming whether described first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the described client software is for resetting; When confirm that first authentication information conforms to and the described state of reporting the loss sign when resetting, allow the affiliated portable terminal of described client software to carry out data manipulation;
The control of authority unit is used for the access rights configuration information according to the portable terminal under the described client software, and the data operation request that the described client software that described receiving element is received sends is carried out scope check;
The data interaction unit is used for for the data operation request by scope check, returns corresponding data manipulation result to described client software.
6. certificate server as claimed in claim 5, it is characterized in that, described authentication unit, the concrete mobile subscriber's international number MSISDN that is used for according to stored user information obtains the user identification code IMSI with described MSISDN corresponding mobile terminal from the charge system server; To being decrypted through number of the account name USENAME, the password PASSWORD of digital signature, installation series number SN and the mobile terminal user identification code IMSI of client software; The IMSI of the MSISDN correspondence of using USENAME, PASSWORD, SN, the MSISDN in the stored user information and getting access to, the USENAME that deciphering is obtained, PASSWORD, SN and IMSI verify respectively.
7. as claim 5 or 6 described certificate servers, it is characterized in that, also comprise: transmitting element and software dispatch unit;
Described transmitting element is used for according to described client software user list current to be issued, and sends the prompting message that has the installation sequence sign indicating number SN corresponding with each portable terminal to described each portable terminal of waiting to issue in the user list;
Described receiving element also is used for the download request that carries second authentication information that mobile terminal receive returns; Described second authentication information comprises: SN, IMSI and MSISDN;
Described authentication unit, also be used for if in the time of setting, described receiving element receives the download request that carries second authentication information that portable terminal returns, confirm then whether described second authentication information conforms to stored user information, whether the state of reporting the loss sign of described portable terminal is for resetting, and whether the installment state of the SN of described portable terminal correspondence is for not installing; When definite result is when being, send the software dispatch response to described software dispatch unit;
Described software dispatch unit is used for receiving the software dispatch response that described authentication unit sends, and sends the client software installation procedure to described portable terminal.
8. the Verification System of a client software is characterized in that, comprising:
Certificate server is used for receiving the logging request that carries first authentication information that client software sends; Confirm whether described first authentication information conforms to stored user information, and whether the state of reporting the loss sign of the portable terminal under the described client software is for resetting; When confirm that first authentication information conforms to and the described state of reporting the loss sign when resetting, allow the affiliated portable terminal of described client software to carry out data manipulation; Receive the data operation request that described client software sends, according to the access rights configuration information of the portable terminal under the described client software, the data operation request that the described client software that receives sends is carried out scope check; Transmit data operation request by scope check to database server, and return described database server feedback data operating result to described client software;
Database server is used for receiving the data operation request that described certificate server is transmitted, after carrying out corresponding data manipulation, to described certificate server feedback data operating result.
9. system as claimed in claim 8 is characterized in that, also comprises: the charge system server;
Described certificate server, the concrete mobile subscriber's international number MSISDN that is used for according to stored user information obtains the user identification code IMSI with described MSISDN corresponding mobile terminal from the charge system server; To being decrypted through number of the account name USENAME, the password PASSWORD of digital signature, installation series number SN and the mobile terminal user identification code IMSI of client software; The IMSI of the MSISDN correspondence of using USENAME, PASSWORD, SN, the MSISDN in the stored user information and getting access to, the USENAME that deciphering is obtained, PASSWORD, SN and IMSI verify respectively;
Described charge system server is for the corresponding relation that each mobile terminal user identification code IMSI and mobile subscriber's international number MSISDN are provided to described certificate server.
CN2011104525556A 2011-12-29 2011-12-29 Client software authentication method and client software authentication device and client software authentication system Pending CN103188677A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2011104525556A CN103188677A (en) 2011-12-29 2011-12-29 Client software authentication method and client software authentication device and client software authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2011104525556A CN103188677A (en) 2011-12-29 2011-12-29 Client software authentication method and client software authentication device and client software authentication system

Publications (1)

Publication Number Publication Date
CN103188677A true CN103188677A (en) 2013-07-03

Family

ID=48679564

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2011104525556A Pending CN103188677A (en) 2011-12-29 2011-12-29 Client software authentication method and client software authentication device and client software authentication system

Country Status (1)

Country Link
CN (1) CN103188677A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103731268A (en) * 2013-09-23 2014-04-16 中兴通讯股份有限公司 Terminal, network side device, and terminal application control method and system
CN104717177A (en) * 2013-12-11 2015-06-17 中国移动通信集团公司 Mobile application security control method and mobile application security control device
CN104796890A (en) * 2015-01-08 2015-07-22 北京思普崚技术有限公司 A client dominant client authentication method
CN104809367A (en) * 2014-01-24 2015-07-29 中辉世纪传媒发展有限公司 Digital rights management (DRM) protection method and device for service program
CN105787301A (en) * 2016-02-24 2016-07-20 温喆 Software protection method
CN108021816A (en) * 2017-12-05 2018-05-11 广东欧珀移动通信有限公司 Test method, device, storage medium and the electronic equipment of electronic equipment
CN108282506A (en) * 2017-01-06 2018-07-13 阿里巴巴集团控股有限公司 A kind of method, apparatus that realizing business intelligence and mobile terminal
CN115525933A (en) * 2022-08-26 2022-12-27 杭州杰峰科技有限公司 Data tamper-proof method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1479205A (en) * 2002-08-26 2004-03-03 王振新 Method of protecting computer software copyright through hardware identification code
US20090282467A1 (en) * 2006-06-19 2009-11-12 Nederlandse Organisatie Voor Toegepast-Natuurweten Method and system for controlling access to networks
CN101951374A (en) * 2010-09-20 2011-01-19 烽火通信科技股份有限公司 Method for realizing user authority control in enterprise communication log system
CN102143482A (en) * 2011-04-13 2011-08-03 中国工商银行股份有限公司 Method and system for authenticating mobile banking client information, and mobile terminal
CN102202040A (en) * 2010-03-26 2011-09-28 联想(北京)有限公司 Client authentication method and device
EP2400689A1 (en) * 2009-03-09 2011-12-28 Huawei Technologies Co., Ltd. Method, device and system for authentication

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1479205A (en) * 2002-08-26 2004-03-03 王振新 Method of protecting computer software copyright through hardware identification code
US20090282467A1 (en) * 2006-06-19 2009-11-12 Nederlandse Organisatie Voor Toegepast-Natuurweten Method and system for controlling access to networks
EP2400689A1 (en) * 2009-03-09 2011-12-28 Huawei Technologies Co., Ltd. Method, device and system for authentication
CN102202040A (en) * 2010-03-26 2011-09-28 联想(北京)有限公司 Client authentication method and device
CN101951374A (en) * 2010-09-20 2011-01-19 烽火通信科技股份有限公司 Method for realizing user authority control in enterprise communication log system
CN102143482A (en) * 2011-04-13 2011-08-03 中国工商银行股份有限公司 Method and system for authenticating mobile banking client information, and mobile terminal

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103731268A (en) * 2013-09-23 2014-04-16 中兴通讯股份有限公司 Terminal, network side device, and terminal application control method and system
CN104717177A (en) * 2013-12-11 2015-06-17 中国移动通信集团公司 Mobile application security control method and mobile application security control device
CN104717177B (en) * 2013-12-11 2018-06-19 中国移动通信集团公司 A kind of mobile application security management-control method and equipment
CN104809367A (en) * 2014-01-24 2015-07-29 中辉世纪传媒发展有限公司 Digital rights management (DRM) protection method and device for service program
CN104796890A (en) * 2015-01-08 2015-07-22 北京思普崚技术有限公司 A client dominant client authentication method
CN104796890B (en) * 2015-01-08 2018-03-13 北京思普崚技术有限公司 A kind of method of the leading client authentication of client
CN105787301A (en) * 2016-02-24 2016-07-20 温喆 Software protection method
CN108282506A (en) * 2017-01-06 2018-07-13 阿里巴巴集团控股有限公司 A kind of method, apparatus that realizing business intelligence and mobile terminal
CN108021816A (en) * 2017-12-05 2018-05-11 广东欧珀移动通信有限公司 Test method, device, storage medium and the electronic equipment of electronic equipment
CN108021816B (en) * 2017-12-05 2021-01-26 Oppo广东移动通信有限公司 Electronic device test method and device, storage medium and electronic device
CN115525933A (en) * 2022-08-26 2022-12-27 杭州杰峰科技有限公司 Data tamper-proof method and device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN103188677A (en) Client software authentication method and client software authentication device and client software authentication system
EP3429243B1 (en) Remote management method and device
EP2854433B1 (en) Method, system and related device for realizing virtual sim card
US10742655B2 (en) Resource access control using a validation token
US9179312B2 (en) Registration and login method and mobile terminal
CN104202338B (en) A kind of safety access method being applicable to enterprise-level Mobile solution
CN104021333A (en) Mobile security fob
JP2004007690A (en) Method and apparatus for checking authentication of first communication component in communication network
CN107623907B (en) eSIM card network locking method, terminal and network locking authentication server
CN110611569A (en) Authentication method and related equipment
CN103747433A (en) Method and mobile terminal for realizing root request management through manufacturer server
US20210044965A1 (en) Cloud controlled secure bluetooth pairing for network device management
CN106713315B (en) Login method and device of plug-in application program
CN111885043B (en) Internet account login method, system, equipment and storage medium
EP3062254B1 (en) License management for device management system
CN111614686A (en) Key management method, controller and system
CN101777992A (en) Method, equipment and system for logging in gateway
CN111399867B (en) Software upgrading method, device, equipment and computer readable storage medium
CN106789987B (en) Method and system for single sign-on of multi-service interconnection APP (application) of mobile terminal
CN104050421A (en) Method and apparatus for secure data transfer permission handling
CN103095735B (en) The method of data message, mobile terminal, Cloud Server and system in reading SIM card
KR100988374B1 (en) Method for moving rights object and method for managing rights of issuing rights object and system thereof
CN112514323A (en) Electronic device for processing digital key and operation method thereof
CN103731268A (en) Terminal, network side device, and terminal application control method and system
CN103621125A (en) Systems and methods of integrating openid with a telecommunications network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20130703