CN103248481A - Open-end API (application program interface) public license access control method based on digital application signature certification - Google Patents
Open-end API (application program interface) public license access control method based on digital application signature certification Download PDFInfo
- Publication number
- CN103248481A CN103248481A CN2012100303293A CN201210030329A CN103248481A CN 103248481 A CN103248481 A CN 103248481A CN 2012100303293 A CN2012100303293 A CN 2012100303293A CN 201210030329 A CN201210030329 A CN 201210030329A CN 103248481 A CN103248481 A CN 103248481A
- Authority
- CN
- China
- Prior art keywords
- software product
- application software
- public
- digital signature
- alliance
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000013475 authorization Methods 0.000 claims description 77
- 238000009434 installation Methods 0.000 claims description 19
- 238000012360 testing method Methods 0.000 claims description 5
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 238000012937 correction Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
Images
Abstract
The invention provides an open-end API public license access control method based on digital application signature certification. A public license mechanism of the open-end API is set up in a coalition or third-party public service platform form; and only Web applications or application software products passing the certification of the coalition or third-party public service platform can be licensed to use the open-end API inside the coalition or third-party public service platform. When a user uses a Web application or an application software product for calling a network API, an API license request initiated by a Web application or application software product client contains digital certificate information, and API license is finished after a public license server determines the digital certificate. Determination is performed based on the digital signature certificate of the Web application or the application software product, and the Web application or application software product client is licensed by using the action of the open-end API, so that credible access control is realized.
Description
Technical field
The present invention relates to communication technical field, be specifically related to the method for the public granted access control of a kind of opening API based on the Applied Digital signature authentication.
Background technology
At present, the open theme that has become the mobile Internet field.In the intelligent develop rapidly of portable terminal, tangible intelligent terminal " cloud mobile phone " occurs and changed feature, mobile Internet is emphasized the value of the high in the clouds service that open platform provides the user more.Mobile exploitation of using from centered by the intelligent terminal platform gradually to centered by the network opening platform, shifting.The developer that the Internet open platform is assembled and the immense strength of application have begun to discharge.
Yet present open environment still is not mature enough and perfect, also exists some problems.The Internet open platform enterprise is forming some little, loose alliances, and they wish to set up the cooperation of multiple mode, thereby can make up abundanter application flexibly effectively, assembles and shared developer troop the sharing users resource simultaneously.Usually, only just can realize user's more cross-platform login in such alliance inside and the mandate of the one-stop user resources used towards Web.And for the user, also wish in the face of whole Internet resources the time, can accomplish these.
Though comprehensively merging is the main trend of mobile Internet open platform development from now on, but the Internet open platform is done things in his own way at present, the level that the network information and ability are opened is uneven, the authorization disunity of API, also there are a lot of problems when Web uses and open platform interconnects by API: on the one hand, application developer is when using these open ability, need realize that separately the mandate of API docks with each open platform, a large amount of work that repeat are influence one of obstacle that application and development innovates; On the other hand, the Web based on all kinds of open platforms on the Internet uses constantly appearance, but obtains mode and the disunity that API authorizes.Owing to lack legitimacy or the credible mechanism of judging that Web is used in the present authorized agreement, some malice third parties uses can be the user under the ignorant or careless situation of user, finish the mandate of API, cause the potential safety hazard of user profile.Therefore, making up trusted computation environment, is the main flow direction that solves the mobile Internet information security issue.
Summary of the invention
At the defective that exists in the prior art and deficiency, the present invention proposes the method for the public granted access control of a kind of opening API based on the Applied Digital signature authentication, can be before Web being used or application software product use the request mandate of opening API of alliance or third party's public service platform inside, earlier Web is used or the digital signature of application software product is judged.
In order to achieve the above object, the present invention proposes the method for the public granted access control of a kind of opening API based on the Applied Digital signature authentication, comprising:
Step 1: the user begins login, initiates authorization requests by the application software product client to the public authorization server of alliance or third party's public service platform;
Step 2: described public authorization server carries out the authentication judgement according to described application software product client identification and digital signature, if client identification and digital signature have the record of putting on record in the database of alliance or third party's public service platform, then execution in step 3, the record if client identification and digital signature are not put on record in the database of alliance or third party's public service platform then returns step 1;
Step 3: described public authorization server is replied authorization code to described application software product client;
Step 4: described application software product client uses described authorization code to obtain the authorization token that the user logins the affiliated resource of the opening API that described application software product need visit, and use described authorization token to visit the opening API of described resource, thereby finish user's login.
Further, before described step 1, also comprise step 0, described step 0 specifically comprises:
Step 01: alliance or third party's public service platform process are to using software product testing, authentication, for described application software product is distributed client identification and issued digital signature, and described client identification and digital signature are put on record in the database of alliance or third party's public service platform in pairs;
Step 02: described application software product is packaged into installation kit, and in described installation kit the integrated digital signing certificate.
Further, with also comprising that described step 01 is carried out simultaneously:
Step 01 ': when at least one did not belong to the member of alliance or third party's public service platform in the affiliated resource of the opening API that described application software product need be used, described application software product can not obtain the digital signature that alliance or third party's public service platform are issued.
Further, also comprise after the described step 02:
Step 03: described installation kit is put on record in the application software product storehouse of alliance or third party's public service platform, and used the shop supply of material to each at any time;
Step 04: described installation kit is placed on the frame of using the shop sells;
Step 05: the user buys application software product from using the shop, downloads, moves described installation kit, and described application software product is installed.
Further, described step 4 specifically comprises the steps:
Step 41: the request that described application software product client uses described authorization code to obtain the opening API authorization token of described resource to described resource initiation;
Step 42: described resource knows that described authorization code is to be provided by the public authorization server of alliance or third party's public service platform, reply authorization token to described application software product client, allow described application software product client calling the opening API of described resource;
Step 43: described application software product client uses described authorization token to visit the opening API of described resource, thereby finishes login process.
Further, call one or more API that need mandate in the code of described application software product.
Further, in the described step 05 when described application software product is installed, the described application software product of prompting user with the source of digital signature.
Further, described authorization token before the deadline.
The method of the public granted access control of the opening API based on the Applied Digital signature authentication provided by the invention, can be before Web being used or application software product uses the request mandate of opening API of alliance or third party's public service platform inside, earlier the digital signature of Web application or application software product is judged, thereby make up believable computer environment, realize believable access control.
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in further detail.For the person of ordinary skill in the field, from detailed description of the invention, above-mentioned and other purposes of the present invention, feature and advantage will be apparent.
Description of drawings
Fig. 1 is the schematic flow sheet that the present invention is based on the method for the public granted access control of the opening API of Applied Digital signature authentication;
Fig. 2 is the schematic flow sheet of the preferred embodiment of the present invention.
Embodiment
As shown in Figure 1, the present invention proposes the method for the public granted access control of a kind of opening API based on the Applied Digital signature authentication, comprising:
Step 1: the user begins login, initiates authorization requests by the application software product client to the public authorization server of alliance or third party's public service platform;
In this step, the user can be the user of intelligent mobile terminal, this user is when login, and the application software client is at first obtained the information of public authorization server, and initiates authorization requests to the public authorization server of alliance or third party's public service platform.
Step 2: public authorization server carries out the authentication judgement according to application software product client identification and digital signature, if client identification and digital signature have the record of putting on record in the database of alliance or third party's public service platform, then execution in step 3, the record if client identification and digital signature are not put on record in the database of alliance or third party's public service platform then returns step 1;
This step can according in the authorization requests of being sent by the application software client in the step 1 with digital signature, in the database of public authorization server, inquire about, judge whether this authorization requests is authorized according to Query Result, thereby in to the login licensing process of using software product, increased the mechanism that credibility is judged.
Step 3: public authorization server is replied authorization code to the application software product client;
This step is after the authentication in step 2 is judged, public authorization server is for existing application software product client of putting record on record in database, think through the authentication of public authorization server, reply authorization code by public authorization server to this application software product client, thereby guarantee to obtain the authorization through the application software product client of authentication.
Step 4: application software product client use authority sign indicating number obtains the authorization token that the user logins the affiliated resource of the opening API that application software product need visit, and the opening API of use authority token access resource, thereby finishes user's login.
In this step, after the affiliated resource that the user logins the opening API that application software need visit is received the request of the authorization token that obtains open platform API of being initiated by the application software product client, can know that authorization code is to be provided by the public server of alliance or third party's public service platform, think that this client is client trusty, then send authorization token to this client, allow this application software product client to the calling of the opening API of this resource, thereby realize believable access control.
The method of the public granted access control of the opening API based on the Applied Digital signature authentication provided by the invention, can be before Web being used or application software product uses the request mandate of opening API of alliance or third party's public service platform inside, earlier the digital signature of Web application or application software product is judged, thereby make up believable computer environment, realize believable access control.
Before step 1, can also comprise step 0, step 0 specifically comprises:
Step 01: alliance or third party's public service platform process are to using software product testing, authentication, for application software product is distributed client identification and issued digital signature, and client identification and digital signature are put on record in the database of alliance or third party's public service platform in pairs;
Step 02: application software product is packaged into installation kit, and in installation kit the integrated digital signing certificate.
With can also comprising that step 01 is carried out simultaneously:
Step 01 ': when at least one did not belong to the member of alliance or third party's public service platform in the affiliated resource of the opening API that application software product need be used, application software product can not obtain the digital signature that alliance or third party's public service platform are issued.
Can also comprise after the step 02:
Step 03: installation kit is put on record in the application software product storehouse of alliance or third party's public service platform, and used the shop supply of material to each at any time;
Step 04: installation kit is placed on the frame of using the shop sells;
Step 05: the user buys application software product from using the shop, downloads, moves installation kit, and application software product is installed.
Step 4 can preferably include following steps:
Step 41: the request that application software product client use authority sign indicating number obtains the opening API authorization token of this resource to the resource initiation;
Step 42: this resource knows that authorization code is to be provided by the public authorization server of alliance or third party's public service platform, replys authorization token to the application software product client, allows application software product client calling the opening API of resource;
Step 43: the opening API of application software product client use authority token access resource, thus finish login process.
Further, can call one or more API that need mandate in the code of application software product.
Further, use application software product in secure and trusted ground more in order to make the user, in the step 05 when application software product is installed, can point out the user application software product with the source of digital signature.
Further, authorization token before the deadline.
Further, the affiliated resource of the opening API that need use of application software product can be open platform, operator or other resources.
A following preferred embodiment of the method for the public granted access control of the opening API based on the Applied Digital signature authentication that proposes for the present invention, in the present embodiment, form with the alliance laboratory is example, set up the shared licensing scheme of opening API, have only application software product through alliance's laboratory certification just can be authorized to use opening API in the alliance laboratory.In the present embodiment, the developer has finished the exploitation of an application software, has called one or more API that need mandate in the code of this application software product, wherein the API of open platform A is a, the API of the B of operator is b, and open platform A and the B of operator are the members in alliance laboratory.As shown in Figure 2, the method for the public granted access control of a kind of opening API based on the Applied Digital signature authentication comprises following concrete steps:
Step S1:, for this application software product is distributed customer ID and issued digital signature and put customer ID and digital signature on record in the database in alliance laboratory in pairs through test authentication application software product in the alliance laboratory;
Step S2: this application software product is packaged into installation kit, integrated digital signing certificate in installation kit, and in the application software product storehouse in alliance laboratory, put on record, use the shop supply of material to each at any time;
Step S3: the installation kit of this application software product is placed on certain frame of using the shop sells;
Step S4: the intelligent terminal user buys this application software product from use the shop, downloads, the operation installation kit, at intelligent terminal this application software product is installed, point out when mounted this application software product of user with the source of digital signature;
Step S5: the user begins login step, and client is at first obtained authorization server information, and initiates authorization requests to the public authorization server in alliance laboratory;
Step S6: the public authorization server in alliance laboratory is judged according to client identification and the digital signature of this application software determine whether authorize to this request;
Step S7: client identification and digital signature have the record of putting on record in the alliance laboratory, explanation is the product that carried out application software product test authentication in the alliance laboratory, replys authorization code by the public authorization server in alliance laboratory to the client of this application software;
Step S8: the application software product client use authority sign indicating number on the intelligent terminal is initiated the request obtain open platform API authorization token to open platform, initiates the request of obtaining the API of operator authorization token to operator;
Step S9: open platform A knows that authorization code by alliance's laboratory granting, is client trusty, then replys first authorization token to the application software product client, allows application software product client calling API (a); Equally, the B of operator knows that authorization code by alliance's laboratory granting, is client trusty, then replys second authorization token to the application software product client, allows software product client calling API (b);
Step S10: the application software product client has been obtained first authorization token of open platform A and second authorization token of the B of operator, in the term of validity of these tokens, can use the API (a) of the first authorization token access open platform, and use the API (b) of the second authorization token access operator, thereby finish login process.
In the above-described embodiments, public authorization server may further include the process of using the software product mandate:
When among open platform A and the B of operator at least one do not belong to the member in alliance laboratory, this application software product can not obtain the digital signature that issue in the alliance laboratory;
When not when public authorization server obtains authorization code, the application software client can be initiated the request of authorization code again to public authorization server.
The method of the public granted access control of the opening API based on the Applied Digital signature authentication provided by the invention, can be before Web being used or application software product uses the request mandate of opening API of alliance or third party's public service platform inside, earlier the digital signature of Web application or application software product is judged, make the user under believable computer environment, use the opening API of alliance or third party's public service platform inside, thereby realize believable access control.
Though; the present invention clearly demonstrates by above embodiment and accompanying drawing thereof; yet under the situation that does not deviate from spirit of the present invention and essence thereof; the person of ordinary skill in the field works as can make various corresponding variations and correction according to the present invention, but these corresponding variations and correction all should belong to the protection range of claim of the present invention.
Claims (8)
1. the method for the public granted access control of the opening API based on the Applied Digital signature authentication is characterized in that, comprising:
Step 1: the user begins login, initiates authorization requests by the application software product client to the public authorization server of alliance or third party's public service platform;
Step 2: described public authorization server carries out the authentication judgement according to described application software product client identification and digital signature, if client identification and digital signature have the record of putting on record in the database of alliance or third party's public service platform, then execution in step 3, the record if client identification and digital signature are not put on record in the database of alliance or third party's public service platform then returns step 1;
Step 3: described public authorization server is replied authorization code to described application software product client;
Step 4: described application software product client uses described authorization code to obtain the authorization token that the user logins the affiliated resource of the opening API that described application software product need visit, and use described authorization token to visit the opening API of described resource, thereby finish user's login.
2. the method for the public granted access of the opening API based on the Applied Digital signature authentication according to claim 1 control is characterized in that before described step 1, also comprise step 0, described step 0 specifically comprises:
Step 01: alliance or third party's public service platform process are to using software product testing, authentication, for described application software product is distributed client identification and issued digital signature, and described client identification and digital signature are put on record in the database of alliance or third party's public service platform in pairs;
Step 02: described application software product is packaged into installation kit, and in described installation kit the integrated digital signing certificate.
3. the method for the public granted access of the opening API based on the Applied Digital signature authentication according to claim 2 control is characterized in that, and also comprising that described step 01 is carried out simultaneously:
Step 01 ': when at least one did not belong to the member of alliance or third party's public service platform in the affiliated resource of the opening API that described application software product need be used, described application software product can not obtain the digital signature that alliance or third party's public service platform are issued.
4. the method for the public granted access control of the opening API based on the Applied Digital signature authentication according to claim 2 is characterized in that, also comprises after the described step 02:
Step 03: described installation kit is put on record in the application software product storehouse of alliance or third party's public service platform, and used the shop supply of material to each at any time;
Step 04: described installation kit is placed on the frame of using the shop sells;
Step 05: the user buys application software product from using the shop, downloads, moves described installation kit, and described application software product is installed.
5. the method for the public granted access control of the opening API based on the Applied Digital signature authentication according to claim 1 is characterized in that described step 4 specifically comprises the steps:
Step 41: the request that described application software product client uses described authorization code to obtain the opening API authorization token of described resource to described resource initiation;
Step 42: described resource knows that described authorization code is to be provided by the public authorization server of alliance or third party's public service platform, reply authorization token to described application software product client, allow described application software product client calling the opening API of described resource;
Step 43: described application software product client uses described authorization token to visit the opening API of described resource, thereby finishes login process.
6. the method for the public granted access control of the opening API based on the Applied Digital signature authentication according to claim 1 is characterized in that, calls one or more API that need mandate in the code of described application software product.
7. the method for the public granted access of the opening API based on the Applied Digital signature authentication according to claim 4 control, it is characterized in that, in the described step 05 when described application software product is installed, the described application software product of prompting user with the source of digital signature.
8. according to claim 1 or 5 based on the method for the public granted access control of the opening API of Applied Digital signature authentication, it is characterized in that described authorization token before the deadline.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210030329.3A CN103248481B (en) | 2012-02-10 | 2012-02-10 | The method of the public authorization access control of a kind of opening API based on Applied Digital signature authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210030329.3A CN103248481B (en) | 2012-02-10 | 2012-02-10 | The method of the public authorization access control of a kind of opening API based on Applied Digital signature authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103248481A true CN103248481A (en) | 2013-08-14 |
| CN103248481B CN103248481B (en) | 2016-04-06 |
Family
ID=48927718
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210030329.3A Active CN103248481B (en) | 2012-02-10 | 2012-02-10 | The method of the public authorization access control of a kind of opening API based on Applied Digital signature authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103248481B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103441853A (en) * | 2013-08-23 | 2013-12-11 | 北京华瑞网研科技有限公司 | Application client authentication method and device |
| CN103490899A (en) * | 2013-09-27 | 2014-01-01 | 浪潮齐鲁软件产业有限公司 | Application cloud safety certification method based on third-party service |
| CN104125289A (en) * | 2014-08-05 | 2014-10-29 | 中山市聚家网络科技有限公司 | Intelligent integration method for family information service |
| CN104301312A (en) * | 2014-09-29 | 2015-01-21 | 四川长虹电器股份有限公司 | Unified user system and third-party application docking method and device |
| CN105141586A (en) * | 2015-07-31 | 2015-12-09 | 广州华多网络科技有限公司 | Method and system for verifying user |
| WO2016192493A1 (en) * | 2015-05-29 | 2016-12-08 | 阿里巴巴集团控股有限公司 | Method and device for on-line software authorization |
| CN106687928A (en) * | 2014-09-19 | 2017-05-17 | 微软技术许可有限责任公司 | Dynamic application containers |
| CN108400875A (en) * | 2018-03-21 | 2018-08-14 | 苏州科达科技股份有限公司 | Authorization and authentication method, system, electronic equipment, storage medium based on key assignments |
| CN108604279A (en) * | 2016-04-11 | 2018-09-28 | 惠普发展公司,有限责任合伙企业 | Using approval |
| CN108769043A (en) * | 2018-06-06 | 2018-11-06 | 中国联合网络通信集团有限公司 | Trusted application Verification System and trusted application authentication method |
| CN109032956A (en) * | 2018-09-11 | 2018-12-18 | 郑州云海信息技术有限公司 | A kind of interface test method and device |
| CN110740136A (en) * | 2019-10-22 | 2020-01-31 | 神州数码融信软件有限公司 | Network security control method for open bank and open bank platform |
| US10873466B2 (en) | 2015-11-06 | 2020-12-22 | Huawei International Pte. Ltd. | System and method for managing installation of an application package requiring high-risk permission access |
| CN112597452A (en) * | 2021-01-05 | 2021-04-02 | Oppo广东移动通信有限公司 | Application program interface calling method and device, storage medium and electronic equipment |
| CN115022091A (en) * | 2022-08-04 | 2022-09-06 | 亿次网联(杭州)科技有限公司 | Digital certificate-based autonomous authorization method and system |
| CN115150177A (en) * | 2022-07-08 | 2022-10-04 | 中国银行股份有限公司 | Application authorization method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101765108A (en) * | 2009-07-01 | 2010-06-30 | 北京华胜天成科技股份有限公司 | Safety certification service platform system, device and method based on mobile terminal |
| CN102004987A (en) * | 2010-10-21 | 2011-04-06 | 中国移动通信集团北京有限公司 | Method, device and system for realizing application service |
| CN102238007A (en) * | 2010-04-20 | 2011-11-09 | 阿里巴巴集团控股有限公司 | Method, device and system for acquiring session token of user by third-party application |
| US8060932B2 (en) * | 2006-11-03 | 2011-11-15 | Microsoft Corporation | Modular enterprise authorization solution |
-
2012
- 2012-02-10 CN CN201210030329.3A patent/CN103248481B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8060932B2 (en) * | 2006-11-03 | 2011-11-15 | Microsoft Corporation | Modular enterprise authorization solution |
| CN101765108A (en) * | 2009-07-01 | 2010-06-30 | 北京华胜天成科技股份有限公司 | Safety certification service platform system, device and method based on mobile terminal |
| CN102238007A (en) * | 2010-04-20 | 2011-11-09 | 阿里巴巴集团控股有限公司 | Method, device and system for acquiring session token of user by third-party application |
| CN102004987A (en) * | 2010-10-21 | 2011-04-06 | 中国移动通信集团北京有限公司 | Method, device and system for realizing application service |
Non-Patent Citations (2)
| Title |
|---|
| 刘镝,等: "基于国内开放平台的Oauth认证框架研究", 《电信学报》 * |
| 闵栋,等: "移动应用商店跟踪研究_", 《电信网技术》 * |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103441853A (en) * | 2013-08-23 | 2013-12-11 | 北京华瑞网研科技有限公司 | Application client authentication method and device |
| CN103490899A (en) * | 2013-09-27 | 2014-01-01 | 浪潮齐鲁软件产业有限公司 | Application cloud safety certification method based on third-party service |
| CN104125289A (en) * | 2014-08-05 | 2014-10-29 | 中山市聚家网络科技有限公司 | Intelligent integration method for family information service |
| CN106687928A (en) * | 2014-09-19 | 2017-05-17 | 微软技术许可有限责任公司 | Dynamic application containers |
| CN106687928B (en) * | 2014-09-19 | 2021-06-04 | 微软技术许可有限责任公司 | Dynamic application container |
| CN104301312A (en) * | 2014-09-29 | 2015-01-21 | 四川长虹电器股份有限公司 | Unified user system and third-party application docking method and device |
| WO2016192493A1 (en) * | 2015-05-29 | 2016-12-08 | 阿里巴巴集团控股有限公司 | Method and device for on-line software authorization |
| CN105141586A (en) * | 2015-07-31 | 2015-12-09 | 广州华多网络科技有限公司 | Method and system for verifying user |
| CN105141586B (en) * | 2015-07-31 | 2018-07-10 | 广州华多网络科技有限公司 | A kind of method and system verified to user |
| US10873466B2 (en) | 2015-11-06 | 2020-12-22 | Huawei International Pte. Ltd. | System and method for managing installation of an application package requiring high-risk permission access |
| US11637707B2 (en) | 2015-11-06 | 2023-04-25 | Huawei International Pte. Ltd. | System and method for managing installation of an application package requiring high-risk permission access |
| CN108604279B (en) * | 2016-04-11 | 2022-01-25 | 惠普发展公司,有限责任合伙企业 | Application approval |
| CN108604279A (en) * | 2016-04-11 | 2018-09-28 | 惠普发展公司,有限责任合伙企业 | Using approval |
| CN108400875B (en) * | 2018-03-21 | 2021-03-12 | 苏州科达科技股份有限公司 | Key value-based authorization authentication method, system, electronic device and storage medium |
| CN108400875A (en) * | 2018-03-21 | 2018-08-14 | 苏州科达科技股份有限公司 | Authorization and authentication method, system, electronic equipment, storage medium based on key assignments |
| CN108769043B (en) * | 2018-06-06 | 2021-02-02 | 中国联合网络通信集团有限公司 | Trusted application authentication system and trusted application authentication method |
| CN108769043A (en) * | 2018-06-06 | 2018-11-06 | 中国联合网络通信集团有限公司 | Trusted application Verification System and trusted application authentication method |
| CN109032956A (en) * | 2018-09-11 | 2018-12-18 | 郑州云海信息技术有限公司 | A kind of interface test method and device |
| CN110740136A (en) * | 2019-10-22 | 2020-01-31 | 神州数码融信软件有限公司 | Network security control method for open bank and open bank platform |
| CN110740136B (en) * | 2019-10-22 | 2022-04-22 | 中国建设银行股份有限公司 | Network security control method for open bank and open bank platform |
| CN112597452A (en) * | 2021-01-05 | 2021-04-02 | Oppo广东移动通信有限公司 | Application program interface calling method and device, storage medium and electronic equipment |
| CN115150177A (en) * | 2022-07-08 | 2022-10-04 | 中国银行股份有限公司 | Application authorization method and device |
| CN115150177B (en) * | 2022-07-08 | 2024-03-19 | 中国银行股份有限公司 | Application authorization method and device |
| CN115022091A (en) * | 2022-08-04 | 2022-09-06 | 亿次网联(杭州)科技有限公司 | Digital certificate-based autonomous authorization method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103248481B (en) | 2016-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103248481A (en) | Open-end API (application program interface) public license access control method based on digital application signature certification | |
| CN102724647B (en) | Method and system for access capability authorization | |
| US10956972B2 (en) | Account access system | |
| US8505078B2 (en) | Apparatus and methods for providing authorized device access | |
| CN104010044A (en) | Application limitation installing method, manager and terminal based on trusted execution environment technology | |
| CN103905651A (en) | Method and system for application permission management in intelligent terminal | |
| CN104104672A (en) | Method for establishing dynamic authorization code based on identity authentication | |
| CN103581166A (en) | Location aware authentication | |
| CN103677892A (en) | Authorization scheme to enable special privilege mode in secure electronic control unit | |
| CN103888252A (en) | UID, PID, and APPID-based control application access permission method | |
| US20130144633A1 (en) | Enforcement and assignment of usage rights | |
| CN103679005A (en) | Method to enable development mode of a secure electronic control unit | |
| US9742750B2 (en) | Roaming internet-accessible application state across trusted and untrusted platforms | |
| CN105429943B (en) | Information processing method and terminal thereof | |
| CN103986734B (en) | Authentication management method and authentication management system applicable to high-security service system | |
| CN106897606B (en) | Brush machine protection method and device | |
| CN109309573A (en) | A kind of electronics license based on two dimensional code authorizes sharing application method | |
| CN105262780A (en) | Authority control method and system | |
| CN103167498A (en) | Ability control method and system | |
| WO2016070611A1 (en) | Method for processing data, server and terminal | |
| WO2018040972A1 (en) | Method and system for improving application security of payment terminal | |
| EP3062254B1 (en) | License management for device management system | |
| CN108604990A (en) | The application method and device of local authorized certificate in terminal | |
| CN103902880A (en) | Windows system two-factor authentication method based on challenge responding type dynamic passwords | |
| CN112491848A (en) | Method and equipment for supporting extensible secure docking of third-party system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 100191 52 Garden Road North, Haidian District, Beijing. Patentee after: CHINA ACADEMY OF INFORMATION AND COMMUNICATIONS Address before: 100191 6th Floor, Block B, Telecommunications Research Institute, No. 52 Huayuan North Road, Haidian District, Beijing Patentee before: The Research Institute of Telecommunications Transmission MIIT |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20181220 Address after: Room 137, Building 4, 11 Yuetan South Street, Xicheng District, Beijing 100045 Patentee after: Taier Xintong (Beijing) Investment Management Center Address before: 100191 52 Garden Road North, Haidian District, Beijing. Patentee before: CHINA ACADEMY OF INFORMATION AND COMMUNICATIONS |
|
| TR01 | Transfer of patent right | ||
| CP03 | Change of name, title or address |
Address after: Room 137, Building 4, 11 Yuetan South Street, Xicheng District, Beijing 100045 Patentee after: Taier Xintong (Beijing) Investment Management Co.,Ltd. Country or region after: China Address before: Room 137, Building 4, 11 Yuetan South Street, Xicheng District, Beijing 100045 Patentee before: Taier Xintong (Beijing) Investment Management Center Country or region before: China |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240130 Address after: 210046, 6th and 9th floors, Building A, Xingzhi Science and Technology Park, No. 6 Xingzhi Road, Nanjing Economic and Technological Development Zone, Nanjing, Jiangsu Province Patentee after: Nanjing new generation Artificial Intelligence Research Institute Co.,Ltd. Country or region after: China Address before: Room 137, Building 4, 11 Yuetan South Street, Xicheng District, Beijing 100045 Patentee before: Taier Xintong (Beijing) Investment Management Co.,Ltd. Country or region before: China |
|
| TR01 | Transfer of patent right |