CN103763105A - Encryption method and device for login of Exchange corporate E-mails - Google Patents
Encryption method and device for login of Exchange corporate E-mails Download PDFInfo
- Publication number
- CN103763105A CN103763105A CN201410005724.5A CN201410005724A CN103763105A CN 103763105 A CN103763105 A CN 103763105A CN 201410005724 A CN201410005724 A CN 201410005724A CN 103763105 A CN103763105 A CN 103763105A
- Authority
- CN
- China
- Prior art keywords
- character
- dynamic password
- exchange
- server
- user name
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses an encryption method for login of Exchange corporate E-mails. The encryption method comprises the steps that dynamic password equipment generates dynamic password characters according to time parameters, a user adds the dynamic password characters to a static password character which is preset by the user and is used for verifying an Exchange E-mail server to generate a combined password character, and a dynamic password server and the Exchange E-mail server carry out Exchange corporate E-mail login verification on the user based on a user name and the combined password characters. The invention further discloses an encryption device for login of the Exchange corporate E-mails. A dynamic password generated by the dynamic password equipment is added to an original login password, so that the safety of the Exchange E-mails is greatly improved.
Description
Technical field
The present invention relates to E-mail enciphered field, relate in particular to a kind of Exchange enterprise E-mail and log in encryption method and device.
Background technology
Exchange Server is a message and cooperative system.Briefly, Exchange server can be used to mailing system that framework is applied to enterprise, the school free mail system as catenet company even.Exchange server or a cooperation platform, people are development stream, Knowledge Management System, Web system or other message systems on its basis.Numerous improvement characteristics that Exchange comprises, become Exchange to have height productivity and towards desirable message and the collaboration services applicator platform of mobile access.
Along with popularizing of the Internet, use the more and more of Exchange enterprise E-mail, in actual application, some subscriber mailbox passwords are weak passwurd, be pure lowercase, pure digi-tal password, as 123456, password etc., to subscriber mailbox, caused potential safety hazard.Assault person or spammer can ceaselessly guess the password of subscriber mailbox, because the password of certain customers' mailbox is fairly simple, very easily by hacker or spammer, are guessed right, cause Mail Contents to divulge a secret or are utilized to send spam.Mail server is sent out a large amount of spams, thereby causes corporate mail server IP address to pipe off, and user sends unsuccessful when posting a letter.
Therefore, log in proof procedure carrying out Exchange enterprise E-mail, need to have a kind of safer authentication mode to solve weak passwurd problem, to guarantee the safety of mailbox.
Summary of the invention
For existing Exchange enterprise E-mail, logging in checking institute accesses to your password and has merely the technical problem of potential safety hazard, the invention provides a kind of Exchange enterprise E-mail and log in encryption method and device, based on dynamic password equipment, generate dynamic password, after the dynamic password of generation is appended to original mail password, so that dynamic password and original mail password are carried out to double code checking, thereby strengthen the checking to user's legal identity, the fail safe that logs in that has improved exchange mailbox.
To achieve these goals, the invention provides a kind of Exchange enterprise E-mail and log in encryption method, described encryption method comprises, dynamic password equipment produces dynamic password character according to time parameter; User inputs user name and combinatioin code character to log in Exchange mail server, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name; The encrypting module of Exchange mail server is by kidnapping the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, if combinatioin code character is less than or equal to 6, return to 2 and also determine the failure of Exchange mail debarkation authentication, if combinatioin code character is greater than 6, intercept the dynamic password character of combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates; Dynamic password server carries out dynamic cipher verification according to the dynamic password character of user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3; Exchange mail server receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication.
Alternatively, described user inputs user name and combinatioin code character comprises to log in Exchange mail server, and user logs in Exchange mail server by the 3rd version POP3 agreement of Simple Mail Transfer protocol smtp protocol or post office protocol.
Alternatively, describedly according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, in user name and combinatioin code character during static password character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
Alternatively, describedly according to user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, when user name and combinatioin code character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
To achieve these goals, the present invention also provides a kind of Exchange enterprise E-mail to log in encryption device, and described encryption device comprises, dynamic password equipment, for producing dynamic password character according to time parameter, Exchange mail server, for inputting user name and combinatioin code character user when logging in Exchange mail server, by built-in encrypting module, kidnap the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, and be less than or equal at 6 o'clock at combinatioin code character, return to 2 and also determine the failure of Exchange mail debarkation authentication, at combinatioin code character, be greater than at 6 o'clock, the dynamic password character of intercepting combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates, dynamic password server, carries out dynamic cipher verification for the dynamic password character according to user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3, wherein, Exchange mail server also receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication, wherein, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name, wherein, Exchange mail server is connected with dynamic password server by network.
Alternatively, Exchange mail server and dynamic password server are all Cloud Server.
Alternatively, Exchange mail server is connected with dynamic password server by the Internet.
Alternatively, dynamic password equipment is mobile phone, notebook or personal digital assistant PDA, and dynamic password equipment has display screen to show dynamic password character.
The present invention is owing to having adopted technique scheme, thereby have the following advantages: Exchange enterprise E-mail of the present invention logs in encryption method and device, transform Exchange enterprise E-mail of the prior art and logged in encryption technology, quoted and generated the dynamic password equipment of dynamic password and for verifying the dynamic password server of dynamic password, the double verification of realization to the static password of mail access, dynamic password, make hacker or spammer be difficult to guess right the password of subscriber mailbox, improved the fail safe that exchange mailbox is used.
Accompanying drawing explanation
Fig. 1 is the method flow diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption method;
Fig. 2 is the block diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption device.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in detail.
First, please refer to Fig. 1, Fig. 1 is the method flow diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption method, and described encryption method comprises the following steps:
Step 101: dynamic password equipment produces dynamic password character according to time parameter;
Step 102: user inputs user name and combinatioin code character to log in Exchange mail server, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name;
The encrypting module of step 103:Exchange mail server is by kidnapping the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, if combinatioin code character is less than or equal to 6, return to 2 and also determine the failure of Exchange mail debarkation authentication, if combinatioin code character is greater than 6, intercept the dynamic password character of combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates;
Step 104: dynamic password server carries out dynamic cipher verification according to the dynamic password character of user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3;
Step 105:Exchange mail server receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication;
Wherein, described user inputs user name and combinatioin code character comprises to log in Exchange mail server, and user logs in Exchange mail server by the 3rd version POP3 agreement of Simple Mail Transfer protocol smtp protocol or post office protocol; Describedly according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, in user name and combinatioin code character during static password character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication; Describedly according to user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, when user name and combinatioin code character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
In addition, SMTP(Simple Mail Transfer Protocol) be Simple Mail Transfer protocol, he be one group for transmitted the rule of mail to destination address by source address, by him, controlled the transfer mode of mail.Smtp protocol belongs to TCP/IP protocol suite, and he helps every computer when transmission or transfer mail, to find next destination.By the specified server of smtp protocol, just Email can have been sent it on receiver's server, whole process only needs a few minutes.Smtp server is the sender mail server of following smtp protocol, is used for the Email that sends or transfer is sent.
In addition, POP3(Post Office Protocol3) be the 3rd version of post office protocol, he is how regulation personal computer is connected to the agreement that mail server on the Internet carries out receiving and dispatching mail.He is first off-line consensus standard of internet E-mail, POP3 agreement allow user from server email storage to local host (i.e. the computer of oneself), according to the operation of client, delete or be kept at the mail on mail server simultaneously, POP3 server is the receipt mail server of following POP3 agreement, is used for receiving Email.POP3 agreement is a member in TCP/IP protocol suite, by RFC1939, is defined.This agreement is mainly used in supporting to use the Email of client telemanagement on server.
In addition, dynamic password, as one of safest identity identifying technology, is applied by increasing industry at present.Because he is easy to use, and platform-independent, development along with mobile Internet, dynamic password technology has become the main flow of identity identifying technology, be widely used in the fields such as enterprise, network game, finance, the enterprise that is engaged in the relevant research and development of dynamic password both at home and abroad and produces is also more and more, it is advantageous that and the quick seamless interoperability of miscellaneous service system, the command dynamic password ID authentication software systems of its complete independent research are stable, efficient, support multiple certification mode, and its solution can be served different scales enterprise.Dynamic password technology is mainly divided two kinds: synchronous password technology, asynchronous password technology (challenge-response mode), synchronous password technology is wherein divided into again time synchronized password and event synchronization password.Time synchronized based on token and server, generates consistent dynamic password by computing, the token based on time synchronized, and general turnover rate is 60 seconds, within every 60 seconds, produces a new password.Token based on event synchronization, its principle is as input by a certain specific event order and identical seed, in algorithm, calculate consistent password, its computing mechanism has determined that its whole workflow is irrelevant with clock, be not subject to the impact of clock, life period pulse crystal oscillator not in token, but due to the consistency of its algorithm, its password is known in advance.For asynchronous token, owing to there is no to carry out synchronous condition except identical algorithm between token and server, therefore can effectively solve the problem of token step-out, reduce the impact on application, increased greatly the reliability of system simultaneously.The shortcoming that asynchronous password is used is mainly in use, user needs the step of many input challenging values, by challenging value, generate the dynamic password of challenge type, the dynamic password that generates challenge type according to challenging value equally at certificate server end is to carry out the checking of dynamic password, for operating personnel, increased complexity, therefore in when application, by according to the sensitivity of user's application with the degree that requires of safety is selected to the generating mode of password.
Then, with reference to figure 2, the present invention will be described in continuation, Fig. 2 is the block diagram that a kind of Exchange enterprise E-mail of the present invention logs in encryption device, described encryption device comprises dynamic password equipment 1, Exchange mail server 2 and dynamic password server 3, Exchange mail server 2 can be connected by the Internet with dynamic password server 3, the dynamic password that dynamic password equipment 1 generates according to time parameter is input by a user in Exchange mail server 2, therefore, what in Fig. 2, represent is the relation of signal circulation, but not annexation between equipment.
Wherein, dynamic password equipment 1, for producing dynamic password character according to time parameter, Exchange mail server 2, for inputting user name and combinatioin code character user when logging in Exchange mail server 2, by built-in encrypting module, kidnap the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, and be less than or equal at 6 o'clock at combinatioin code character, return to 2 and also determine the failure of Exchange mail debarkation authentication, at combinatioin code character, be greater than at 6 o'clock, the dynamic password character of intercepting combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates, dynamic password server 3, carries out dynamic cipher verification for the dynamic password character according to user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment 1 for user, returns to 3, wherein, Exchange mail server 2 also receives the data that dynamic password server 3 returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name, Exchange mail server 2 is connected with dynamic password server 3 by network.
Wherein, Exchange mail server 2 and dynamic password server 3 can be all Cloud Server, Exchange mail server 2 can be connected with dynamic password server 3 by the Internet, dynamic password equipment 1 is mobile phone, notebook or personal digital assistant PDA, and dynamic password equipment 1 has display screen to show dynamic password character.
Those skilled in the art will recognize that; above-mentioned embodiment is exemplary; in order to make those skilled in the art can better understand this patent content; should not be understood as the restriction to this patent protection range; so long as disclose spiritual do any according to this patent, be equal to change or modify, all falling into this patent protection range.
Claims (8)
1. Exchange enterprise E-mail logs in an encryption method, it is characterized in that, described encryption method comprises:
Dynamic password equipment produces dynamic password character according to time parameter;
User inputs user name and combinatioin code character to log in Exchange mail server, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name;
The encrypting module of Exchange mail server is by kidnapping the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, if combinatioin code character is less than or equal to 6, return to 2 and also determine the failure of Exchange mail debarkation authentication, if combinatioin code character is greater than 6, intercept the dynamic password character of combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates;
Dynamic password server carries out dynamic cipher verification according to the dynamic password character of user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3;
Exchange mail server receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication.
2. encryption method according to claim 1, is characterized in that:
Described user inputs user name and combinatioin code character comprises to log in Exchange mail server, and user logs in Exchange mail server by the 3rd version POP3 agreement of Simple Mail Transfer protocol smtp protocol or post office protocol.
3. encryption method according to claim 1, is characterized in that:
Describedly according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, in user name and combinatioin code character during static password character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
4. encryption method according to claim 1, is characterized in that:
Describedly according to user name and combinatioin code character, carry out Exchange mail debarkation authentication and comprise, when user name and combinatioin code character match, determine the success of Exchange mail debarkation authentication, otherwise determine the failure of Exchange mail debarkation authentication.
5. Exchange enterprise E-mail logs in an encryption device, it is characterized in that, described encryption device comprises:
Dynamic password equipment, for producing dynamic password character according to time parameter;
Exchange mail server, for inputting user name and combinatioin code character user when logging in Exchange mail server, by built-in encrypting module, kidnap the verification function LogonUser function of Exchange mail server, obtain user name and combinatioin code character, and be less than or equal at 6 o'clock at combinatioin code character, return to 2 and also determine the failure of Exchange mail debarkation authentication, at combinatioin code character, be greater than at 6 o'clock, the dynamic password character of intercepting combinatioin code character afterbody, and the dynamic password character of user name and intercepting is submitted to dynamic password server place authenticates,
Dynamic password server, carries out dynamic cipher verification for the dynamic password character according to user name and intercepting, if the dynamic password character of authentication intercepting is correct, returns to 1, if authentication is not bound dynamic password equipment for user, returns to 3;
Wherein, Exchange mail server also receives the data that dynamic password server returns, when returning to 1, according to static password character in user name and combinatioin code character, carry out Exchange mail debarkation authentication, when returning to 3, according to user name and combinatioin code character, carry out Exchange mail debarkation authentication;
Wherein, combinatioin code character is that static password character appends dynamic password character, and static password character is user rs authentication Exchange mail server code characters used, corresponding with user name;
Wherein, Exchange mail server is connected with dynamic password server by network.
6. encryption device according to claim 5, is characterized in that:
Exchange mail server and dynamic password server are all Cloud Server.
7. encryption device according to claim 5, is characterized in that:
Exchange mail server is connected with dynamic password server by the Internet.
8. encryption device according to claim 5, is characterized in that:
Dynamic password equipment is mobile phone, notebook or personal digital assistant PDA, and dynamic password equipment has display screen to show dynamic password character.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410005724.5A CN103763105A (en) | 2014-01-07 | 2014-01-07 | Encryption method and device for login of Exchange corporate E-mails |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410005724.5A CN103763105A (en) | 2014-01-07 | 2014-01-07 | Encryption method and device for login of Exchange corporate E-mails |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103763105A true CN103763105A (en) | 2014-04-30 |
Family
ID=50530270
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410005724.5A Pending CN103763105A (en) | 2014-01-07 | 2014-01-07 | Encryption method and device for login of Exchange corporate E-mails |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103763105A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108881220A (en) * | 2018-06-15 | 2018-11-23 | 郑州云海信息技术有限公司 | A kind of data encryption authenticity verification methods and system based on Exchange server |
| CN111953664A (en) * | 2020-07-27 | 2020-11-17 | 新浪网技术(中国)有限公司 | User request verification method and system based on variable security level |
| CN112333154A (en) * | 2020-10-16 | 2021-02-05 | 四川九八村信息科技有限公司 | Method for controlling authority based on dynamic password and plasma collector thereof |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1481109A (en) * | 2002-09-03 | 2004-03-10 | 网泰金安信息技术有限公司 | Identity authentication system with dynamic cipher based on wireless transmission platform |
| CN101060403A (en) * | 2006-04-18 | 2007-10-24 | 钟曦辰 | Wireless communication terminal-based interactive dynamic password safety service system |
-
2014
- 2014-01-07 CN CN201410005724.5A patent/CN103763105A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1481109A (en) * | 2002-09-03 | 2004-03-10 | 网泰金安信息技术有限公司 | Identity authentication system with dynamic cipher based on wireless transmission platform |
| CN101060403A (en) * | 2006-04-18 | 2007-10-24 | 钟曦辰 | Wireless communication terminal-based interactive dynamic password safety service system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108881220A (en) * | 2018-06-15 | 2018-11-23 | 郑州云海信息技术有限公司 | A kind of data encryption authenticity verification methods and system based on Exchange server |
| CN108881220B (en) * | 2018-06-15 | 2021-09-17 | 郑州云海信息技术有限公司 | Exchange server-based data encryption authenticity verification method and system |
| CN111953664A (en) * | 2020-07-27 | 2020-11-17 | 新浪网技术(中国)有限公司 | User request verification method and system based on variable security level |
| CN112333154A (en) * | 2020-10-16 | 2021-02-05 | 四川九八村信息科技有限公司 | Method for controlling authority based on dynamic password and plasma collector thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10025940B2 (en) | Method and system for secure use of services by untrusted storage providers | |
| CN109831374B (en) | Mail receiving and sending system based on block chain | |
| US9602473B2 (en) | Secure message forwarding with sender controlled decryption | |
| US20160134642A1 (en) | Secure content and encryption methods and techniques | |
| CN103428077B (en) | A kind of method and system being safely receiving and sending mails | |
| CN107026824A (en) | A kind of message encryption, decryption method and device | |
| US20060053202A1 (en) | Method and system implementing secure email | |
| CN111052685B (en) | Method and apparatus for multi-agent messaging | |
| CN103227786A (en) | Method and device for filling in website login information | |
| Sediyono et al. | Secure login by using One-time Password authentication based on MD5 Hash encrypted SMS | |
| US20150312239A1 (en) | Methods, devices, and computer readable storage devices for sharing sensitive content securely | |
| CN102055685B (en) | Method for encrypting webmail information | |
| CN106878327A (en) | Towards the login method of auto service platform | |
| CN103078743A (en) | E-mail IBE (Internet Booking Engine) encryption realizing method | |
| CN103763105A (en) | Encryption method and device for login of Exchange corporate E-mails | |
| US20210158301A1 (en) | Systems and methods for message transmission and retrieval using blockchain | |
| EP3342107A1 (en) | Systems and methods for generating and transmitting an email message including an active content | |
| CN109309613A (en) | A kind of method, apparatus and system of mail delivery | |
| US20110283341A1 (en) | Facilitating Secure Communications | |
| US10382211B1 (en) | Apparatus and method for automating secure email for multiple personas | |
| Emmanuel et al. | Mobile Banking in Developing Countries: Secure Framework for Delivery of SMS-banking Services | |
| CN112785240A (en) | Method and device for processing e-mail, computer readable medium and electronic equipment | |
| Vinh et al. | Constructing a Model Combining Zalo and End-to-End Encryption for Application in Digital Transformation | |
| Mehta et al. | Whatsapp Web Reverse Engineering | |
| Zhang et al. | A secure webmail system based on FreeBSD UNIX |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140430 |
|
| RJ01 | Rejection of invention patent application after publication |