CN104219626A - Identity authentication method and device - Google Patents
Identity authentication method and device Download PDFInfo
- Publication number
- CN104219626A CN104219626A CN201410422915.1A CN201410422915A CN104219626A CN 104219626 A CN104219626 A CN 104219626A CN 201410422915 A CN201410422915 A CN 201410422915A CN 104219626 A CN104219626 A CN 104219626A
- Authority
- CN
- China
- Prior art keywords
- user
- terminal
- card
- key
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an identity authentication method and device and belongs to the technical field of positioning. The identity authentication method includes: acquiring user identification of a user and positioning card identification of a positioning security card; judging whether the user identification and the positioning card identification are respectively identical to stored user identification and stored positioning card identification or not; if yes, generating random numbers and transmitting the random numbers to the positioning security card; receiving a second secret key transmitted by the positioning security card and acquiring a third secret key according to the positioning card identification of the positioning security card; generating a fourth secret key according to the random numbers and the third secret key and judging whether the second secret key is identical to the fourth secret key or not; if yes, judging that authentication is successful. The identity authentication device comprises a first acquisition module, a first judging module, a first transmitting module, a first receiving module, a second judging module and an authentication module. By the identity authentication method and device, accuracy in authentication can be improved.
Description
Technical field
The present invention relates to field of locating technology, the method and apparatus of particularly a kind of authentication.
Background technology
At present, satellite positioning tech is set to a service by common carrier, only have the terminal of customization satellite fix service just can be positioned by the position of satellite-signal to terminal, the terminal not customizing satellite fix service cannot be positioned by the position of satellite-signal to terminal.Therefore, when terminal uses satellite fix service, server needs to carry out certification to judge whether this user customizes satellite fix service to the identity of user.
A kind of method of authentication is provided, Ke Yiwei: the locator card that terminal sends positioning security card identifies to server in prior art; Server judges that this locator card identifies in whether presence service list, and this service list is for storing the locator card mark of the positioning security card customizing positioning service; If in the list of this locator card mark presence service, authentication is passed through; If this locator card identifies in not presence service list, authentication is not passed through.
Realizing in process of the present invention, inventor finds that prior art at least exists following problem:
Only carry out authentication according to locator card mark to user in prior art, when other-end copies the positioning security card of this locator card mark correspondence, this other-end also can use satellite fix service, thus causes authentication inaccurate.
Summary of the invention
In order to make the problem of solution prior art, the invention provides a kind of method and apparatus of authentication.Technical scheme is as follows:
On the one hand, the invention provides a kind of method of authentication, described method comprises:
Obtain the user ID of user and the locator card mark of positioning security card;
Judge that whether described user ID is identical with the user ID stored, and whether described locator card mark is identical with the locator card mark stored;
If described user ID is identical with the user ID stored and described locator card mark is identical with the locator card mark stored, generate random number, and send described random number to described positioning security card, make described positioning security card according to described random number and the first secret generating second key of having stored;
Receive described second key that described positioning security card sends, and identify acquisition the 3rd key according to the locator card of described positioning security card;
According to described random number and described 3rd secret generating the 4th key, judge that whether described second key is identical with described 4th key;
If described second key is identical with described 4th key, certification is passed through.
Preferably, described method also comprises:
If described user ID is not identical with the user ID stored, obtain the terminal iidentification entering network No. and described terminal of terminal;
Transmitter net authentication request is to server, described machine net authentication request enters network No. and described terminal iidentification described in carrying, whether make the corresponding relation entering network No. and described terminal iidentification described in the judgement of described server exist in the first list of bindings, described first list of bindings is for storing the corresponding relation entering the terminal iidentification of network No. and terminal of the terminal of having bound;
Receive machine net certification that described server sends when the corresponding relation entering network No. and described terminal iidentification described in determining exists in the first list of bindings by response;
To be determined by response according to the certification of described machine net and the certification of described terminating machine net is passed through.
Preferably, described method also comprises:
Transmitter card number authentication request gives described server, described machine card number authentication request carries described terminal iidentification, described locator card mark and described user ID, described server is judged, and whether described terminal iidentification, described locator card mark and the corresponding relation of described user ID exist in the second list of bindings, and described second list of bindings is for storing the corresponding relation of user ID of the terminal iidentification of the terminal of having bound, the locator card mark of positioning security card and user;
Receive the machine card number certification of described server generation when determining that described terminal iidentification, described locator card mark and described user ID exist in described second list of bindings by response;
To be determined by response according to the certification of described machine card number and described terminal, described positioning security card and described user authentication are passed through.
Preferably, described method also comprises:
Store the user ID of described user and the locator card mark of described positioning security card;
Generate described first key, and send described first key to described positioning security card.
Preferably, described method also comprises:
Send the first bind request to server, the terminal iidentification entering network No. and described terminal of described first bind request carried terminal, make described server by described enter the corresponding relation of network No. and described terminal iidentification be stored in the first list of bindings;
Send the second bind request to described server, described second bind request carries the terminal iidentification of described terminal, the locator card mark of described positioning security card and the user ID of described user, and described terminal iidentification, described locator card mark and described user ID are stored in the second list of bindings by described server.
On the other hand, the invention provides a kind of device of authentication, described device comprises:
First acquisition module, the locator card for the user ID and positioning security card that obtain user identifies;
First judge module, for judging that whether described user ID is identical with the user ID stored, and whether described locator card mark is identical with the locator card mark stored;
First sending module, if and described locator card mark identical with the user ID stored and the locator card that stores identify identical for described user ID, generate random number, and send described random number to described positioning security card, make described positioning security card according to described random number and the first secret generating second key of having stored;
First receiver module, for receiving described second key that described positioning security card sends, and identifies acquisition the 3rd key according to the locator card of described positioning security card;
Second judge module, for according to described random number and described 3rd secret generating the 4th key, judges that whether described second key is identical with described 4th key;
Authentication module, if identical with described 4th key for described second key, certification is passed through.
Preferably, described device also comprises:
Second acquisition module, if not identical with the user ID stored for described user ID, obtains the terminal iidentification entering network No. and described terminal of terminal;
Second sending module, for transmitter net authentication request to server, described machine net authentication request enters network No. and described terminal iidentification described in carrying, whether make the corresponding relation entering network No. and described terminal iidentification described in the judgement of described server exist in the first list of bindings, described first list of bindings is for storing the corresponding relation entering the terminal iidentification of network No. and terminal of the terminal of having bound;
Second receiver module, response is passed through in the machine net certification sent when the corresponding relation entering network No. and described terminal iidentification described in determining exists in the first list of bindings for receiving described server;
First determination module, is passed through the certification of described terminating machine net for being determined by response according to the certification of described machine net.
Preferably, described device also comprises:
3rd sending module, described server is given for transmitter card number authentication request, described machine card number authentication request carries described terminal iidentification, described locator card mark and described user ID, described server is judged, and whether described terminal iidentification, described locator card mark and the corresponding relation of described user ID exist in the second list of bindings, and described second list of bindings is for storing the corresponding relation of user ID of the terminal iidentification of the terminal of having bound, the locator card mark of positioning security card and user;
3rd receiver module, for receiving the machine card number certification of described server generation when determining that described terminal iidentification, described locator card mark and described user ID exist in described second list of bindings by response;
Second determination module, is passed through described terminal, described positioning security card and described user authentication for being determined by response according to the certification of described machine card number.
Preferably, described device also comprises:
Memory module, the locator card for the user ID and described positioning security card that store described user identifies;
Generation module, for generating described first key, and sends described first key to described positioning security card.
Preferably, described device also comprises:
4th sending module, for sending the first bind request to server, the terminal iidentification entering network No. and described terminal of described first bind request carried terminal, make described server by described enter the corresponding relation of network No. and described terminal iidentification be stored in the first list of bindings;
5th sending module, for sending the second bind request to described server, described second bind request carries the terminal iidentification of described terminal, the locator card mark of described positioning security card and the user ID of described user, and described terminal iidentification, described locator card mark and described user ID are stored in the second list of bindings by described server.
In the present invention, if user ID is identical with the user ID stored and locator card mark is identical with the locator card mark stored, generate random number, and send random number to location safety card, make positioning security card according to random number and the first secret generating second key of having stored; Receive the second key that positioning security card sends, and identify acquisition the 3rd key according to the locator card of positioning security card; According to random number and the 3rd secret generating the 4th key, judge that whether the second key is identical with the 4th key; If the second key is identical with the 4th key, certification is passed through.As long as thus terminal or positioning security card is arbitrary occurs that piracy all by certification, cannot improve the accuracy of certification.
Accompanying drawing explanation
Fig. 1 is the method flow diagram of a kind of authentication that the embodiment of the present invention 1 provides;
Fig. 2 is the method flow diagram of a kind of authentication that the embodiment of the present invention 2 provides;
Fig. 3 is the apparatus structure schematic diagram of a kind of authentication that the embodiment of the present invention 3 provides.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with accompanying drawing, embodiment of the present invention is described further in detail.
Embodiment 1
Embodiments provide a kind of method of authentication, see Fig. 1, wherein, the method comprises:
Step 101: obtain the user ID of user and the locator card mark of positioning security card;
Step 102: judge that whether user ID is identical with the user ID stored, and whether locator card mark is identical with the locator card mark stored;
Step 103: if user ID and locator card identical with the user ID stored mark and the locator card that stores identify identical, generate random number, and send random number to location safety card, make positioning security card according to random number and the first secret generating second key of having stored;
Step 104: receive the second key that positioning security card sends, and identify acquisition the 3rd key according to the locator card of positioning security card;
Step 105: according to random number and the 3rd secret generating the 4th key, judge that whether the second key is identical with the 4th key;
Step 106: if the second key is identical with the 4th key, certification is passed through.
Preferably, method also comprises:
If user ID is not identical with the user ID stored, obtain the terminal iidentification entering network No. and terminal of terminal;
Transmitter net authentication request is to server, machine net authentication request is carried into network No. and terminal iidentification, server is judged, and whether the corresponding relation of network No. and terminal iidentification exists in the first list of bindings, and the first list of bindings is for storing the corresponding relation entering the terminal iidentification of network No. and terminal of the terminal of having bound;
The machine net certification that reception server sends when determining that the corresponding relation of network No. and terminal iidentification exists in the first list of bindings is by response;
To be determined by response according to the certification of machine net and the certification of terminating machine net is passed through.
Preferably, method also comprises:
Transmitter card number authentication request is to server, machine card number authentication request carried terminal mark, locator card mark and user ID, server is judged, and whether terminal iidentification, locator card mark and the corresponding relation of user ID exist in the second list of bindings, and the second list of bindings is for storing the corresponding relation of user ID of the terminal iidentification of the terminal of having bound, the locator card mark of positioning security card and user;
The machine card number certification of reception server generation when determining that terminal iidentification, locator card mark and user ID exist in the second list of bindings is by response;
To be determined by response according to the certification of machine card number and terminal, positioning security card and user authentication are passed through.
Preferably, method also comprises:
Store the user ID of user and the locator card mark of positioning security card;
Generate the first key, and send the first key to location safety card.
Preferably, method also comprises:
Send the first bind request to server, the terminal iidentification entering network No. and terminal of the first bind request carried terminal, make server be stored in the first list of bindings by the corresponding relation entering network No. and terminal iidentification;
Send the second bind request to server, the locator card mark of the terminal iidentification of the second bind request carried terminal, positioning security card and the user ID of user, terminal iidentification, locator card mark and user ID are stored in the second list of bindings by server.
In the present invention, if user ID is identical with the user ID stored and locator card mark is identical with the locator card mark stored, generate random number, and send random number to location safety card, make positioning security card according to random number and the first secret generating second key of having stored; Receive the second key that positioning security card sends, and identify acquisition the 3rd key according to the locator card of positioning security card; According to random number and the 3rd secret generating the 4th key, judge that whether the second key is identical with the 4th key; If the second key is identical with the 4th key, certification is passed through.As long as thus terminal or positioning security card is arbitrary occurs that piracy all by certification, cannot improve the accuracy of certification.
Embodiment 2
Embodiments provide a kind of method of authentication, see Fig. 2, wherein, the method comprises:
Step 201: obtain the user ID of user and the locator card mark of positioning security card;
Before terminal positions service, terminal obtains the locator card mark of the user ID of user and positioning security card, determines whether terminal has the subscriber authorisation of positioning service, operator is authorized and map mandate according to user ID and locator card mark.
Wherein, positioning security card is used for store location data; Terminal is arbitrary terminal with positioning function, if terminal is the mobile phone or panel computer etc. with positioning function; User ID can be the phone number etc. of terminal; Locator card mark can be the GUID (Globally Unique Identifier GUID) etc. of positioning security card.
Step 202: judge that whether user ID is identical with the user ID stored, and whether locator card mark is identical with the locator card mark stored;
Before this step, terminal will store the user ID and locator card mark of having bound, in this step, judge that whether user ID is identical with the user ID stored, and whether locator card mark is identical with the locator card mark stored, if user ID is identical with the user ID stored and locator card mark is identical with the locator card mark stored, perform step 203; If user ID is not identical with the user ID stored or locator card mark is not identical with the locator card mark stored, perform step 206.
Step 203: generate random number, and send random number to location safety card;
Terminal stochastic generation random number, and send random number to location safety card according to the locator card mark of positioning security card; The random number that positioning security card receiving terminal sends, and obtain the first key of having stored, according to random number and the first secret generating second key of having stored, sends the second key to terminal, execution step 204.
Before this step, after positioning security card and terminal binding, terminal sends the first key to location safety card; The first key that positioning security card receiving terminal sends, and store the first key.
Step 204: receive the second key that positioning security card sends, and identify acquisition the 3rd key according to the locator card of positioning security card;
Before this step, after terminal and positioning security card are bound, terminal generates the 3rd key according to terminal iidentification, the locator card mark of store location safety card and the corresponding relation of the 3rd key.Accordingly, according to the locator card of positioning security card mark acquisition the 3rd key can be: the locator card according to positioning security card identify, acquisition the 3rd key from the corresponding relation of locator card mark and the 3rd key.
Step 205: according to random number and the 3rd secret generating the 4th key, judge that whether the second key is identical with the 4th key, if identical, performs step 206; If not by performing step 207;
According to random number and the 3rd secret generating the 4th key, judge that whether the second key is identical with the 4th key, if identical, determine that terminal and positioning security card complete binding, also authentication authorization and accounting passes through, and performs step 206; If the second key is not identical with the 4th key, determine that terminal and positioning security card do not complete binding, also authentication authorization and accounting does not pass through, and performs step 207, carries out the certification of machine net and the certification of machine card number.
Step 206: determine that authentication is passed through, terminates.
Step 207: the terminal iidentification entering network No. and terminal obtaining terminal, transmitter net authentication request is to server, and this machine net authentication request is carried into network No. and terminal iidentification;
When terminal networks, what terminal acquisition terminal was unique enters network No., and is stored into network No., and in this step, what acquisition had stored enters network No..Terminal transmitter net authentication request is to server, and this machine net authentication request is carried into network No. and terminal iidentification; The machine net authentication request that server receiving terminal sends, and obtain into network No. and terminal iidentification from machine net authentication request, judge whether the corresponding relation of network No. and terminal iidentification exists in the first list of bindings, the first list of bindings is for storing the corresponding relation entering the terminal iidentification of network No. and terminal of the terminal of having bound; If exist in the first list of bindings, the certification of transmitter net to terminal, performs step 208 by response.If there is no, in the first list of bindings, the certification of transmitter net is not by responding to terminal.
Further, terminal receives the machine net certification of server transmission by after response, terminates.
Before this step, terminal obtains the terminal iidentification entering network No. and terminal of terminal, sends the first bind request to server, the terminal iidentification entering network No. and terminal of the first bind request carried terminal.The first bind request that server receiving terminal sends, obtains the terminal iidentification entering network No. and terminal of terminal, and is stored in the first list of bindings by the corresponding relation entering the terminal iidentification of network No. and terminal of terminal from the first bind request.
The terminal iidentification of terminal can be the IMEI (International Mobile Equipment Identity, mobile device international identity code) etc. of terminal.
Step 208: the machine net certification that reception server sends when determining that the corresponding relation of network No. and terminal iidentification exists in the first list of bindings by response, and to be determined by response according to the certification of machine net and passed through the certification of terminating machine net;
After terminal is determined and passed through the certification of machine net, perform step 208 pair machine card number and carry out certification.
Step 209: transmitter card number authentication request is to server, and this machine card number authentication request carried terminal mark, locator card identify and user ID;
Particularly, terminal obtains the terminal iidentification of terminal, the locator card of positioning security card identifies and the user ID of user, and transmitter card number authentication request is to server, and this machine card number authentication request carried terminal mark, locator card identify and user ID; The machine card number authentication request that server receiving terminal sends, terminal iidentification, locator card mark and user ID is obtained from this machine card number authentication request, and judging whether terminal iidentification, locator card mark and the corresponding relation of user ID exist in the second list of bindings, the second list of bindings is for storing the corresponding relation of user ID of the terminal iidentification of the terminal of having bound, the locator card mark of positioning security card and user; If exist in the second list of bindings, the certification of transmitter card number to terminal, performs step 209 by response.If there is no, in the second list of bindings, the certification of transmitter card number is not by responding to terminal.
Further, terminal receives the machine card number certification of server transmission by after response, terminates.
Before this step, terminal obtains the terminal iidentification of terminal, the locator card of positioning security card identifies and the user ID of user, send the second bind request to server, the locator card mark of the terminal iidentification of the first bind request carried terminal, positioning security card and the user ID of user.The second bind request that server receiving terminal sends, from the second bind request, obtain the terminal iidentification of terminal, the locator card mark of positioning security card and the user ID of user, and the corresponding relation of the user ID of the locator card of the terminal iidentification of terminal, positioning security card mark and user is stored in the second list of bindings.
Further, terminal can also obtain the encryption key of positioning security card, identified by the locator card of this positioning security card of this encryption keys, the locator card mark of the terminal iidentification of this second bind request carried terminal, the positioning security card of encryption and the user ID of user.After server receives the second bind request, the terminal iidentification of terminal, the locator card mark of the positioning security card of encryption and the user ID of user is obtained from this second bind request, and obtain decruption key, the locator card mark of positioning security card is obtained by the locator card mark of the positioning security card of this encryption of decryption key decryption.
Step 210: reception server determining that machine card number certification that terminal iidentification, locator card mark and user ID occur when existing in the second list of bindings is by response, and is determined according to machine card number authentication response and passed through terminal, positioning security card and user authentication;
After terminal is passed through the certification of machine net and the certification of machine card number, terminal realizes terminal by following steps 210 and step 211 and associates with positioning security card.
Step 211: store the user ID of user and the locator card mark of positioning security card;
After the certification of terminating machine net and the certification of machine card number are passed through, store the user ID of user and the locator card mark of positioning security card, to determine whether terminal changes user ID and positioning security card according to according to user ID and locator card mark.
It should be noted that, machine card association certification is two-way, and positioning security card also adopts above flow process certification terminal.
Further, after the user ID of terminal storage user and the locator card of positioning security card identify, the locator card that terminal sends positioning security card identifies to server; The locator card mark of the positioning security card that server receiving terminal sends, and judge whether this positioning security card customizes positioning service, thus realize the continuity of checking positioning security card.
It should be noted that, only have legal terminal, positioning security card and user ID could obtain the rights of using of positioning service, also, after namely terminal authentication passes through, can use positioning service, method provided by the invention can identify pirate terminal, pirate positioning security card and user ID.
Step 212: generate the first key, and send the first key to location safety card.
Terminal generates the first key after associating with positioning security card, send the first key to location safety card, thus positioning security card can according to the first key and generating random number second key.
In the present invention, if user ID is identical with the user ID stored and locator card mark is identical with the locator card mark stored, generate random number, and send random number to location safety card, make positioning security card according to random number and the first secret generating second key of having stored; Receive the second key that positioning security card sends, and identify acquisition the 3rd key according to the locator card of positioning security card; According to random number and the 3rd secret generating the 4th key, judge that whether the second key is identical with the 4th key; If the second key is identical with the 4th key, certification is passed through.As long as thus terminal or positioning security card is arbitrary occurs that piracy all by certification, cannot improve the accuracy of certification.
Embodiment 3
Embodiments provide a kind of device of authentication, see Fig. 3, wherein, this device comprises:
On the other hand, the invention provides a kind of device of authentication, device comprises:
First acquisition module 301, the locator card for the user ID and positioning security card that obtain user identifies;
First judge module 302, for judging that whether user ID is identical with the user ID stored, and whether locator card mark is identical with the locator card mark stored;
First sending module 303, if and locator card identical with the user ID stored mark and the locator card that stores identify identical for user ID, generate random number, and send random number to location safety card, make positioning security card according to random number and the first secret generating second key of having stored;
First receiver module 304, for receiving the second key that positioning security card sends, and identifies acquisition the 3rd key according to the locator card of positioning security card;
Second judge module 305, for according to random number and the 3rd secret generating the 4th key, judges that whether the second key is identical with the 4th key;
Authentication module 306, if identical with the 4th key for the second key, certification is passed through.
Preferably, device also comprises:
Second acquisition module, if not identical with the user ID stored for user ID, obtains the terminal iidentification entering network No. and terminal of terminal;
Second sending module, for transmitter net authentication request to server, machine net authentication request is carried into network No. and terminal iidentification, server is judged, and whether the corresponding relation of network No. and terminal iidentification exists in the first list of bindings, and the first list of bindings is for storing the corresponding relation entering the terminal iidentification of network No. and terminal of the terminal of having bound;
Second receiver module, response is passed through in the machine net certification sent when determining that the corresponding relation of network No. and terminal iidentification exists in the first list of bindings for reception server;
First determination module, is passed through the certification of terminating machine net for being determined by response according to the certification of machine net.
Preferably, device also comprises:
3rd sending module, for transmitter card number authentication request to server, machine card number authentication request carried terminal mark, locator card mark and user ID, server is judged, and whether terminal iidentification, locator card mark and the corresponding relation of user ID exist in the second list of bindings, and the second list of bindings is for storing the corresponding relation of user ID of the terminal iidentification of the terminal of having bound, the locator card mark of positioning security card and user;
3rd receiver module, response is passed through in the machine card number certification for reception server generation when determining that terminal iidentification, locator card mark and user ID exist in the second list of bindings;
Second determination module, is passed through terminal, positioning security card and user authentication for being determined by response according to the certification of machine card number.
Preferably, device also comprises:
Memory module, the locator card for the user ID and positioning security card that store user identifies;
Generation module, for generating the first key, and sends the first key to location safety card.
Preferably, device also comprises:
4th sending module, for sending the first bind request to server, the terminal iidentification entering network No. and terminal of the first bind request carried terminal, makes server be stored in the first list of bindings by the corresponding relation entering network No. and terminal iidentification;
5th sending module, for sending the second bind request to server, the locator card mark of the terminal iidentification of the second bind request carried terminal, positioning security card and the user ID of user, make server terminal iidentification, locator card mark and user ID are stored in the second list of bindings.
In the present invention, if user ID is identical with the user ID stored and locator card mark is identical with the locator card mark stored, generate random number, and send random number to location safety card, make positioning security card according to random number and the first secret generating second key of having stored; Receive the second key that positioning security card sends, and identify acquisition the 3rd key according to the locator card of positioning security card; According to random number and the 3rd secret generating the 4th key, judge that whether the second key is identical with the 4th key; If the second key is identical with the 4th key, certification is passed through.As long as thus terminal or positioning security card is arbitrary occurs that piracy all by certification, cannot improve the accuracy of certification.
It should be noted that: the device of the authentication that above-described embodiment provides is when authentication, only be illustrated with the division of above-mentioned each functional module, in practical application, can distribute as required and by above-mentioned functions and be completed by different functional modules, internal structure by device is divided into different functional modules, to complete all or part of function described above.In addition, the device of the authentication that above-described embodiment provides and the embodiment of the method for authentication belong to same design, and its specific implementation process refers to embodiment of the method, repeats no more here.
One of ordinary skill in the art will appreciate that all or part of step realizing above-described embodiment can have been come by hardware, the hardware that also can carry out instruction relevant by program completes, described program can be stored in a kind of computer-readable recording medium, the above-mentioned storage medium mentioned can be read-only memory, disk or CD etc.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a method for authentication, is characterized in that, described method comprises:
Obtain the user ID of user and the locator card mark of positioning security card;
Judge that whether described user ID is identical with the user ID stored, and whether described locator card mark is identical with the locator card mark stored;
If described user ID is identical with the user ID stored and described locator card mark is identical with the locator card mark stored, generate random number, and send described random number to described positioning security card, make described positioning security card according to described random number and the first secret generating second key of having stored;
Receive described second key that described positioning security card sends, and identify acquisition the 3rd key according to the locator card of described positioning security card;
According to described random number and described 3rd secret generating the 4th key, judge that whether described second key is identical with described 4th key;
If described second key is identical with described 4th key, certification is passed through.
2. the method for claim 1, is characterized in that, described method also comprises:
If described user ID is not identical with the user ID stored, obtain the terminal iidentification entering network No. and described terminal of terminal;
Transmitter net authentication request is to server, described machine net authentication request enters network No. and described terminal iidentification described in carrying, whether make the corresponding relation entering network No. and described terminal iidentification described in the judgement of described server exist in the first list of bindings, described first list of bindings is for storing the corresponding relation entering the terminal iidentification of network No. and terminal of the terminal of having bound;
Receive machine net certification that described server sends when the corresponding relation entering network No. and described terminal iidentification described in determining exists in the first list of bindings by response;
To be determined by response according to the certification of described machine net and the certification of described terminating machine net is passed through.
3. method as claimed in claim 2, it is characterized in that, described method also comprises:
Transmitter card number authentication request gives described server, described machine card number authentication request carries described terminal iidentification, described locator card mark and described user ID, described server is judged, and whether described terminal iidentification, described locator card mark and the corresponding relation of described user ID exist in the second list of bindings, and described second list of bindings is for storing the corresponding relation of user ID of the terminal iidentification of the terminal of having bound, the locator card mark of positioning security card and user;
Receive the machine card number certification of described server generation when determining that described terminal iidentification, described locator card mark and described user ID exist in described second list of bindings by response;
To be determined by response according to the certification of described machine card number and described terminal, described positioning security card and described user authentication are passed through.
4. method as claimed in claim 3, it is characterized in that, described method also comprises:
Store the user ID of described user and the locator card mark of described positioning security card;
Generate described first key, and send described first key to described positioning security card.
5. the method for claim 1, is characterized in that, described method also comprises:
Send the first bind request to server, the terminal iidentification entering network No. and described terminal of described first bind request carried terminal, make described server by described enter the corresponding relation of network No. and described terminal iidentification be stored in the first list of bindings;
Send the second bind request to described server, described second bind request carries the terminal iidentification of described terminal, the locator card mark of described positioning security card and the user ID of described user, and described terminal iidentification, described locator card mark and described user ID are stored in the second list of bindings by described server.
6. a device for authentication, is characterized in that, described device comprises:
First acquisition module, the locator card for the user ID and positioning security card that obtain user identifies;
First judge module, for judging that whether described user ID is identical with the user ID stored, and whether described locator card mark is identical with the locator card mark stored;
First sending module, if and described locator card mark identical with the user ID stored and the locator card that stores identify identical for described user ID, generate random number, and send described random number to described positioning security card, make described positioning security card according to described random number and the first secret generating second key of having stored;
First receiver module, for receiving described second key that described positioning security card sends, and identifies acquisition the 3rd key according to the locator card of described positioning security card;
Second judge module, for according to described random number and described 3rd secret generating the 4th key, judges that whether described second key is identical with described 4th key;
Authentication module, if identical with described 4th key for described second key, certification is passed through.
7. device as claimed in claim 6, it is characterized in that, described device also comprises:
Second acquisition module, if not identical with the user ID stored for described user ID, obtains the terminal iidentification entering network No. and described terminal of terminal;
Second sending module, for transmitter net authentication request to server, described machine net authentication request enters network No. and described terminal iidentification described in carrying, whether make the corresponding relation entering network No. and described terminal iidentification described in the judgement of described server exist in the first list of bindings, described first list of bindings is for storing the corresponding relation entering the terminal iidentification of network No. and terminal of the terminal of having bound;
Second receiver module, response is passed through in the machine net certification sent when the corresponding relation entering network No. and described terminal iidentification described in determining exists in the first list of bindings for receiving described server;
First determination module, is passed through the certification of described terminating machine net for being determined by response according to the certification of described machine net.
8. device as claimed in claim 7, it is characterized in that, described device also comprises:
3rd sending module, described server is given for transmitter card number authentication request, described machine card number authentication request carries described terminal iidentification, described locator card mark and described user ID, described server is judged, and whether described terminal iidentification, described locator card mark and the corresponding relation of described user ID exist in the second list of bindings, and described second list of bindings is for storing the corresponding relation of user ID of the terminal iidentification of the terminal of having bound, the locator card mark of positioning security card and user;
3rd receiver module, for receiving the machine card number certification of described server generation when determining that described terminal iidentification, described locator card mark and described user ID exist in described second list of bindings by response;
Second determination module, is passed through described terminal, described positioning security card and described user authentication for being determined by response according to the certification of described machine card number.
9. device as claimed in claim 8, it is characterized in that, described device also comprises:
Memory module, the locator card for the user ID and described positioning security card that store described user identifies;
Generation module, for generating described first key, and sends described first key to described positioning security card.
10. device as claimed in claim 6, it is characterized in that, described device also comprises:
4th sending module, for sending the first bind request to server, the terminal iidentification entering network No. and described terminal of described first bind request carried terminal, make described server by described enter the corresponding relation of network No. and described terminal iidentification be stored in the first list of bindings;
5th sending module, for sending the second bind request to described server, described second bind request carries the terminal iidentification of described terminal, the locator card mark of described positioning security card and the user ID of described user, and described terminal iidentification, described locator card mark and described user ID are stored in the second list of bindings by described server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410422915.1A CN104219626B (en) | 2014-08-25 | 2014-08-25 | A kind of identity authentication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410422915.1A CN104219626B (en) | 2014-08-25 | 2014-08-25 | A kind of identity authentication method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104219626A true CN104219626A (en) | 2014-12-17 |
| CN104219626B CN104219626B (en) | 2017-11-21 |
Family
ID=52100693
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410422915.1A Active CN104219626B (en) | 2014-08-25 | 2014-08-25 | A kind of identity authentication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104219626B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106161359A (en) * | 2015-04-02 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The method and device of certification user, the method and device of registration wearable device |
| CN106162630A (en) * | 2016-06-21 | 2016-11-23 | 贵州电网有限责任公司电力调度控制中心 | The encryption guard system of a kind of terminal unit and method |
| CN108694333A (en) * | 2017-04-07 | 2018-10-23 | 华为技术有限公司 | User information processing method and processing device |
| CN109447203A (en) * | 2018-11-07 | 2019-03-08 | 广州凯晟信息科技有限公司 | Two dimensional code encryption and decryption method, device, Cloud Server and system |
| WO2019184736A1 (en) * | 2018-03-31 | 2019-10-03 | 华为技术有限公司 | Access authentication method and device, and server |
| CN113327371A (en) * | 2021-05-21 | 2021-08-31 | 福建星云电子股份有限公司 | Card swiping authentication method and system for charging pile |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1478196A2 (en) * | 2003-05-12 | 2004-11-17 | Vodafone Group PLC | Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module. |
| CN102137396A (en) * | 2010-11-12 | 2011-07-27 | 华为终端有限公司 | Terminal, card and method and system for checking machine and card |
| CN102833068A (en) * | 2011-06-15 | 2012-12-19 | 中兴通讯股份有限公司 | Method for bidirectional authentication of terminal and smart card, protocol and smart card |
| CN102984689A (en) * | 2012-11-21 | 2013-03-20 | 东莞宇龙通信科技有限公司 | System and method for verifying mobile terminal |
-
2014
- 2014-08-25 CN CN201410422915.1A patent/CN104219626B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1478196A2 (en) * | 2003-05-12 | 2004-11-17 | Vodafone Group PLC | Module and method for detecting at least one event in a cellular mobile telephony subscriber equipment, a computer program to carry out the method and a card and terminal with the module. |
| CN102137396A (en) * | 2010-11-12 | 2011-07-27 | 华为终端有限公司 | Terminal, card and method and system for checking machine and card |
| CN102833068A (en) * | 2011-06-15 | 2012-12-19 | 中兴通讯股份有限公司 | Method for bidirectional authentication of terminal and smart card, protocol and smart card |
| CN102984689A (en) * | 2012-11-21 | 2013-03-20 | 东莞宇龙通信科技有限公司 | System and method for verifying mobile terminal |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10587418B2 (en) | 2015-04-02 | 2020-03-10 | Alibaba Group Holding Limited | Authenticating a user and registering a wearable device |
| CN106161359B (en) * | 2015-04-02 | 2019-09-17 | 阿里巴巴集团控股有限公司 | It authenticates the method and device of user, register the method and device of wearable device |
| US10873573B2 (en) | 2015-04-02 | 2020-12-22 | Advanced New Technologies Co., Ltd. | Authenticating a user and registering a wearable device |
| CN106161359A (en) * | 2015-04-02 | 2016-11-23 | 阿里巴巴集团控股有限公司 | The method and device of certification user, the method and device of registration wearable device |
| CN106162630A (en) * | 2016-06-21 | 2016-11-23 | 贵州电网有限责任公司电力调度控制中心 | The encryption guard system of a kind of terminal unit and method |
| CN106162630B (en) * | 2016-06-21 | 2023-03-10 | 贵州电网有限责任公司电力调度控制中心 | Encryption protection method for terminal equipment |
| CN108694333A (en) * | 2017-04-07 | 2018-10-23 | 华为技术有限公司 | User information processing method and processing device |
| CN110324287A (en) * | 2018-03-31 | 2019-10-11 | 华为技术有限公司 | Access authentication method, device and server |
| CN110324287B (en) * | 2018-03-31 | 2020-10-23 | 华为技术有限公司 | Access authentication method, device and server |
| WO2019184736A1 (en) * | 2018-03-31 | 2019-10-03 | 华为技术有限公司 | Access authentication method and device, and server |
| CN112260995A (en) * | 2018-03-31 | 2021-01-22 | 华为技术有限公司 | Access authentication method, device and server |
| CN112260995B (en) * | 2018-03-31 | 2022-05-24 | 华为云计算技术有限公司 | Access authentication method, device and server |
| CN109447203A (en) * | 2018-11-07 | 2019-03-08 | 广州凯晟信息科技有限公司 | Two dimensional code encryption and decryption method, device, Cloud Server and system |
| CN113327371A (en) * | 2021-05-21 | 2021-08-31 | 福建星云电子股份有限公司 | Card swiping authentication method and system for charging pile |
| CN113327371B (en) * | 2021-05-21 | 2022-08-05 | 福建星云电子股份有限公司 | Card swiping authentication method and system for charging pile |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104219626B (en) | 2017-11-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105516103B (en) | Method, device and system for binding intelligent household electrical appliance | |
| CN103095457B (en) | A kind of login of application program, verification method | |
| CN104219626A (en) | Identity authentication method and device | |
| CN105553932A (en) | Method, device and system of remote control safety binding of intelligent home appliance | |
| CN106790156B (en) | Intelligent device binding method and device | |
| CN105007577A (en) | Virtual SIM card parameter management method, mobile terminal and server | |
| CN105262773B (en) | A kind of verification method and device of Internet of things system | |
| CN104869175A (en) | Cross-platform account resource sharing implementation method, device and system | |
| CN104145467A (en) | Policy for secure packet transmission using required node paths and cryptographic signatures | |
| CN103188221A (en) | Application login method, application login device and mobile terminal | |
| CN102833712A (en) | Method, device, server and system for preventing information leakage and equipment | |
| CN103974248A (en) | Terminal security protection method, device and system in ability open system | |
| CN105471815A (en) | Internet-of-things data security method and Internet-of-things data security device based on security authentication | |
| CN103166977A (en) | Method, terminal, server and system for accessing website | |
| CN102984335B (en) | Dial the identity identifying method of landline telephone, equipment and system | |
| CN107041171A (en) | Low-power consumption bluetooth BLE equipment, data update system and method | |
| CN106817346A (en) | Data transmission method and device and electronic equipment | |
| CN102546172A (en) | Access control method of intelligent card, intelligent card, terminal and system | |
| CN105933374A (en) | Mobile terminal data backup method, system and mobile terminal | |
| CN114040411B (en) | Equipment binding method and device, electronic equipment and storage medium | |
| CN101426049A (en) | Data card and method, equipment, system for using equipment binding | |
| CN105516136A (en) | Authority management method, device and system | |
| CN104796262A (en) | Data encryption method and terminal system | |
| CN105471920A (en) | Identifying code processing method and device | |
| CN107318100B (en) | Method, device and system for binding mobile phone number |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |