CN104468582A - User information certification authorization method and system - Google Patents
User information certification authorization method and system Download PDFInfo
- Publication number
- CN104468582A CN104468582A CN201410764212.7A CN201410764212A CN104468582A CN 104468582 A CN104468582 A CN 104468582A CN 201410764212 A CN201410764212 A CN 201410764212A CN 104468582 A CN104468582 A CN 104468582A
- Authority
- CN
- China
- Prior art keywords
- mobile device
- authentication
- identification information
- server
- authorization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides a user information certification authorization method and system. The certification authorization method includes the steps that a mobile device detects wireless communication signals sent by a certification device; when the wireless communication signals detected by the mobile device meet the preset conditions, first identification information is obtained through the certification device; the mobile device sends an authorization request to a server according to the first identification information; the server conducts identity verification on the mobile device according to the authorization request; when the identity verification is successful, the server sends authorization response information to the certification device; the certification device conducts certification authorization on the mobile device according to the authorization response information. According to the user information certification authorization method and system, through verification authorization of the first identification, the safety and convenience of user information verification authorization are improved.
Description
Technical field
The present invention relates to the communications field, particularly relate to a kind of authentication authority method and system of user profile.
Background technology
At present, user terminal uses plaintext or Quick Response Code as authorization identification information, mobile device and user terminal can be intercomed by wired or wireless mode, after mobile device gets the authorization identification information of user terminal, carry out checking to user terminal to authorize, carry out the application demand of completing user terminal.Such as, user terminal uses Quick Response Code as authorization message, certain application customer side is installed in mobile device, clicks the scan instruction obtaining Quick Response Code authorization message in application customer side, scanned by the Quick Response Code authorization message of camera to user terminal of mobile device; After scanning Quick Response Code authorization message, carry out checking authorize user terminal, user terminal can be logged in user terminal mandate by mobile phone customer side; Checking is authorized and is logged in by rear, and user terminal logins successfully, and carries out follow-up operation on the subscriber terminal.
But at least there is following shortcoming in above-mentioned checking mandate: user terminal use expressly or Quick Response Code very dangerous as authorization message, be unfavorable for that the system authorization that some safe classes are higher logs in.
Summary of the invention
The invention provides a kind of authentication authority method and system of user profile, in order to realize the secure log of customer information system.
On the one hand, the invention provides a kind of authentication authority method of user profile, described authentication authority method comprises:
Mobile device detects the wireless communication signals that authenticating device sends;
When described mobile device detects described wireless communication signals, obtain the first identification information from described authenticating device;
Described mobile device, according to described first identification information, sends authorization requests to server;
Described server, according to described authorization requests, carries out authentication to described mobile device;
When authentication is passed through, described server sends authorization response message to described authenticating device;
Described authenticating device according to described authorization response message to described mobile device Certificate Authority.
Preferably, before obtaining the first identification information from described authenticating device, described authentication authority method also comprises: described server sends the first identification information preset to described authenticating device.
Preferably, described authorization requests comprises the first user information stored in the first identification information and described mobile device; Described server comprises multiple default user profile; Described server, according to described authorization requests, carries out authentication to described mobile device and is specially:
Described first user information and multiple described default user profile are mated respectively;
When the match is successful for described first user information and arbitrary described default user profile, described server is verified described first identification information;
When to after being verified of described first identification information, then the authentication of described server to described mobile device is passed through.
Preferably, described checking authorization method also comprises, and when described authentication is obstructed out-of-date, described server sends refuse information to described authenticating device.
Preferably, when the described described wireless communication signals detected when described mobile device meets pre-conditioned, obtain the first identification information from described authenticating device and be specially:
When described mobile device connect described wireless communication signals detected time, described mobile device is connected with described authenticating device according to the signal strength signal intensity of described wireless communication signals;
The moving direction of the described mobile device that described mobile device is obtained by communication and the distance between described authenticating device or the relative described authenticating device of described mobile device, when described distance meets predetermined condition with described moving direction, described mobile device obtains described first identification information from described authenticating device.
Preferably, described before described server transmission authorization requests, described authentication authority method also comprises: described mobile device and subscriber equipment carry out wireless connections;
Wherein, described subscriber equipment is bound with described mobile device in advance;
Described subscriber equipment comprises: identity document, bank card, access card.
Preferably, after obtaining the first identification information from described authenticating device, also comprise: mobile device sends to subscriber equipment the request of acquisition, obtain the second user profile stored in subscriber equipment, in described authorization requests, carry described second user profile and the first identification information to make described mobile device.
Preferably, described wireless communication signals comprises: wireless blue tooth signal of communication, wireless near field communication signal; Described when described mobile device detects described wireless communication signals, obtain the first identification information from described authenticating device and be specially:
Described mobile device obtains described first identification information by wireless blue tooth communication mode or wireless near field communication mode from described authenticating device.
Preferably, when described authentication is passed through, described method also comprises:
Described server sends to described mobile device and authorizes successful information.
On the other hand, the invention provides a kind of authentication and authorization system of user profile, described authentication and authorization system comprises: mobile device, authenticating device and server;
Described mobile device, for detecting the wireless communication signals that authenticating device sends;
Described mobile device also for, when described wireless communication signals being detected, obtain the first identification information from described authenticating device;
Described mobile device, for according to described first identification information, sends authorization requests to server;
Described server is used for, and according to described authorization requests, carries out authentication to described mobile device;
Described server also for, when authentication by time, send authorization response message to described authenticating device;
Described authenticating device also for, according to described authorization response message to described mobile device Certificate Authority.
Preferably, described server also for, send the first identification information preset to described authenticating device.
Preferably, described authorization requests comprises the first user information stored in the first identification information and described mobile device; Described server comprises multiple default user profile; Described server specifically for:
Described first user information and multiple described default user profile are mated respectively;
When the match is successful for described first user information and arbitrary described default user profile, described server is verified described first identification information;
When to after being verified of described first identification information, then the authentication of described server to described mobile device is passed through.
Preferably, described server also for, when described authentication is obstructed out-of-date, send refuse information to described authenticating device.
Preferably, described mobile device specifically for,
When described mobile device connect described wireless communication signals detected time, described mobile device is connected with described authenticating device according to the signal strength signal intensity of described wireless communication signals;
The moving direction of the described mobile device that described mobile device is obtained by communication and the distance between described authenticating device or the relative described authenticating device of described mobile device, when described distance meets predetermined condition with described moving direction, described mobile device obtains described first identification information from described authenticating device.
Preferably, described authentication and authorization system also comprises subscriber equipment; Described mobile device also for, carry out wireless connections with described subscriber equipment;
Wherein, described subscriber equipment is bound with described mobile device in advance;
Described subscriber equipment comprises: identity document, bank card, access card.
Preferably, after obtaining the first identification information from described authenticating device, mobile device also for, the request of acquisition is sent to subscriber equipment, obtain the second user profile stored in subscriber equipment, in described authorization requests, carry described second user profile and the first identification information to make described mobile device.
Preferably, described wireless communication signals comprises: wireless blue tooth signal of communication, wireless near field communication signal; Described mobile device specifically for, from described authenticating device, obtain described first identification information by wireless blue tooth communication mode or wireless near field communication mode.
Preferably, described server also for, when described authentication by time, send to described mobile device and authorize successful information.
Therefore, the authentication authority method of a kind of user profile provided by the invention and system, first mark is encrypted, mobile device adopts offline communications to read the second user profile stored in subscriber equipment, and by the Certificate Authority to the first mark, improve fail safe and the convenience of the Certificate Authority of user profile.
Accompanying drawing explanation
The flow chart of the authentication authority method of a kind of user profile that Fig. 1 provides for the embodiment of the present invention one;
The structural representation of the authentication and authorization system of a kind of user profile that Fig. 2 provides for the embodiment of the present invention two.
Embodiment
Below by drawings and Examples, technical scheme of the present invention is described in further detail.
Embodiment one
The flow chart of the authentication authority method of a kind of user profile that Fig. 1 provides for the embodiment of the present invention one.
As shown in Figure 1, the authentication authority method of a kind of user that the embodiment of the present invention provides comprises the following steps:
Step 101, mobile device detects the wireless communication signals that authenticating device sends.
Particularly, mobile device can comprise mobile phone, panel computer etc.; Authenticating device can comprise the authorizing information control ends such as card reader; Wireless communication signals can be wireless blue tooth signal of communication, wireless near field communication signal or other wireless communication signals.
When mobile device detects that the signal strength signal intensity of wireless communication signals meets predetermined condition, described mobile device can sense authenticating device.
In a specific embodiment, after mobile device enters the region of authenticating device service, after mobile device detects the wireless blue tooth signal of communication that authenticating device sends or wireless near field communication signal, by corresponding wireless blue tooth communication mode, wireless near field communication mode or other communications induction authenticating device.
Step 102, when described authenticating device being detected, obtains the first identification information from described authenticating device.
Particularly, after mobile device detects wireless communication signals, carry out wireless connections according to the signal strength signal intensity of wireless communication signals and described authenticating device; Mobile device by communication obtain distance between mobile device and authenticating device, the moving direction of mobile device relative authentication equipment or other conditions meet default condition threshold time, mobile device gets the first identification information from authenticating device.Wherein, the first identification information be set in advance in server to should unique identification information of equipment, this first identification information can be the authentication password information such as identification sequences number, or 2 D code information.
A multiple authenticating device of server monitoring, server presets multiple unique identification information, and identification information is sent to authenticating device respectively.
Mobile device obtains the positional information of the signal strength signal intensity of wireless communication signals, mobile device and authenticating device by specific location technology, or the directional information between mobile device and authenticating device.Such as, mobile device can by having general packet radio service technology (General Packet RadioService, GPRS), by global positioning system (Global Positioning System, GPS) position, or other navigation systems obtain the positional information of mobile device and authenticating device, obtain corresponding range information according to positional information.
Mobile device also can according to the moving direction of the Distance Judgment mobile device between mobile device and authenticating device, when mobile device moves along the direction near authenticating device, at mobile device when meeting preset direction condition, mobile device obtains the first identification information from authenticating device; When the direction of mobile device along principle authenticating device is moved, so, mobile device does not obtain the first authentication information from authenticating device.
Wherein, meet presetting condition threshold can be specially: the distance between mobile device and authenticating device is less than presetting distance threshold; Or the signal strength signal intensity of mobile device and authenticating device is greater than presetting signal strength threshold; Or mobile device is consistent near the direction of authenticating device.
Step 105, described mobile device, according to described first identification information, sends authorization requests to server.
Particularly, authorization requests comprises the first identification information and first user information; Application software customer side is installed in mobile device; First user information is specially the user profile stored in application software customer side, and wherein, first user information can be specially the information such as the user name logging in application software customer side; After mobile device gets the first identification information from authenticating device, described first identification information and described first user information are sent to server by mobile device.
After server receives authorization requests, described server, according to authorization requests, carries out authentication to mobile device, and the process of authentication specifically can comprise step 106 and step 107.
Step 106, mates respectively to described first user information and multiple described default user profile.
Particularly, described server comprises multiple default user profile, that is, server is before the authorization requests receiving the transmission of described mobile device, and server is authorized multiple application service client, and the user profile of multiple application customer side is stored.Then, server, according to authorization requests, mates respectively to the user profile of first user information and multiple described storage.
Step 107, when the match is successful for the user profile of first user information and arbitrary storage, described server carries out authentication to described first identification information.
Be specially, the first identification information carried in the authorization requests information receive server is verified, determine whether the first identification information is the first identification information that server is preset, when the first identification information be server preset the first identification information time, the authentication of the first identification information is passed through, then the authentication of server to mobile device is passed through.Wherein, to the checking of the first identification information, when its object is to prevent mobile device from sending authorization requests by wired mode to server, authorization requests is tampered.When authentication is passed through, perform step 109.
Step 109, when authentication is passed through, described server sends authorization response message to described authenticating device.
Particularly, when server is verified mobile equipment identity, server sends authorization response message to authenticating device, and notice authenticating device performs Certificate Authority.
Step 111, described authenticating device according to described authorization response message to described mobile device Certificate Authority.
Particularly, after described authenticating device receives the authorization response message of described server transmission, according to described authorization response message, perform Certificate Authority.
In addition, described authentication authority method also comprises: when described authentication is passed through, and described server sends to described mobile device and authorizes successful information.
After step 105, described authentication authority method also comprises:
Step 108, when first user information is mated unsuccessful with the user profile of arbitrary storage, described server refuses described authorization requests.
Particularly, when first user information is mated unsuccessful with the user profile of arbitrary storage, the authorization requests that server refusal mobile device sends; Server sends authorization failure information to authenticating device; Server can also send authorization failure information to mobile device, prompting user rs authentication authorization failure.
After step 106, described authentication authority method also comprises:
Step 110, when authentication is obstructed out-of-date, described server refuses described authorization requests.
Particularly, when authentication is obstructed out-of-date, the authorization requests that server refusal mobile device sends; Server sends authorization failure information to authenticating device; Server can also send authorization failure information to mobile device, prompting user rs authentication authorization failure.
Alternatively, after step 102, described authentication authority method can also comprise:
Step 103, described mobile device and subscriber equipment carry out wireless connections.
Particularly, after mobile device receives the first identification information, initiate the wireless connections with subscriber equipment.
Described subscriber equipment is the safety means carrying out with described mobile device in advance binding; Described subscriber equipment comprises: identity document, bank card, access card.
Step 104, mobile device sends to subscriber equipment the request of acquisition, obtains the second user profile stored in subscriber equipment.
Particularly, after wireless connections success, mobile device sends to subscriber equipment the request of acquisition.Can comprise the second user profile in subscriber equipment, the second user profile can comprise the authentication information such as Real Name, biological characteristic of user.
Described authorization requests information can comprise first user information, the second user profile and described first identification information.
Described authorization requests information also can only include the second user profile and the first identification information.
In a specific embodiment, authorization requests information comprises the second user profile and the first identification information, receive the authorization requests of mobile device transmission at server, carry out authentication according to the authorization requests received: server mates the second user profile according to multiple second user profile of pre-stored; When the match is successful for the arbitrary user profile prestored in the second user profile and server, carry out the first identification information and carry out authentication; After being verified, server sends authorization response message to authenticating device; Authenticating device according to the authorization response message received, to mobile device Certificate Authority.
In another specific embodiment, when authorization requests comprises first user information, the second user profile and described first identification information, described server, when carrying out authentication according to described authorization requests, first user information, the second user profile can be verified successively, authentication all by time carry out the checking of the first identification information; Also the second user profile and the first identification information can be adopted to verify, handset device carries out Certificate Authority.
In other embodiments, when authorization requests information comprises first user information, the second user profile and the first identification information, server only can carry out authentication to the second user profile and the first identification information; Server also can carry out authentication to first user information and the first identification information, and user can arrange authentication condition according to corresponding demand for security.
Therefore, the authentication authority method of a kind of user profile provided by the invention, mobile device adopts offline communications to read the second user profile stored in subscriber equipment, and by the Certificate Authority to the first mark, improves fail safe and the convenience of the Certificate Authority of user profile.
Embodiment two
The embodiment of the present invention provides a kind of authentication and authorization system of user profile, and for realizing the method that the embodiment of the present invention one provides, its authentication and authorization system comprises: mobile device 201 authenticating device 202 and server 203.
Described mobile device 201, for the application service customer side by storing in described mobile device, detects authenticating device 302.
Described mobile device 201 also for, when described authenticating device 201 being detected, obtain the first identification information from described authenticating device 202.
Described mobile device 201, for according to described first identification information, sends authorization requests to server 303.
Described server 203 for, according to described authorization requests, authentication is carried out to described mobile device 201.
Described server 203 also for, when authentication by time, send authorization response message to described authenticating device 202.
Described authenticating device 202 also for, according to described authorization response message to described mobile device 201 Certificate Authority.
Described server also for, send the first identification information preset to described authenticating device 202.
Wherein, described authorization requests comprises the first user information stored in the first identification information and described mobile device 201; Described server 203 comprises multiple default user profile; Described server 203 specifically for:
Described first user information and multiple described default user profile are mated respectively.
When the match is successful for described first user information and arbitrary described default user profile, described server 203 is verified described first identification information.
When to after being verified of described first identification information, then the authentication of described server to described mobile device 201 is passed through.
Described server 203 also for, when described authentication is obstructed out-of-date, send refuse information to described authenticating device 202.
Wherein, described mobile device 201, the wireless communication signals intensity sent by the application service customer side induction authenticating device 202 stored in described mobile device; Described wireless communication signals comprises other wireless communication signals such as wireless blue tooth signal of communication, wireless near field communication signal.Described mobile device 201 specifically for, when described mobile device 301 detects the direction of the signal strength signal intensity of wireless communication signals, the distance between mobile device 201 and authenticating device 202 and mobile device 201 and authenticating device or other conditions meet predetermined condition, described mobile device 201 detects described authenticating device 202.
In a preferred embodiment, described authentication and authorization system also comprises subscriber equipment 304; Described mobile device 201 also for, carry out wireless connections with described subscriber equipment 204.
Wherein, described subscriber equipment 204 is for bind with described mobile device 201 in advance; Described subscriber equipment comprises: identity document, bank card, access card.
Described subscriber equipment 204 can comprise the second user profile, described mobile device 201 is also for sending to described subscriber equipment 204 request of acquisition, obtain the second user profile stored in subscriber equipment 201, in described authorization requests, carry described second user profile and the first identification information to make described mobile device 201.Wherein said second user profile can comprise the true identity information such as name, biological characteristic of user.
Described mobile device 201 specifically for, obtain described first identification information by wireless blue tooth communication mode, wireless near field communication mode or other communications from described mobile device 202.
Alternatively, described server 203 also for, when described authentication by time, send to described mobile device 201 and authorize successful information.Therefore, the authentication and authorization system of a kind of user profile provided by the invention, server authorizes first identification information, mobile device adopts offline communications to read the second user profile stored in subscriber equipment, and the first identification information of server pre-stored, carry out Certificate Authority, improve fail safe and the convenience of the Certificate Authority of user profile.
Technical scheme for a better understanding of the present invention, below with a concrete example, is illustrated the method and system that the above embodiment of the present invention provides.
Embodiment three
In this example, authenticating device is access-control card reader; Mobile device is mobile phone; Application (Application, APP) the software customer side of installing in mobile phone is gate inhibition APP customer side; Subscriber equipment is identity document.When user carries the mobile phone being provided with gate inhibition APP customer side, when preparing to enter the community that gate inhibition is housed, mobile phone is intercomed by wireless blue tooth communication mode and access-control card reader; When the wireless blue tooth signal that the gate inhibition APP customer side infomation detection installed in mobile phone is launched to neighbouring access-control card reader, afterwards, mobile phone detects the signal strength signal intensity getting wireless blue tooth signal; And the threshold value of signal strength signal intensity presetting in the wireless blue tooth signal strength signal intensity of acquisition and mobile phone is compared judgement, when the signal strength signal intensity of the wireless blue tooth signal that mobile phone detects exceedes presetting condition threshold, mobile phone obtains authentication password information by wireless blue tooth communication mode from access-control card reader, this first identification information can be the authentication password information such as identification sequences number, or 2 D code information.
Then, mobile phone obtains the biological information of user from identity document by other offline communications modes such as wireless blue tooth communication mode or wireless near field communication modes; Then, mobile phone is according to the biological information of the username information stored in gate inhibition APP customer side, the user obtained from identity document and the authentication password information that obtains from access-control card reader, generate authorization requests information, and authorization requests information is sent to background server by wire communication mode, wire communication mode can comprise the GPRS communication of mobile phone self.
After background server receives the authorization requests of mobile phone transmission, according to the first user name information of carrying in authorization requests, the biological information of user and authentication password information carry out identification authorization, the multiple user profile prestored when the user profile of carrying in authorization requests information and background server are mated, when the match is successful for arbitrary user profile that the user profile of carrying in authorization requests and station server prestore, carry out authentication password checking, when background server verifies that this authentication password information is the authentication password information of self distributing, mobile phone is authorized, and to the information that access-control card reader transmission Certificate Authority passes through, access-control card reader receives the Certificate Authority of background server transmission by after information, makes the user holding this mobile phone enter this community according to the external equipment of Certificate Authority announcement information access control.When background server carries out identification authorization failure to mobile phone, background server sends certificate authentication failure information to access-control card reader, can by other mode reminding user certificate authentication failures such as voice, access-control card reader access control external equipment stops this mobile phone to hold user to enter this community.
Professional should recognize further, in conjunction with unit and the algorithm steps of each example of embodiment disclosed herein description, can realize with electronic hardware, computer software or the combination of the two, in order to the interchangeability of hardware and software is clearly described, generally describe composition and the step of each example in the above description according to function.These functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can use distinct methods to realize described function to each specifically should being used for, but this realization should not thought and exceeds scope of the present invention.
The software module that the method described in conjunction with embodiment disclosed herein or the step of algorithm can use hardware, processor to perform, or the combination of the two is implemented.Software module can be placed in the storage medium of other form any known in random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.
Above-described embodiment; object of the present invention, technical scheme and beneficial effect are further described; be understood that; the foregoing is only the specific embodiment of the present invention; the protection range be not intended to limit the present invention; within the spirit and principles in the present invention all, any amendment made, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (18)
1. an authentication authority method for user profile, is characterized in that, described authentication authority method comprises:
Mobile device detects the wireless communication signals that authenticating device sends;
When the described wireless communication signals that described mobile device detects meets pre-conditioned, obtain the first identification information from described authenticating device;
Described mobile device, according to described first identification information, sends authorization requests to server;
Described server, according to described authorization requests, carries out authentication to described mobile device;
When authentication is passed through, described server sends authorization response message to described authenticating device;
Described authenticating device according to described authorization response message to described mobile device Certificate Authority.
2. authentication authority method according to claim 1, is characterized in that, before obtaining the first identification information from described authenticating device, described authentication authority method also comprises: described server sends the first identification information preset to described authenticating device.
3. authentication authority method according to claim 1, is characterized in that, described authorization requests comprises the first user information stored in the first identification information and described mobile device; Described server comprises multiple default user profile; Described server, according to described authorization requests, carries out authentication to described mobile device and is specially:
Described first user information and multiple described default user profile are mated respectively;
When the match is successful for described first user information and arbitrary described default user profile, described server is verified described first identification information;
When to after being verified of described first identification information, then the authentication of described server to described mobile device is passed through.
4. authentication authority method according to claim 1, is characterized in that, described authentication authority method also comprises, and when described authentication is obstructed out-of-date, described server sends refuse information to described authenticating device.
5. authentication authority method according to claim 1, is characterized in that, when the described described wireless communication signals detected when described mobile device meets pre-conditioned, obtains the first identification information be specially from described authenticating device:
When described mobile device connect described wireless communication signals detected time, described mobile device is connected with described authenticating device according to the signal strength signal intensity of described wireless communication signals;
The moving direction of the described mobile device that described mobile device is obtained by communication and the distance between described authenticating device or the relative described authenticating device of described mobile device, when described distance meets predetermined condition with described moving direction, described mobile device obtains described first identification information from described authenticating device.
6. authentication authority method according to claim 1, is characterized in that, described before described server transmission authorization requests, described authentication authority method also comprises: described mobile device and subscriber equipment carry out wireless connections;
Wherein, described subscriber equipment is bound with described mobile device in advance.
7. authentication authority method according to claim 6, is characterized in that, after obtaining the first identification information from described authenticating device, also comprises: mobile device sends the request of acquisition, to obtain the second user profile stored in subscriber equipment to subscriber equipment;
Described mobile device carries described second user profile and the first identification information in described authorization requests.
8. authentication authority method according to claim 1, is characterized in that, described wireless communication signals comprises: wireless blue tooth signal of communication, wireless near field communication signal; Described when described mobile device detects described wireless communication signals, obtain the first identification information from described authenticating device and be specially:
Described mobile device obtains described first identification information by wireless blue tooth communication mode or wireless near field communication mode from described authenticating device.
9. authentication authority method according to claim 1, is characterized in that, when described authentication is passed through, described method also comprises:
Described server sends to described mobile device and authorizes successful information.
10. an authentication and authorization system for user profile, is characterized in that, described authentication and authorization system comprises: mobile device, authenticating device and server;
Described mobile device, for detecting the wireless communication signals that authenticating device sends;
Described mobile device also for, when the described wireless communication signals detected meets pre-conditioned, obtain the first identification information from described authenticating device;
Described mobile device, for according to described first identification information, sends authorization requests to server;
Described server is used for, and according to described authorization requests, carries out authentication to described mobile device;
Described server also for, when authentication by time, send authorization response message to described authenticating device;
Described authenticating device also for, according to described authorization response message to described mobile device Certificate Authority.
11. authentication and authorization systems according to claim 10, is characterized in that, described server also for, send the first identification information preset to described authenticating device.
12. authentication and authorization systems according to claim 10, is characterized in that, described authorization requests comprises the first user information stored in the first identification information and described mobile device; Described server comprises multiple default user profile; Described server specifically for:
Described first user information and multiple described default user profile are mated respectively;
When the match is successful for described first user information and arbitrary described default user profile, described server is verified described first identification information;
When to after being verified of described first identification information, then the authentication of described server to described mobile device is passed through.
13. authentication and authorization systems according to claim 10, is characterized in that, described server also for, when described authentication is obstructed out-of-date, send refuse information to described authenticating device.
14. authentication and authorization systems according to claim 10, it is characterized in that, described mobile device specifically for, when described mobile device detects described wireless communication signals, described mobile device is connected with described authenticating device according to the signal strength signal intensity of described wireless communication signals;
The moving direction of the described mobile device that described mobile device is obtained by communication and the distance between described authenticating device or the relative described authenticating device of described mobile device, when described distance meets predetermined condition with described moving direction, described mobile device obtains described first identification information from described authenticating device.
15. authentication and authorization systems according to claim 10, is characterized in that, described authentication and authorization system also comprises subscriber equipment; Described mobile device also for, carry out wireless connections with described subscriber equipment;
Wherein, described subscriber equipment is bound with described mobile device in advance.
16. authentication and authorization systems according to claim 15, it is characterized in that, after obtaining the first identification information from described authenticating device, mobile device also for, the request of acquisition is sent to subscriber equipment, obtain the second user profile stored in subscriber equipment, in described authorization requests, carry described second user profile and the first identification information to make described mobile device.
17. authentication and authorization systems according to claim 10, is characterized in that, described wireless communication signals comprises: wireless blue tooth signal of communication, wireless near field communication signal; Described mobile device specifically for, from described authenticating device, obtain described first identification information by wireless blue tooth communication mode or wireless near field communication mode.
18. checking authoring systems according to claim 10, is characterized in that, described server also for, when described authentication by time, send to described mobile device and authorize successful information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410764212.7A CN104468582B (en) | 2014-12-11 | 2014-12-11 | Authentication and authorization method and system for user information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410764212.7A CN104468582B (en) | 2014-12-11 | 2014-12-11 | Authentication and authorization method and system for user information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104468582A true CN104468582A (en) | 2015-03-25 |
| CN104468582B CN104468582B (en) | 2021-12-14 |
Family
ID=52913954
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410764212.7A Active CN104468582B (en) | 2014-12-11 | 2014-12-11 | Authentication and authorization method and system for user information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104468582B (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104754056A (en) * | 2015-04-07 | 2015-07-01 | 北京京东尚科信息技术有限公司 | Method and system for sharing of intelligent equipment by multiple users |
| CN105025014A (en) * | 2015-06-18 | 2015-11-04 | 顺丰科技有限公司 | Unmanned aerial vehicle commissioning method, system and device |
| CN105282173A (en) * | 2015-11-10 | 2016-01-27 | 武汉化神科技有限公司 | Bluetooth-based mobile phone authentication remote control system and method |
| CN105515846A (en) * | 2015-12-01 | 2016-04-20 | 浙江宇视科技有限公司 | NVR configuration method and system based on client |
| CN105678872A (en) * | 2015-12-30 | 2016-06-15 | 福建星网锐捷通讯股份有限公司 | Entrance guard manage system, authorization method thereof and entrance guard terminal device |
| CN105871814A (en) * | 2016-03-22 | 2016-08-17 | 燕南国创科技(北京)有限公司 | Method used for authentication and server |
| CN106204817A (en) * | 2016-06-24 | 2016-12-07 | 福建求实智能股份有限公司 | A kind of control method of control of bluetooth access |
| CN106534072A (en) * | 2016-10-13 | 2017-03-22 | 腾讯科技(深圳)有限公司 | User information authorization method, apparatus, equipment and system |
| CN106815516A (en) * | 2017-01-18 | 2017-06-09 | 泰康保险集团股份有限公司 | The access authorization methods and system of user profile |
| CN107333264A (en) * | 2017-08-21 | 2017-11-07 | 上海掌门科技有限公司 | A kind of method and apparatus for being used to carry out user equipment wireless connection pre-authorization |
| CN107396363A (en) * | 2017-08-21 | 2017-11-24 | 上海掌门科技有限公司 | A kind of method and apparatus for being used to carry out user equipment wireless connection pre-authorization |
| CN107545431A (en) * | 2016-06-27 | 2018-01-05 | 李明 | Transaction authorisation method and system and method for commerce and system |
| CN107925881A (en) * | 2015-09-01 | 2018-04-17 | Nec平台株式会社 | Wireless telecom equipment, wireless communication system, appraisal procedure and the non-transitory computer-readable medium having program stored therein |
| CN108023875A (en) * | 2017-11-16 | 2018-05-11 | 广州视源电子科技股份有限公司 | A kind of device authorization method and system |
| CN109544729A (en) * | 2018-10-09 | 2019-03-29 | 日立楼宇技术(广州)有限公司 | Gate control method, device, computer equipment and storage medium |
| CN110111037A (en) * | 2019-04-18 | 2019-08-09 | 顺丰科技有限公司 | Send the management-control method and device of part permission |
| CN111360802A (en) * | 2020-03-03 | 2020-07-03 | 上海有个机器人有限公司 | Control method and system for robot to pass through gate |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060170533A1 (en) * | 2005-02-03 | 2006-08-03 | France Telecom | Method and system for controlling networked wireless locks |
| CN101547024A (en) * | 2008-03-26 | 2009-09-30 | 深圳华为通信技术有限公司 | Method and device for acquiring authorized information, method and device for sending authorized information and authorization system |
| US20130124289A1 (en) * | 2007-11-30 | 2013-05-16 | Blaze Mobile, Inc. | Remote transaction processing using authentication information |
| CN103475480A (en) * | 2013-09-05 | 2013-12-25 | 北京星网锐捷网络技术有限公司 | Certificate authority method and device |
| CN103888265A (en) * | 2014-04-11 | 2014-06-25 | 上海博路信息技术有限公司 | Login system and method based on mobile terminal |
| CN103905401A (en) * | 2012-12-27 | 2014-07-02 | 中国移动通信集团公司 | Identity authentication method and device |
| CN103971435A (en) * | 2014-05-22 | 2014-08-06 | 广东欧珀移动通信有限公司 | Unlocking method, server, mobile terminal, electronic lock and unlocking system |
| CN103985179A (en) * | 2014-05-30 | 2014-08-13 | 深圳市智慧物联网络科技有限公司 | Railway access control equipment and method for railway access control application and management through railway access control equipment |
| CN104077851A (en) * | 2014-07-10 | 2014-10-01 | 天津智博源科技发展有限公司 | Bicycle public renting system and method based on two-dimensional codes |
-
2014
- 2014-12-11 CN CN201410764212.7A patent/CN104468582B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060170533A1 (en) * | 2005-02-03 | 2006-08-03 | France Telecom | Method and system for controlling networked wireless locks |
| US20130124289A1 (en) * | 2007-11-30 | 2013-05-16 | Blaze Mobile, Inc. | Remote transaction processing using authentication information |
| CN101547024A (en) * | 2008-03-26 | 2009-09-30 | 深圳华为通信技术有限公司 | Method and device for acquiring authorized information, method and device for sending authorized information and authorization system |
| CN103905401A (en) * | 2012-12-27 | 2014-07-02 | 中国移动通信集团公司 | Identity authentication method and device |
| CN103475480A (en) * | 2013-09-05 | 2013-12-25 | 北京星网锐捷网络技术有限公司 | Certificate authority method and device |
| CN103888265A (en) * | 2014-04-11 | 2014-06-25 | 上海博路信息技术有限公司 | Login system and method based on mobile terminal |
| CN103971435A (en) * | 2014-05-22 | 2014-08-06 | 广东欧珀移动通信有限公司 | Unlocking method, server, mobile terminal, electronic lock and unlocking system |
| CN103985179A (en) * | 2014-05-30 | 2014-08-13 | 深圳市智慧物联网络科技有限公司 | Railway access control equipment and method for railway access control application and management through railway access control equipment |
| CN104077851A (en) * | 2014-07-10 | 2014-10-01 | 天津智博源科技发展有限公司 | Bicycle public renting system and method based on two-dimensional codes |
Non-Patent Citations (1)
| Title |
|---|
| 王鹃等: "一种基于手机令牌和NFC技术的身份认证系统", 《武汉大学学报(理学版)》 * |
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104754056A (en) * | 2015-04-07 | 2015-07-01 | 北京京东尚科信息技术有限公司 | Method and system for sharing of intelligent equipment by multiple users |
| CN104754056B (en) * | 2015-04-07 | 2018-10-23 | 北京京东尚科信息技术有限公司 | A kind of multiple users share method and system of smart machine |
| CN105025014A (en) * | 2015-06-18 | 2015-11-04 | 顺丰科技有限公司 | Unmanned aerial vehicle commissioning method, system and device |
| CN105025014B (en) * | 2015-06-18 | 2019-02-26 | 顺丰科技有限公司 | Unmanned plane enables method, system and device |
| CN107925881A (en) * | 2015-09-01 | 2018-04-17 | Nec平台株式会社 | Wireless telecom equipment, wireless communication system, appraisal procedure and the non-transitory computer-readable medium having program stored therein |
| CN105282173B (en) * | 2015-11-10 | 2019-04-26 | 武汉化神科技有限公司 | A kind of handset identities verifying tele-control system based on bluetooth |
| CN105282173A (en) * | 2015-11-10 | 2016-01-27 | 武汉化神科技有限公司 | Bluetooth-based mobile phone authentication remote control system and method |
| CN105515846B (en) * | 2015-12-01 | 2019-10-18 | 浙江宇视科技有限公司 | Client-based NVR configuration method and system |
| CN105515846A (en) * | 2015-12-01 | 2016-04-20 | 浙江宇视科技有限公司 | NVR configuration method and system based on client |
| CN105678872A (en) * | 2015-12-30 | 2016-06-15 | 福建星网锐捷通讯股份有限公司 | Entrance guard manage system, authorization method thereof and entrance guard terminal device |
| CN105871814A (en) * | 2016-03-22 | 2016-08-17 | 燕南国创科技(北京)有限公司 | Method used for authentication and server |
| CN106204817B (en) * | 2016-06-24 | 2018-05-01 | 福建求实智能股份有限公司 | A kind of control method of control of bluetooth access |
| CN106204817A (en) * | 2016-06-24 | 2016-12-07 | 福建求实智能股份有限公司 | A kind of control method of control of bluetooth access |
| CN107545431A (en) * | 2016-06-27 | 2018-01-05 | 李明 | Transaction authorisation method and system and method for commerce and system |
| CN106534072A (en) * | 2016-10-13 | 2017-03-22 | 腾讯科技(深圳)有限公司 | User information authorization method, apparatus, equipment and system |
| CN106534072B (en) * | 2016-10-13 | 2019-12-10 | 腾讯科技(深圳)有限公司 | user information authorization method, device, equipment and system |
| CN106815516B (en) * | 2017-01-18 | 2020-11-10 | 泰康保险集团股份有限公司 | User information access authorization method and system |
| CN106815516A (en) * | 2017-01-18 | 2017-06-09 | 泰康保险集团股份有限公司 | The access authorization methods and system of user profile |
| CN107333264A (en) * | 2017-08-21 | 2017-11-07 | 上海掌门科技有限公司 | A kind of method and apparatus for being used to carry out user equipment wireless connection pre-authorization |
| CN107396363A (en) * | 2017-08-21 | 2017-11-24 | 上海掌门科技有限公司 | A kind of method and apparatus for being used to carry out user equipment wireless connection pre-authorization |
| CN107333264B (en) * | 2017-08-21 | 2021-06-15 | 上海掌门科技有限公司 | Method and equipment for carrying out wireless connection pre-authorization on user equipment |
| CN107396363B (en) * | 2017-08-21 | 2021-06-25 | 上海掌门科技有限公司 | Method and equipment for carrying out wireless connection pre-authorization on user equipment |
| CN108023875A (en) * | 2017-11-16 | 2018-05-11 | 广州视源电子科技股份有限公司 | A kind of device authorization method and system |
| CN109544729A (en) * | 2018-10-09 | 2019-03-29 | 日立楼宇技术(广州)有限公司 | Gate control method, device, computer equipment and storage medium |
| CN109544729B (en) * | 2018-10-09 | 2020-12-29 | 日立楼宇技术(广州)有限公司 | Gate control method and device, computer equipment and storage medium |
| CN110111037A (en) * | 2019-04-18 | 2019-08-09 | 顺丰科技有限公司 | Send the management-control method and device of part permission |
| CN111360802A (en) * | 2020-03-03 | 2020-07-03 | 上海有个机器人有限公司 | Control method and system for robot to pass through gate |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104468582B (en) | 2021-12-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104468582A (en) | User information certification authorization method and system | |
| CN112822630B (en) | Data processing method of device and computer-readable storage medium | |
| US9578025B2 (en) | Mobile network-based multi-factor authentication | |
| US8037511B1 (en) | Utilizing a mobile device to operate an electronic locking mechanism | |
| US9248807B2 (en) | Car control system | |
| CN102638468B (en) | The method of protection information transmission security, transmitting terminal, receiving terminal and system | |
| CN110232568B (en) | Mobile payment method, mobile payment device, computer equipment and readable storage medium | |
| CN104202338B (en) | A kind of safety access method being applicable to enterprise-level Mobile solution | |
| CN109819049B (en) | Method, system and device for remotely controlling vehicle | |
| US20070209081A1 (en) | Methods, systems, and computer program products for providing a client device with temporary access to a service during authentication of the client device | |
| US7496948B1 (en) | Method for controlling access to a target application | |
| CN105373919A (en) | Safety certification device and method for user identity based on far and near field data interaction | |
| EP2384038B1 (en) | Method and system for realizing network locking and unlocking by a terminal device | |
| JP2008065829A (en) | Method for updating authority data of access device and service center | |
| CN101523859A (en) | System and method for authenticating remote server access | |
| KR101842009B1 (en) | System and authentication method for vehicle remote key entry | |
| CN105553926A (en) | Authentication method, server, and terminal | |
| CN106330828B (en) | Network security access method and terminal equipment | |
| CN112785734B (en) | Electronic toll collection system and method based on two-way authentication | |
| CN103874065A (en) | Method and device for judging user position abnormity | |
| CN110738776B (en) | Method and system for opening Bluetooth access control, Bluetooth device and working method thereof | |
| CN111901782A (en) | Method, computing device, and medium for managing vehicles | |
| CN102821112A (en) | Mobile equipment, server and mobile equipment data verification method | |
| CN102413466A (en) | Logging-in authentication method for cell phone | |
| GB2573394A (en) | Crypto SIM and method therefor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |