CN104486322B - Terminal access authentication authorization method and terminal access authentication authoring system - Google Patents
Terminal access authentication authorization method and terminal access authentication authoring system Download PDFInfo
- Publication number
- CN104486322B CN104486322B CN201410755407.5A CN201410755407A CN104486322B CN 104486322 B CN104486322 B CN 104486322B CN 201410755407 A CN201410755407 A CN 201410755407A CN 104486322 B CN104486322 B CN 104486322B
- Authority
- CN
- China
- Prior art keywords
- hardware
- terminal device
- certificate server
- identification
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 55
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000004891 communication Methods 0.000 claims description 20
- 238000012795 verification Methods 0.000 claims description 12
- 230000000977 initiatory effect Effects 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
Abstract
Description
Claims (8)
- A kind of 1. terminal access authentication authorization method, applied to a terminal device, it is characterised in that methods described includes:Hardware identification is carried out to the terminal device;If the terminal device carries out software I D verifications by the hardware identification;If software I D check results demonstrate the need for the mandate of certificate server, the terminal device initiates to award to certificate server Power application;If software I D check results show to authorize, directly terminal device is allowed to be accessed;Receive the certification The soft ware authorization feedback that server is sent, wherein, the soft ware authorization is fed back to the certificate server and is directed to the mandate Shen It please generate;When the soft ware authorization feedback received, which characterizes, allows the terminal device to access, the terminal device is recognized from described Demonstrate,prove server and obtain service operation mandate.
- 2. the method as described in claim 1, it is characterised in that it is described to terminal device progress hardware identification, including:Hardware ID verification is carried out to the terminal device, to judge whether to need to initiate hardware system to the certificate server Certification;If judged result demonstrates the need for, to during certificate server initiation hardware system certification, gathering the hard of the terminal device Part attribute information;The hardware attributes information is handled by authentication logic, generates hardware corresponding with the hardware attributes information ID;The hardware ID is sent to the certificate server, the hardware ID is set for the certificate server to the terminal It is standby to carry out hardware identification;The hardware identification feedback of the certificate server feedback is received, the hardware identification is fed back for confirming that the hardware ID is Legal hardware ID or illegal hardware ID, the hardware ID are that the legal hardware ID sign terminal device passes through hardware identification.
- 3. method as claimed in claim 2, it is characterised in that judge whether to need to initiate to the certificate server described After hardware system certification, methods described also includes:If judged result shows that hardware system certification need not be initiated to the certificate server, it is determined that the terminal device Hardware ID be legal hardware ID.
- 4. method as claimed in claim 2 or claim 3, it is characterised in that if the terminal device by hardware identification, to certification Server initiates authorized application, including:If the terminal device carries out software merit rating so that the terminal device by hardware identification to the terminal device Software systems confirm whether the hardware ID is legal hardware ID;When it is legal hardware ID that the software systems, which confirm the hardware ID, the mandate Shen is initiated to the certificate server Please.
- A kind of 5. terminal access authentication authoring system, it is characterised in that including:Hardware identification module, soft ware authorization module, and Communication module;The hardware identification module, for carrying out hardware identification to the terminal device;The soft ware authorization module, if carrying out software I D verifications by the hardware identification for the terminal device;It is if soft Part ID check results demonstrate the need for the mandate of certificate server, then the terminal device initiates authorized application to certificate server; If software I D check results show to authorize, directly terminal device is allowed to be accessed;The communication module, it is additionally operable to receive the soft ware authorization feedback that the certificate server is sent, wherein, the soft ware authorization The certificate server is fed back to for authorized application generation;Allow when the soft ware authorization feedback received characterizes During the terminal device access, the terminal device obtains service operation mandate from the certificate server.
- 6. system as claimed in claim 5, it is characterised in that the system also includes parameter collection module, and the hardware is recognized Demonstrate,prove module to be specifically used for carrying out hardware ID verification to the terminal device, to judge whether to need to send out to the certificate server Play hardware system certification;The parameter collection module, if demonstrating the need for recognizing to certificate server initiation hardware system specifically for judged result During card, the hardware attributes information of the terminal device is gathered;The hardware identification module, be additionally operable to handle the hardware attributes information by authentication logic, generation with it is described Hardware ID corresponding to hardware attributes information;The communication module is called, the hardware ID is sent to the certificate server, institute State hardware ID and be used for the certificate server to terminal device progress hardware identification;The communication module, specifically it is additionally operable to receive the hardware identification feedback of the certificate server feedback, the hardware identification Feed back for confirming that the hardware ID is legal hardware ID or illegal hardware ID, the hardware ID is described in legal hardware ID characterizes Terminal device passes through hardware identification.
- 7. system as claimed in claim 6, it is characterised in that the hardware identification module, if being specifically additionally operable to judged result When showing that hardware system certification need not be initiated to the certificate server, it is determined that the hardware ID of the terminal device is legal Hardware ID.
- 8. system as claimed in claims 6 or 7, it is characterised in that the soft ware authorization module, if specifically for the terminal Equipment then carries out software merit rating by hardware identification to the terminal device so that the software systems of the terminal device confirm Whether the hardware ID is legal hardware ID;And when it is legal hardware ID that the software systems, which confirm the hardware ID, adjust With the communication module authorized application is initiated to the certificate server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410755407.5A CN104486322B (en) | 2014-12-10 | 2014-12-10 | Terminal access authentication authorization method and terminal access authentication authoring system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410755407.5A CN104486322B (en) | 2014-12-10 | 2014-12-10 | Terminal access authentication authorization method and terminal access authentication authoring system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104486322A CN104486322A (en) | 2015-04-01 |
CN104486322B true CN104486322B (en) | 2017-12-26 |
Family
ID=52760826
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410755407.5A Active CN104486322B (en) | 2014-12-10 | 2014-12-10 | Terminal access authentication authorization method and terminal access authentication authoring system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104486322B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108595939A (en) * | 2018-03-15 | 2018-09-28 | 北京雷石天地电子技术有限公司 | A kind of method and system authorizing external equipment permission |
CN109756509B (en) * | 2019-01-24 | 2021-08-06 | 金润方舟科技股份有限公司 | Network authentication system based on information receipt and working method thereof |
CN112149067B (en) * | 2020-09-29 | 2022-10-18 | 济南博观智能科技有限公司 | Software authorization method, terminal equipment, authorization server and storage medium |
WO2022188006A1 (en) * | 2021-03-08 | 2022-09-15 | 华为技术有限公司 | Certificate application method and apparatus |
CN115021936B (en) * | 2022-06-10 | 2023-10-27 | 中国南方电网有限责任公司 | Terminal equipment safety access authentication and authorization method and system of remote site |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101296240A (en) * | 2008-06-20 | 2008-10-29 | 中国移动通信集团北京有限公司 | Authentication method and system for access to wireless network |
CN101299727A (en) * | 2008-06-30 | 2008-11-05 | 中兴通讯股份有限公司 | Traffic mirroring method and system based on user |
CN101938468A (en) * | 2010-08-06 | 2011-01-05 | 四川长虹电器股份有限公司 | Digital content protecting system |
CN102158487A (en) * | 2011-04-01 | 2011-08-17 | 福建星网锐捷网络有限公司 | Network access control method, system and device |
-
2014
- 2014-12-10 CN CN201410755407.5A patent/CN104486322B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101296240A (en) * | 2008-06-20 | 2008-10-29 | 中国移动通信集团北京有限公司 | Authentication method and system for access to wireless network |
CN101299727A (en) * | 2008-06-30 | 2008-11-05 | 中兴通讯股份有限公司 | Traffic mirroring method and system based on user |
CN101938468A (en) * | 2010-08-06 | 2011-01-05 | 四川长虹电器股份有限公司 | Digital content protecting system |
CN102158487A (en) * | 2011-04-01 | 2011-08-17 | 福建星网锐捷网络有限公司 | Network access control method, system and device |
Also Published As
Publication number | Publication date |
---|---|
CN104486322A (en) | 2015-04-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108390851B (en) | Safe remote control system and method for industrial equipment | |
JP6586446B2 (en) | Method for confirming identification information of user of communication terminal and related system | |
US7953391B2 (en) | Method for inclusive authentication and management of service provider, terminal and user identity module, and system and terminal device using the method | |
CN109005155B (en) | Identity authentication method and device | |
EP2304636B1 (en) | Mobile device assisted secure computer network communications | |
CN108123795B (en) | Quantum key chip issuing method, application method, issuing platform and system | |
CN105791272A (en) | Method and device for secure communication in Internet of Things | |
CN105072125B (en) | A kind of http communication system and method | |
CN104486322B (en) | Terminal access authentication authorization method and terminal access authentication authoring system | |
CN108243176B (en) | Data transmission method and device | |
US8397281B2 (en) | Service assisted secret provisioning | |
CN107733636B (en) | Authentication method and authentication system | |
CN101841525A (en) | Secure access method, system and client | |
CN106713279A (en) | Video terminal identity authentication system | |
CN106027251A (en) | Identity card reading terminal and cloud authentication platform data transmission method and system | |
CN106506161A (en) | Method for secret protection and privacy protection device in vehicle communication | |
CN103634265A (en) | Method, device and system for security authentication | |
US10091189B2 (en) | Secured data channel authentication implying a shared secret | |
CN114765534A (en) | Private key distribution system based on national password identification cryptographic algorithm | |
CN106656955A (en) | Communication method and system and user terminal | |
CN101192927A (en) | Authorization based on identity confidentiality and multiple authentication method | |
CN110929231A (en) | Digital asset authorization method and device and server | |
WO2017020530A1 (en) | Enhanced wlan certificate authentication method, device and system | |
CN111224965A (en) | Information interaction method and device | |
CN116132986A (en) | Data transmission method, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: Jiang Yimin Inventor before: Fan Xianchang |
|
COR | Change of bibliographic data | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Terminal access authentication authorization method and terminal access authentication authorization system Effective date of registration: 20181225 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY CO.,LTD. Registration number: 2018420000074 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20200102 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY CO.,LTD. Registration number: 2018420000074 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Terminal access authentication authorization method and terminal access authentication authorization system Effective date of registration: 20200528 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY Co.,Ltd. Registration number: Y2020420000025 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20210603 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY Co.,Ltd. Registration number: Y2020420000025 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Terminal access authentication and authorization method and terminal access authentication and authorization system Effective date of registration: 20210611 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY Co.,Ltd. Registration number: Y2021420000035 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20220615 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2021420000035 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Terminal access authentication and authorization method and terminal access authentication and authorization system Effective date of registration: 20220617 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2022420000164 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20230615 Granted publication date: 20171226 Pledgee: Guanggu Branch of Wuhan Rural Commercial Bank Co.,Ltd. Pledgor: WUHAN OPTICS VALLEY INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2022420000164 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right |