CN104640112B - A kind of identification authentication method, apparatus and system - Google Patents

A kind of identification authentication method, apparatus and system Download PDF

Info

Publication number
CN104640112B
CN104640112B CN201310574590.4A CN201310574590A CN104640112B CN 104640112 B CN104640112 B CN 104640112B CN 201310574590 A CN201310574590 A CN 201310574590A CN 104640112 B CN104640112 B CN 104640112B
Authority
CN
China
Prior art keywords
identification authentication
identification
sent
user terminal
authentication information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310574590.4A
Other languages
Chinese (zh)
Other versions
CN104640112A (en
Inventor
胡育辉
喻欣
王小叶
芦姗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Tencent Computer Systems Co Ltd
Original Assignee
Shenzhen Tencent Computer Systems Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Tencent Computer Systems Co Ltd filed Critical Shenzhen Tencent Computer Systems Co Ltd
Priority to CN201310574590.4A priority Critical patent/CN104640112B/en
Publication of CN104640112A publication Critical patent/CN104640112A/en
Application granted granted Critical
Publication of CN104640112B publication Critical patent/CN104640112B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Abstract

The present invention relates to a kind of identification authentication method, apparatus and systems.In one embodiment, the above method includes: that identification authentication request is sent to authentication server, receive the identification authentication information of authentication server transmission, the identification authentication information sharing is given to multiple other users ends by near-field communication, so that multiple other users end sends confirmation message to authentication server according to the identification authentication information.Above-mentioned identification authentication method, apparatus and system can realize that group authenticates simultaneously by NFC technique, improve authentication efficiency.

Description

A kind of identification authentication method, apparatus and system
Technical field
The present invention relates to field of communication technology more particularly to a kind of identification authentication method, apparatus and system.
Background technique
Identification authentication also known as " authentication ", " verifying " refer to through certain means, complete the confirmation to user identity, and Authorize corresponding right.
In the prior art, predominantly one-to-one that single user is verified and authorized, such as pass through cell phone software, short Letter etc. and user interaction complete verify, and verification mode mainly by identifying code share etc. modes, easily cause user's account Family is dangerous, if after identifying code is stolen or reveals, being easy by other people malicious exploitations, safety is poor.
Summary of the invention
In view of this, the present invention provides a kind of identification authentication method, apparatus and system, group can be realized by NFC technique It authenticates simultaneously, improves authentication efficiency.
Identification authentication method provided in an embodiment of the present invention, comprising:
Identification authentication request is sent to authentication server;Receive the identification authentication information that the authentication server is sent; By near-field communication by the identification authentication information sharing give multiple other users ends so that the multiple other users end according to The identification authentication information sends confirmation message to the authentication server.
Identification authentication method provided in an embodiment of the present invention, comprising:
Receive the identification authentication request that user terminal is sent;Identification authentication information is sent to the user terminal, so that described User terminal gives the identification authentication information sharing to multiple other users ends by near-field communication;Receive the multiple other users Hold the confirmation message sent;According to the confirmation message award the other users end or with the other users end it is associated User's corresponding authority.
Identification authentication device provided in an embodiment of the present invention, comprising:
Transmission unit, for identification authentication request to be sent to authentication server;Receiving unit, for receiving the authentication The identification authentication information that server is sent;Shared cell, for passing through near-field communication for the received body of the receiving unit Part authentication information shares to multiple other users ends, so that the multiple other users end is according to the identification authentication information to institute It states authentication server and sends confirmation message.
Identification authentication device provided in an embodiment of the present invention, comprising:
Receiving unit, for receiving the identification authentication request of user terminal transmission;Transmission unit is used for identification authentication information It is sent to the user terminal, so that the user terminal is used the identification authentication information sharing to multiple other by near-field communication Family end;The receiving unit is also used to receive the confirmation message that the multiple other users end is sent;Authorization unit is used for root According to the confirmation message award the other users end or with the associated user's corresponding authority in the other users end.
Identification authentication system provided in an embodiment of the present invention, comprising:
User terminal and authentication server;
The user terminal receives the authentication server and sends for identification authentication request to be sent to authentication server Identification authentication information, by near-field communication by the identification authentication information sharing give multiple other users ends so that described more A other users end sends confirmation message to the authentication server according to the identification authentication information;The authentication server, For receiving the identification authentication request of user terminal transmission, identification authentication information is sent to the user terminal, so that the user Multiple other users ends are given the identification authentication information sharing to by near-field communication in end, receive the multiple other users end hair The confirmation message sent, according to the confirmation message award the other users end or with the associated user in other users end Corresponding authority.
Identification authentication is requested to send out by identification authentication method, apparatus and system provided in an embodiment of the present invention, a user terminal Authentication server is given, to request the authentication server to carry out identification authentication to user terminal, receives authentication server transmission Identification authentication information, and the identification authentication information sharing is given to multiple other users ends by NFC, so that multiple other users End sends authentication feedback information to the authentication server according to the identification authentication information, in this way, can be by NFC by authentication service The identification authentication information that device is sent is shared between multiple user terminals in short distance, then multiple other users end is according to this Identification authentication information sends confirmation message to the authentication server and is authenticated, and the communication nature of NFC ensure that each user terminal only Identification authentication information can be shared in close distance, therefore improve the safety of transmitting information in authentication process, and And a plurality of clients can be interacted with authentication server simultaneously to complete to authenticate, and improve authentication efficiency.
For above and other objects, features and advantages of the invention can be clearer and more comprehensible, preferred embodiment is cited below particularly, And cooperate institute's accompanying drawings, it is described in detail below.
Detailed description of the invention
Fig. 1 is the running environment schematic diagram of identification authentication method in the embodiment of the present invention;
Fig. 2 is a kind of structural block diagram of terminal device;
Fig. 3 is the flow chart for the identification authentication method that first embodiment of the invention provides;
Fig. 4 is the flow chart for the identification authentication method that second embodiment of the invention provides;
Fig. 5 is the flow chart of identification authentication method in third embodiment of the invention;
Fig. 6 is the flow chart of identification authentication method in fourth embodiment of the invention;
Fig. 7 is the first application scenarios schematic diagram of identification authentication method in the embodiment of the present invention;
Fig. 8 is the second application scenarios schematic diagram of identification authentication method in the embodiment of the present invention;
Fig. 9 is the third application scenarios schematic diagram of identification authentication method in the embodiment of the present invention;
Figure 10 is the flow chart for the identification authentication method that fifth embodiment of the invention provides;
Figure 11 is the flow chart for the identification authentication method that sixth embodiment of the invention provides;
Figure 12 is the schematic diagram for the identification authentication device that seventh embodiment of the invention provides;
Figure 13 is the schematic diagram for the identification authentication device that eighth embodiment of the invention provides;
Figure 14 is the schematic diagram for the identification authentication device that ninth embodiment of the invention provides;
Figure 15 is the schematic diagram for the identification authentication device that tenth embodiment of the invention provides;
Figure 16 is the schematic diagram for the identification authentication system that eleventh embodiment of the invention provides.
Specific embodiment
Further to illustrate that the present invention is the technical means and efficacy realizing predetermined goal of the invention and being taken, below in conjunction with Attached drawing and preferred embodiment, to specific embodiment, structure, feature and its effect according to the present invention, detailed description is as follows.
Near-field communication (Near Field Communication, NFC) is a kind of non-contact radio-frequency identification and interconnection skill Art can operate in short distance, pass through radiofrequency signal automatic identification target object and obtain related data therefore, Ke Yi Wireless near field communication is carried out between mobile device, personal computer and intelligent electronic device (such as access controller, intelligent door lock), It is patched without cable.
The embodiment of the present invention provides a kind of identification authentication method based on near-field communication technology.It refering to fig. 1, is above-mentioned Method running environment schematic diagram.As shown in Figure 1:
Authentication server 101, for issuing authentication information to the first user terminal 103 of near field group 102, and near field group The confirmation message that the first user terminal 103, second user end 104, third user terminal 105 in group, fourth user end 106 are submitted into Whether row authentication, identification are safety legal user terminals and its operation;
Near field group 102, for a plurality of clients connected by NFC, including the first user terminal 103, second user End 104, third user terminal 105,106 any one user terminal of fourth user end request authentication to authentication server 101, and connect The authentication message that authentication server 101 is sent is received, the authentication message is then shared to by other users end by NFC.
The present embodiment provides a kind of identification authentication methods, can be used in electronic apparatus 200 shown in Fig. 2.It is mobile Electronic device 200 includes memory 202, storage control 204, one or more (one is only shown in figure) processors 206, outer If interface 208, radio-frequency module 210, Touch Screen 212, key module 214 and near-field communication module 216.These components pass through One or more communication bus/signal wire 222 mutually communicates.
It is appreciated that structure shown in Fig. 2 is only to illustrate, electronic apparatus 200 may also include more than shown in Fig. 2 Perhaps less component or with the configuration different from shown in Fig. 2.Each component shown in Fig. 2 can use hardware, software Or combinations thereof realize.
Memory 202 can be used for storing software program and module, as in the embodiment of the present invention in electronic apparatus Corresponding program instruction/the module of interior application rights management method and device, processor 202 are stored in memory 204 by operation Interior software program and module is realized above-mentioned in mobile electron thereby executing various function application and data processing The identification authentication method of authentication efficiency is improved in device.
Memory 202 may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic Property storage device, flash memory or other non-volatile solid state memories.In some instances, memory 202 can further comprise The memory remotely located relative to processor 206, these remote memories can pass through network connection to electronic apparatus 200.The example of above-mentioned network includes but is not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.Place Reason device 206 and other possible components can carry out the access of memory 202 under the control of storage control 204.
Various input/output devices are couple CPU and memory 202 by Peripheral Interface 208.The operation of processor 206 is deposited Various softwares, instruction in reservoir 202 are to execute the various functions of electronic apparatus 200 and carry out data processing.
In some embodiments, Peripheral Interface 208, processor 206 and storage control 204 can be in one single chips It realizes.In some other example, they can be realized by independent chip respectively.
Radio-frequency module 210 is used to receive and transmit electromagnetic wave, realizes the mutual conversion of electromagnetic wave and electric signal, thus with Communication network or other equipment are communicated.Radio-frequency module 210 may include various existing for executing the electricity of these functions Circuit component, for example, antenna, RF transceiver, digital signal processor, encryption/deciphering chip, subscriber identity module (SIM) card, Memory etc..Radio-frequency module 210 can be communicated or be led to various networks such as internet, intranet, wireless network Wireless network is crossed to be communicated with other equipment.Above-mentioned wireless network may include cellular telephone networks, WLAN or Metropolitan Area Network (MAN).Various communication standards, agreement and technology can be used in above-mentioned wireless network, and including but not limited to the whole world is mobile logical Letter system (Global System for Mobile Communication, GSM), enhanced mobile communication technology (Enhanced Data GSM Environment, EDGE), Wideband CDMA Technology (wideband code division Multiple access, W-CDMA), Code Division Multiple Access (Code division access, CDMA), time division multiple access technology (time division multiple access, TDMA), bluetooth, adopting wireless fidelity technology (Wireless, Fidelity, WiFi) (such as American Institute of Electrical and Electronics Engineers's standard IEEE 802.11a, IEEE802.11b, IEEE802.11g and/or IEEE802.11n), the networking telephone (Voice over internet protocal, VoIP), worldwide interoperability for microwave accesses (Worldwide Interoperability for Microwave Access, Wi-Max), other be used for mail, Instant Messenger The agreement and any other suitable communications protocol of news and short message, or even may include that those are not developed currently yet Agreement.
Touch Screen 212 provides an output and input interface simultaneously between electronic apparatus 200 and user.Specifically Ground, Touch Screen 212 to user show video output, these videos output content may include text, figure, video and its Any combination.Some outputs are the result is that correspond to some user interface objects.Touch Screen 212 also receives the input of user, example The click of such as user, sliding gesture operation, so that user interface object responds the input of these users.Detect user The technology of input can be based on resistance-type, condenser type or any other possible touch control detection technology.Touch Screen 212 is aobvious The specific example for showing unit includes but is not limited to liquid crystal display or light emitting polymer displays.
Key module 214 equally provides user's interface inputted to electronic apparatus 200, and user can be by pressing Lower different key is so that electronic apparatus 200 executes different functions.
Near-field communication module 216 is used to provide the interface for realizing near-field communication, and user can pass through near-field communication module 216 Short-range near-field communication is carried out with other users equipment to realize data exchange.
First embodiment
Refering to Fig. 3, the method for the present embodiment the following steps are included:
Identification authentication request is sent to authentication server by step 301;
When user will obtain a certain authorization, need that this is requested to authorize to authentication server 101, then the first user terminal 103 After the request for receiving user, identification authentication request is sent to authentication server 101, requests authentication server 101 to user End carries out identification authentication.
Step 302, the identification authentication information for receiving authentication server transmission;
After authentication server 101 receives the identification authentication request of the first user terminal 103 transmission, to the first user terminal 103 Identification authentication information is sent, which, which can be, requires authenticator to return to the confirmation message for being used for identification authentication, should User terminal receives the identification authentication information that authentication server 101 is sent.
Step 303 gives the identification authentication information sharing to multiple other users ends by NFC, so that other multiple use Family end sends confirmation message to the authentication server according to the identification authentication information.
The identification authentication information is sent to second user end 104, third user terminal by NFC by the first user terminal 103 105, fourth user end 106 is realized shared, so that this multiple other users end is according to the identification authentication information to authentication server 101 send the confirmation message for being used for identification authentication, the confirmation message with the identification authentication information be it is corresponding, such as the identification authentication Information is that the first user terminal 103 is required to return to identification information, then the confirmation message is the identification information.Generally Ground, second user end 104, third user terminal 105, fourth user end 106 are close at a distance from the first user terminal 103, the distance Information can be transmitted by NFC by meeting.
In the embodiment of the present invention, user terminal can be by the identification authentication information that NFC sends authentication server in low coverage It is shared between interior multiple user terminals, multiple other users end is sent out according to the identification authentication information to the authentication server Confirmation message is sent to be authenticated, the communication nature of NFC ensure that each user terminal may only share identity mirror in close distance Information is weighed, therefore improves in authentication process the safety of transmitting information, and a plurality of clients can simultaneously and authentication service Device interaction improves authentication efficiency to complete to authenticate.
Second embodiment
Referring to Fig. 4, Fig. 4 is the second embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with Fig. 3 institute The first embodiment of the identification authentication method shown the difference is that, by NFC by the identification authentication information sharing in step 303 Include: to multiple other users ends
Step 403, identification open the target user end of NFC function;
After first user terminal 103 opens NFC function, the target user end for opening NFC function, the target user end can recognize As open the user terminal of NFC function.
A user terminal group is established at step 404, all target user ends that will identify that;
In a certain distance, the first user terminal 103 can identify multiple target user ends by NFC, will identify that A user terminal group is established at all target user ends.For example, the user terminal identifies 3 target user ends second user end 104, a user terminal group is then established, by the use in 3 target user ends by third user terminal 105, fourth user end 106 Hu Duan group is named as " near field group ".
Step 405, all target user ends being sent to the identification authentication information by NFC in the user terminal group;
The received identification authentication information is sent to all target user ends in the user terminal group, example by NFC Such as, 4 target user ends in the group of near field are sent to.
In the embodiment of the present invention, a user terminal group is established at all target user ends that user terminal will identify that, passes through The identification authentication information is sent to all target user ends in the user terminal group by NFC, is realized and is shared identity mirror in group Information is weighed, authentication efficiency is improved.
3rd embodiment
Referring to Fig. 5, Fig. 5 is the 3rd embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with Fig. 3 institute The first embodiment of the identification authentication method shown the difference is that, the present embodiment can further include:
The confirmation message for being used to carry out identification authentication is sent to the authentication server to carry out user identity by step 504 Authentication.
The confirmation message for being used to carry out identification authentication is sent to authentication server 101 to use by the first user terminal 103 Family identification authentication.
The execution sequence of step 504 is not limited by embodiment description in the present embodiment, can pass through NFC for the identity Authentication information executes before sharing to multiple other users ends.
In the embodiment of the present invention, the identification authentication information that a user terminal is sent authentication server by NFC is in low coverage Shared between interior multiple user terminals, a plurality of clients including the user terminal according to the identification authentication information to this Authentication server sends confirmation message and is authenticated, in this way, a plurality of clients can be interacted with authentication server to complete to reflect simultaneously Power improves authentication efficiency.And the short haul connection property of NFC ensure that each user terminal shares identity mirror in close distance Information is weighed, the safety of transmitting information is improved in authentication process.
Fourth embodiment
Referring to Fig. 6, Fig. 6 is the fourth embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with Fig. 3 institute The first embodiment of the identification authentication method shown the difference is that, the present embodiment can further include:
The identification authentication information received can be included in interaction request by step 604, the user terminal, which is asked It asks and authentication server is sent to by network or other users end is sent to by near-field communication.
The identification authentication information received can be included in interaction request by the first user terminal 103, by the interaction request It is sent to authentication server 101 by network, or second user end 103, third user terminal the 104, the 4th are sent to by NFC User terminal 105.
Specifically, the first user terminal 103, second user end 104, third user terminal 105, fourth user end 106 can be direct The permission of identification authentication information acquisition certain network service returned using the authentication server 101 shared, for example, into certain A Web conference room.To hold the identification authentication information at this point, the identification authentication information can be used as a kind of " franchise code " User terminal obtains certain authorization.Specific application scenarios schematic diagram, referring to Fig. 7, authentication server 101 licenses to the first user terminal 103 can enter Web conference room 707, and authorization message is notified that, to Web conference room 707, the first user terminal 103 then passes through body Part authentication information enters Web conference room 707.Alternatively, the first user terminal 103 asks the interaction comprising the identification authentication information Ask other users end second user end 104, third user terminal 105, the fourth user end being sent in the group of near field by NFC 106, so that other users end can also enter Web conference room 707 by the identification authentication information.
First user terminal 103, second user end 104, third user terminal 105, fourth user end 106 are being used for identification authentication The confirmation message in include its own identity code, such as the NFC device ID of user terminal, authentication server 101 receives Certain equipment, such as intelligent door lock are issued to after to the identity code, then other users end, which is authorized to, opens intelligent door lock.Tool The application scenarios schematic diagram of body, referring to Fig. 8, itself NFC device ID can be included in confirmation message by the first user terminal 103 to be passed through Network is sent to authentication server 101, and authentication server 101, which licenses to the first user terminal 103, can open intelligent door lock 807, together Shi Baocun NFC device ID, and the corresponding relationship of the permission of unlatching and NFC device ID is notified to intelligent door lock 807, the first user End 103 can then open intelligent door lock 807.Alternatively, the interaction request is sent near field group by NFC by the first user terminal 103 In other users end second user end 104, third user terminal 105, fourth user end 106 so that other users end can also be with Intelligent door lock 807 can be opened.
First user terminal 103, second user end 104, third user terminal 105, fourth user end 106 are being used for identification authentication The confirmation message in include its own identity code, such as the account number of some network service, authentication server 101 receives Certain permission of account is authorized after to the identity code, when so that user terminal being serviced after being logged in using the account using the network Obtain rights that have been granted.Specific application scenarios schematic diagram, referring to Fig. 9, what the first user terminal 103 can service some network Account number is included in confirmation message and is sent to authentication server 101 by network, and authentication server 101 licenses to the first user terminal 103 corresponding permissions, and the permission and the account corresponding relationship of the network service are notified into network server 907, the first user After end 103 is logged in by the account, network server 907 can be given when the first user terminal 103 is serviced using the network and obtain quilt The permission authorized.Alternatively, the interaction request is sent to the other users end in the group of near field by the first user terminal 103 by NFC Second user end 104, third user terminal 105, fourth user end 106, so that other users end can also be serviced using the network When obtain rights that have been granted.
In the embodiment of the present invention, which can be included in the identification authentication information received in interaction request, will The interaction request is sent to authentication server by network or is sent to other users end by near-field communication, to obtain authorization Or other users end is made to obtain authorization, further increase acquisition efficiency.
5th embodiment
Referring to Fig. 10, the 5th embodiment of the identification authentication method in the embodiment of the present invention includes:
Step 1001 receives the identification authentication request that user terminal is sent;
Authentication server receives the identification authentication request that user terminal is sent, and identification authentication request is for requesting the authentication to take Device be engaged in user terminal progress identification authentication.
Identification authentication information is sent to the user terminal by step 1002, so that the user terminal passes through near-field communication for the body Part authentication information shares to multiple other users ends;
Identification authentication information is sent to the user terminal by authentication server, so that the user terminal is reflected the identity by NFC Information sharing is weighed to multiple other users ends, and multiple other users end can be according to the identification authentication information to the authentication service Device sends the confirmation message for being used for identification authentication.
Step 1003 receives the confirmation message that multiple other users end is sent;
Authentication server receives the confirmation message for identification authentication that multiple other users end is sent.
Step 1004, awarded according to the confirmation message other users end or with the associated user's phase in the other users end Answer permission.
According to the different content of confirmation message, authentication server is awarded the other users end or is closed with the other users end User's corresponding authority of connection.
In the embodiment of the present invention, authentication server receives the identification authentication request that user terminal is sent, and identification authentication is believed Breath is sent to the user terminal, so that the user terminal gives the identification authentication information sharing to multiple other users ends, NFC by NFC Communication nature ensure that each user terminal may only share identification authentication information in close distance, therefore in authentication process The safety for improving transmitting information receives the confirmation message for identification authentication that multiple other users end is sent, and root According to the confirmation message award the other users end or with the associated user's corresponding authority in the other users end, in this way, multiple use Family end can be interacted with authentication server to complete to authenticate simultaneously, and authentication efficiency can be improved.
Sixth embodiment
Figure 11 is please referred to, Figure 11 is the sixth embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with figure 5th embodiment of identification authentication method shown in 10 the difference is that, step step 1003 receives multiple other users end Include: after the confirmation message of transmission
Step 1104 carries out identification authentication to multiple other users end according to the confirmation message.
After receiving the confirmation message that multiple other users end is sent, authentication server is more to this according to the confirmation message A other users end carries out identification authentication.
Step 1004 according to the confirmation message award the other users end or with the associated user's phase in the other users end The permission is answered to may include:
The mark at the other users end is sent to terminal device by step 1105, should to authorize other users end access The permission of terminal device, and the permission that the user is marked in corresponding database or configuration file is serviced in network.
The mark at the other users end is sent to terminal device by authentication server, should to authorize other users end access The permission of terminal device authorizes other users terminal unlatching for example, the mark at the other users end is sent to intelligent door lock The permission of the intelligent door lock.And the permission that the user is marked in corresponding database or configuration file is serviced in network, pass through one Sub-authorization makes the user be used multiple times the permission, simplifies authorisation step, saves the time.
In the embodiment of the present invention, authentication server receives the identification authentication request that user terminal is sent, and identification authentication is believed Breath is sent to the user terminal, so that the user terminal gives the identification authentication information sharing to multiple other users ends, NFC by NFC Communication nature ensure that each user terminal may only share identification authentication information in close distance, therefore in authentication process The safety for improving transmitting information receives the confirmation message for identification authentication that multiple other users end is sent, authentication Server carries out identification authentication to multiple other users end according to the confirmation message, and the mark at the other users end is sent To terminal device, to authorize the permission that the other users end accesses the terminal device, in this way, a plurality of clients can simultaneously with authentication Authentication efficiency can be improved to complete to authenticate in server interaction.And it services in corresponding database or configuration file and marks in network The permission of the user simplifies authorisation step, saves the time.
7th embodiment
Figure 12 is please referred to, the identification authentication device in the embodiment of the present invention includes:
Transmission unit 1201, for identification authentication request to be sent to authentication server;
Receiving unit 1202, for receiving the identification authentication information of authentication server transmission;
Shared cell 1203, for being given the received identification authentication information sharing of receiving unit 502 by near-field communication Multiple other users ends, so that multiple other users end sends confirmation letter to the authentication server according to the identification authentication information Breath.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refers to 3 institute of earlier figures The specific descriptions for showing embodiment, do not repeat herein.
In the embodiment of the present invention, identification authentication request is sent to authentication server by transmission unit 1201, to request the mirror It weighs server and carries out identification authentication, receiving unit 1202 receives the identification authentication information that the authentication server is sent, shared cell 1203 give the identification authentication information sharing to multiple other users ends by NFC, so that multiple other users end is according to the body Part authentication information sends authentication feedback information to the authentication server, in this way, the body that can be sent authentication server by NFC Part authentication information is shared between multiple user terminals in short distance, then multiple other users end is believed according to the identification authentication It ceases and is authenticated to authentication server transmission confirmation message, the communication nature of NFC ensure that each user terminal may only be close Distance in share identification authentication information, therefore improve in authentication process the safety of transmitting information, and multiple users End can be interacted with authentication server simultaneously to complete to authenticate, and improve authentication efficiency.
8th embodiment
Please refer to Figure 13, Figure 13 is the schematic diagram of the identification authentication device in eighth embodiment of the invention, the present embodiment with 7th embodiment shown in Figure 12 the difference is that:
Shared cell 1203 may further include:
Recognition unit 1204 opens the target user end of near field communication (NFC) function for identification;
Unit 1205 is established, a user terminal group is established at all target user ends for identifying recognition unit 1204 Group;
Information unit 1206 is sent, all targets being sent to the identification authentication information in the user terminal group are also used to User terminal.
Further, transmission unit 1101 are also used to the confirmation message for being used to carry out identification authentication being sent to the authentication Server is to carry out subscriber identity authentication.
Transmission unit 1201 is also used to for the identification authentication information being included in interaction request, and the interaction request is led to Network is crossed to be sent to the authentication server or be sent to other users end by near-field communication.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refer to earlier figures 3 to The specific descriptions of embodiment illustrated in fig. 6, do not repeat herein.
In the embodiment of the present invention, the target user end of near field communication (NFC) function is opened in the identification of recognition unit 1204, establishes unit A user terminal group is established at the 1205 all target user ends that will identify that, sends information unit 1206 and passes through NFC for the body Part authentication information is sent to all target user ends in the user terminal group, realizes and shares identification authentication information in group, mentions High authentication efficiency.Also, the identification authentication information received can be included in interaction request by the user terminal of transmission unit 1201 In, which is sent to authentication server by network or other users end is sent to by near-field communication, to obtain It takes authorization or other users end is made to obtain authorization, further increase acquisition efficiency.
9th embodiment
Figure 14 is please referred to, the identification authentication device in the embodiment of the present invention includes:
Receiving unit 1401, for receiving the identification authentication request of user terminal transmission;
Transmission unit 1402, for identification authentication information to be sent to the user terminal, so that the user terminal is logical by near field Letter gives the identification authentication information sharing to multiple other users ends;
Receiving unit 1401 is also used to receive the confirmation message that multiple other users end is sent;
Authorization unit 1403, for awarding the other users end according to the confirmation message or being associated with the other users end User's corresponding authority.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refers to 10 institute of earlier figures The specific descriptions for showing embodiment, do not repeat herein.
In the embodiment of the present invention, receiving unit 1401 receives the identification authentication request that user terminal is sent, transmission unit 1402 Identification authentication information is sent to the user terminal so that the user terminal by NFC by the identification authentication information sharing to it is multiple its His user terminal, the communication nature of NFC ensure that each user terminal may only share identification authentication information in close distance, therefore The safety of transmitting information is improved in authentication process, receiving unit 1401 receives being used for for multiple other users end transmission The confirmation message of identification authentication, authorization unit 1403 according to the confirmation message award the other users end or with the other users Associated user's corresponding authority is held, in this way, a plurality of clients can be interacted with authentication server to complete to authenticate simultaneously, mirror can be improved Weigh efficiency.
Tenth embodiment
Please refer to Figure 15, Figure 15 is the schematic diagram of the identification authentication device in tenth embodiment of the invention, the present embodiment with Tenth embodiment shown in Figure 14 the difference is that, the device further include:
Authenticating unit 1404, for carrying out identification authentication to multiple other users end according to the confirmation message.
Further, authorization unit 1403 are also used to the mark at the other users end being sent to terminal device, to authorize The other users end accesses the permission of the terminal device.
Identification authentication device in the present embodiment can further include:
Marking unit 1405, for servicing the permission for marking the user in corresponding database or configuration file in network.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refer to earlier figures 14 and The specific descriptions of embodiment illustrated in fig. 15, do not repeat herein.
In the embodiment of the present invention, receiving unit 1401 receives the identification authentication request that user terminal is sent, transmission unit 1402 Identification authentication information is sent to the user terminal so that the user terminal by NFC by the identification authentication information sharing to it is multiple its His user terminal, the communication nature of NFC ensure that each user terminal may only share identification authentication information in close distance, therefore The safety of transmitting information is improved in authentication process, receiving unit 1401 receives being used for for multiple other users end transmission The confirmation message of identification authentication, authenticating unit 1404 carry out identification authentication to multiple other users end according to the confirmation message, And the mark at the other users end is sent to terminal device, to authorize the permission that the other users end accesses the terminal device, In this way, a plurality of clients can be interacted with authentication server to complete to authenticate simultaneously, authentication efficiency can be improved.Marking unit 1405 exists Network services the permission that the user is marked in corresponding database or configuration file, simplifies authorisation step, saves the time.
11st embodiment
Figure 16 is please referred to, the identification authentication system in the embodiment of the present invention includes:
User terminal 1601 and authentication server 1602;
User terminal 1601 receives authentication server 1602 for identification authentication request to be sent to authentication server 1602 The identification authentication information of transmission gives the identification authentication information sharing to multiple other users ends by near-field communication, so that this is more A other users end sends confirmation message to authentication server 1602 according to the identification authentication information;
Authentication server 1602 sends out identification authentication information for receiving the identification authentication request of the transmission of user terminal 1601 User terminal 1601 is given, so that user terminal 1601 gives the identification authentication information sharing to multiple other users by near-field communication End receives the confirmation message that multiple other users end is sent, according to the confirmation message award the other users end or with this The associated user's corresponding authority in other users end.
Each device realizes the process of respective function in identification authentication system in the present embodiment, refers to earlier figures 2 to Figure 15 The specific descriptions of illustrated embodiment, do not repeat herein.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other. For device class embodiment, since it is basically similar to the method embodiment, so being described relatively simple, related place ginseng See the part explanation of embodiment of the method.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that process, method, article or device including a series of elements are not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or device Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that There is also other identical elements in process, method, article or device including the element.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The above described is only a preferred embodiment of the present invention, be not intended to limit the present invention in any form, though So the present invention has been disclosed as a preferred embodiment, and however, it is not intended to limit the invention, any technology people for being familiar with this profession Member, without departing from the scope of the present invention, when the technology contents using the disclosure above are modified or are modified It is right according to the technical essence of the invention for the equivalent embodiment of equivalent variations, but without departing from the technical solutions of the present invention Any simple modification, equivalent change and modification made by above embodiments, all of which are still within the scope of the technical scheme of the invention.

Claims (16)

1. a kind of identification authentication method characterized by comprising
Identification authentication request is sent to authentication server;
The identification authentication information that the authentication server is sent is received, the identification authentication information is to require authenticator to return to be used for The confirmation message of identification authentication, the confirmation message include the identity code of user terminal itself;
The identification authentication information sharing is given to multiple other users ends by near-field communication, so that the multiple other users end Confirmation message is sent to the authentication server according to the identification authentication information, makes the authentication server according to the confirmation letter Breath award the other users end or with the associated user's corresponding authority in the other users end;
Any user end for carrying out near-field communication can request to authenticate to authentication server, and receive the body of authentication server transmission Part authentication information, gives the identification authentication information sharing to other users end by near-field communication.
2. the method according to claim 1, wherein described be total to the identification authentication information by near-field communication It enjoys and includes: to multiple other users ends
The target user end of near field communication (NFC) function is opened in identification;
A user terminal group is established at all target user ends that will identify that;
The identification authentication information is sent to all target user ends in the user terminal group by near-field communication.
3. the method according to claim 1, wherein further include:
The confirmation message for being used to carry out identification authentication is sent to the authentication server to carry out subscriber identity authentication.
4. the method according to claim 1, wherein further include:
The identification authentication information is included in interaction request, and the interaction request is sent to the authentication by network Server is sent to other users end by near-field communication.
5. a kind of identification authentication method characterized by comprising
Receive the identification authentication request that user terminal is sent;
Identification authentication information is sent to the user terminal, so that the user terminal is believed the identification authentication by near-field communication Breath shares to multiple other users ends, and the identification authentication information is that authenticator is required to return to the confirmation letter for being used for identification authentication Breath, the confirmation message include the identity code of user terminal itself, and any user end for carrying out near-field communication can be to authentication Server request authentication, and the identification authentication information of authentication server transmission is received, by near-field communication by the identification authentication Other users end is given in information sharing;
Receive the confirmation message that the multiple other users end is sent;
According to the confirmation message award the other users end or with the associated user's corresponding authority in the other users end.
6. according to the method described in claim 5, it is characterized in that, the confirmation for receiving the multiple other users end and sending Include: after information
Identification authentication is carried out to the multiple other users end according to the confirmation message.
7. according to the method described in claim 5, it is characterized in that, the other users end corresponding authority of awarding includes:
The mark at the other users end is sent to terminal device, accesses the terminal device to authorize the other users end Permission.
8. according to the described in any item methods of claim 5 to 7, which is characterized in that described award is closed with the other users end User's corresponding authority of connection includes:
The permission that the user is marked in corresponding database or configuration file is serviced in network.
9. a kind of identification authentication device characterized by comprising
Transmission unit, for identification authentication request to be sent to authentication server;
Receiving unit, the identification authentication information sent for receiving the authentication server, the identification authentication information are to require Authenticator returns to the confirmation message for being used for identification authentication, and the confirmation message includes the identity code of user terminal itself;
Shared cell, for by near-field communication by the received identification authentication information sharing of the receiving unit to it is multiple its His user terminal, so that the multiple other users end sends confirmation letter to the authentication server according to the identification authentication information Breath, make the authentication server according to the confirmation message award the other users end or with the associated user in the other users end Corresponding authority;Any user end for carrying out near-field communication can request to authenticate to authentication server, and receive authentication server hair The identification authentication information sent gives the identification authentication information sharing to other users end by near-field communication.
10. device according to claim 9, which is characterized in that the shared cell includes:
Recognition unit opens the target user end of near field communication (NFC) function for identification;
Unit is established, a user terminal group is established at all target user ends for identifying the recognition unit;
Information unit is sent, all target users being sent to the identification authentication information in the user terminal group are also used to End.
11. device according to claim 9 or 10, which is characterized in that
The transmission unit is also used to the confirmation message for being used to carry out identification authentication being sent to the authentication server to carry out Subscriber identity authentication;
The transmission unit is also used to for the identification authentication information being included in interaction request, and the interaction request is led to Network is crossed to be sent to the authentication server or be sent to other users end by near-field communication.
12. a kind of identification authentication device characterized by comprising
Receiving unit, for receiving the identification authentication request of user terminal transmission;
Transmission unit, for identification authentication information to be sent to the user terminal, so that the user terminal will by near-field communication Multiple other users ends are given in the identification authentication information sharing, and the identification authentication information is that authenticator is required to return for identity The confirmation message of authentication, the confirmation message include the identity code of user terminal itself, carry out any user of near-field communication End can request to authenticate to authentication server, and receive the identification authentication information of authentication server transmission, will by near-field communication Other users end is given in the identification authentication information sharing;
The receiving unit is also used to receive the confirmation message that the multiple other users end is sent;
Authorization unit, for according to the confirmation message award the other users end or with the other users end it is associated User's corresponding authority.
13. device according to claim 12, which is characterized in that described device further include:
Authenticating unit, for carrying out identification authentication to the multiple other users end according to the confirmation message.
14. device according to claim 12, which is characterized in that
The authorization unit is also used to the mark at the other users end being sent to terminal device, to authorize other described use Family end accesses the permission of the terminal device.
15. 2 to 14 described in any item devices according to claim 1, which is characterized in that
Marking unit, for servicing the permission for marking the user in corresponding database or configuration file in network.
16. a kind of identification authentication system characterized by comprising
User terminal and authentication server;
The user terminal receives the authentication server and sends for identification authentication request to be sent to the authentication server Identification authentication information, by near-field communication by the identification authentication information sharing give multiple other users ends so that described more A other users end sends confirmation message, the identification authentication information to the authentication server according to the identification authentication information To require authenticator to return to the confirmation message for identification authentication, the confirmation message includes the identification of user terminal itself Code, any user end for carrying out near-field communication can request to authenticate to authentication server, and receive the body of authentication server transmission Part authentication information, gives the identification authentication information sharing to other users end by near-field communication;
The authentication server, the identification authentication request sent for receiving the user terminal, identification authentication information is sent to The user terminal, so that the user terminal gives the identification authentication information sharing to multiple other users ends by near-field communication, Receive the confirmation message that the multiple other users end is sent, according to the confirmation message award the other users end or with The associated user's corresponding authority in other users end.
CN201310574590.4A 2013-11-15 2013-11-15 A kind of identification authentication method, apparatus and system Active CN104640112B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310574590.4A CN104640112B (en) 2013-11-15 2013-11-15 A kind of identification authentication method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310574590.4A CN104640112B (en) 2013-11-15 2013-11-15 A kind of identification authentication method, apparatus and system

Publications (2)

Publication Number Publication Date
CN104640112A CN104640112A (en) 2015-05-20
CN104640112B true CN104640112B (en) 2019-01-11

Family

ID=53218318

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310574590.4A Active CN104640112B (en) 2013-11-15 2013-11-15 A kind of identification authentication method, apparatus and system

Country Status (1)

Country Link
CN (1) CN104640112B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105025039B (en) * 2015-08-18 2018-09-14 宇龙计算机通信科技(深圳)有限公司 Auth method, terminal and server
CN105681291B (en) * 2016-01-07 2019-07-09 锐达互动科技股份有限公司 A kind of realization multi-client uniform authentication method and system
CN106815685A (en) * 2017-01-22 2017-06-09 杭州纳戒科技有限公司 Full industrial chain is shared in the benefit the construction method and system of contract
CN109410384B (en) * 2018-09-26 2020-10-27 郑州轻工业学院 Safety management system
CN111882842B (en) * 2020-08-04 2022-12-02 珠海格力电器股份有限公司 Early warning method of sharing equipment and sharing equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1420659A (en) * 2001-10-31 2003-05-28 雅马哈株式会社 Method and apparatus for authenticating and veritying user and computer over network
WO2010060242A1 (en) * 2008-11-27 2010-06-03 中兴通讯股份有限公司 An authentication method for the mobile terminal and a system thereof
CN101911581A (en) * 2007-11-30 2010-12-08 三星电子株式会社 Method and system for secure communication in near field communication network
CN102647291A (en) * 2011-02-17 2012-08-22 三星电子(中国)研发中心 Intelligent multidevice management method based on account group
CN102685025A (en) * 2011-03-17 2012-09-19 深圳市同洲软件有限公司 Multi-terminal service switching method, terminal and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8024811B2 (en) * 2006-01-19 2011-09-20 Research In Motion Limited System and method for secure PIN exchange
KR20130027930A (en) * 2011-09-08 2013-03-18 주식회사 팬택 Nfc terminal and data synchronizing method between nfc terminals

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1420659A (en) * 2001-10-31 2003-05-28 雅马哈株式会社 Method and apparatus for authenticating and veritying user and computer over network
CN101911581A (en) * 2007-11-30 2010-12-08 三星电子株式会社 Method and system for secure communication in near field communication network
WO2010060242A1 (en) * 2008-11-27 2010-06-03 中兴通讯股份有限公司 An authentication method for the mobile terminal and a system thereof
CN102647291A (en) * 2011-02-17 2012-08-22 三星电子(中国)研发中心 Intelligent multidevice management method based on account group
CN102685025A (en) * 2011-03-17 2012-09-19 深圳市同洲软件有限公司 Multi-terminal service switching method, terminal and system

Also Published As

Publication number Publication date
CN104640112A (en) 2015-05-20

Similar Documents

Publication Publication Date Title
CN104637131B (en) A kind of access control system authorization method, device and access control system
WO2020253856A1 (en) Smart lock unlocking method and related device
CN113766507B (en) Service layer dynamic authorization
CA2926206C (en) A system and method for nfc peer-to-peer authentication and secure data transfer
US10769877B2 (en) Secure handsfree proximity-based access control
CN104731612B (en) Mobile equipment safety component software is tied to SIM
US10820203B2 (en) Method, apparatus, and system for mobile provisioning of NFC credentials
CN104640112B (en) A kind of identification authentication method, apparatus and system
CN104270250B (en) WiFi internets online connection authentication method based on asymmetric whole encryption
CN104050510A (en) Intelligent room reservation system based on mobile terminal
CN102821085A (en) Third party authorization login method, open platform and system
CN110266642A (en) Identity identifying method and server, electronic equipment
CN106373235A (en) Authorization method and authorization system for virtual keys and server
EP2693787B1 (en) Secure key distribution with general purpose mobile device
CN103167498B (en) A kind of ability control method and system
CA2816787C (en) Communications system providing remote access via mobile wireless communications device and related methods
CN102298683A (en) Authentication device, system and method for short-distance radio-frequency communication authentication
CN102223630A (en) Remote control system and method
CN109583154A (en) A kind of system and method based on Web middleware access intelligent code key
CN105325021B (en) Method and apparatus for remote portable wireless device authentication
CN106790080A (en) Secure communication of network method and apparatus between operation system and electronic certificate system
US20220014353A1 (en) Method by which device shares digital key
US9621546B2 (en) Method of generating one-time password and apparatus for performing the same
CN103324878A (en) Method and system for remotely controlling unlocking permission of hand-held equipment
CN106779711A (en) Safe payment method and device based on eID

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant