CN104640112B - A kind of identification authentication method, apparatus and system - Google Patents
A kind of identification authentication method, apparatus and system Download PDFInfo
- Publication number
- CN104640112B CN104640112B CN201310574590.4A CN201310574590A CN104640112B CN 104640112 B CN104640112 B CN 104640112B CN 201310574590 A CN201310574590 A CN 201310574590A CN 104640112 B CN104640112 B CN 104640112B
- Authority
- CN
- China
- Prior art keywords
- identification authentication
- identification
- sent
- user terminal
- authentication information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
Abstract
The present invention relates to a kind of identification authentication method, apparatus and systems.In one embodiment, the above method includes: that identification authentication request is sent to authentication server, receive the identification authentication information of authentication server transmission, the identification authentication information sharing is given to multiple other users ends by near-field communication, so that multiple other users end sends confirmation message to authentication server according to the identification authentication information.Above-mentioned identification authentication method, apparatus and system can realize that group authenticates simultaneously by NFC technique, improve authentication efficiency.
Description
Technical field
The present invention relates to field of communication technology more particularly to a kind of identification authentication method, apparatus and system.
Background technique
Identification authentication also known as " authentication ", " verifying " refer to through certain means, complete the confirmation to user identity, and
Authorize corresponding right.
In the prior art, predominantly one-to-one that single user is verified and authorized, such as pass through cell phone software, short
Letter etc. and user interaction complete verify, and verification mode mainly by identifying code share etc. modes, easily cause user's account
Family is dangerous, if after identifying code is stolen or reveals, being easy by other people malicious exploitations, safety is poor.
Summary of the invention
In view of this, the present invention provides a kind of identification authentication method, apparatus and system, group can be realized by NFC technique
It authenticates simultaneously, improves authentication efficiency.
Identification authentication method provided in an embodiment of the present invention, comprising:
Identification authentication request is sent to authentication server;Receive the identification authentication information that the authentication server is sent;
By near-field communication by the identification authentication information sharing give multiple other users ends so that the multiple other users end according to
The identification authentication information sends confirmation message to the authentication server.
Identification authentication method provided in an embodiment of the present invention, comprising:
Receive the identification authentication request that user terminal is sent;Identification authentication information is sent to the user terminal, so that described
User terminal gives the identification authentication information sharing to multiple other users ends by near-field communication;Receive the multiple other users
Hold the confirmation message sent;According to the confirmation message award the other users end or with the other users end it is associated
User's corresponding authority.
Identification authentication device provided in an embodiment of the present invention, comprising:
Transmission unit, for identification authentication request to be sent to authentication server;Receiving unit, for receiving the authentication
The identification authentication information that server is sent;Shared cell, for passing through near-field communication for the received body of the receiving unit
Part authentication information shares to multiple other users ends, so that the multiple other users end is according to the identification authentication information to institute
It states authentication server and sends confirmation message.
Identification authentication device provided in an embodiment of the present invention, comprising:
Receiving unit, for receiving the identification authentication request of user terminal transmission;Transmission unit is used for identification authentication information
It is sent to the user terminal, so that the user terminal is used the identification authentication information sharing to multiple other by near-field communication
Family end;The receiving unit is also used to receive the confirmation message that the multiple other users end is sent;Authorization unit is used for root
According to the confirmation message award the other users end or with the associated user's corresponding authority in the other users end.
Identification authentication system provided in an embodiment of the present invention, comprising:
User terminal and authentication server;
The user terminal receives the authentication server and sends for identification authentication request to be sent to authentication server
Identification authentication information, by near-field communication by the identification authentication information sharing give multiple other users ends so that described more
A other users end sends confirmation message to the authentication server according to the identification authentication information;The authentication server,
For receiving the identification authentication request of user terminal transmission, identification authentication information is sent to the user terminal, so that the user
Multiple other users ends are given the identification authentication information sharing to by near-field communication in end, receive the multiple other users end hair
The confirmation message sent, according to the confirmation message award the other users end or with the associated user in other users end
Corresponding authority.
Identification authentication is requested to send out by identification authentication method, apparatus and system provided in an embodiment of the present invention, a user terminal
Authentication server is given, to request the authentication server to carry out identification authentication to user terminal, receives authentication server transmission
Identification authentication information, and the identification authentication information sharing is given to multiple other users ends by NFC, so that multiple other users
End sends authentication feedback information to the authentication server according to the identification authentication information, in this way, can be by NFC by authentication service
The identification authentication information that device is sent is shared between multiple user terminals in short distance, then multiple other users end is according to this
Identification authentication information sends confirmation message to the authentication server and is authenticated, and the communication nature of NFC ensure that each user terminal only
Identification authentication information can be shared in close distance, therefore improve the safety of transmitting information in authentication process, and
And a plurality of clients can be interacted with authentication server simultaneously to complete to authenticate, and improve authentication efficiency.
For above and other objects, features and advantages of the invention can be clearer and more comprehensible, preferred embodiment is cited below particularly,
And cooperate institute's accompanying drawings, it is described in detail below.
Detailed description of the invention
Fig. 1 is the running environment schematic diagram of identification authentication method in the embodiment of the present invention;
Fig. 2 is a kind of structural block diagram of terminal device;
Fig. 3 is the flow chart for the identification authentication method that first embodiment of the invention provides;
Fig. 4 is the flow chart for the identification authentication method that second embodiment of the invention provides;
Fig. 5 is the flow chart of identification authentication method in third embodiment of the invention;
Fig. 6 is the flow chart of identification authentication method in fourth embodiment of the invention;
Fig. 7 is the first application scenarios schematic diagram of identification authentication method in the embodiment of the present invention;
Fig. 8 is the second application scenarios schematic diagram of identification authentication method in the embodiment of the present invention;
Fig. 9 is the third application scenarios schematic diagram of identification authentication method in the embodiment of the present invention;
Figure 10 is the flow chart for the identification authentication method that fifth embodiment of the invention provides;
Figure 11 is the flow chart for the identification authentication method that sixth embodiment of the invention provides;
Figure 12 is the schematic diagram for the identification authentication device that seventh embodiment of the invention provides;
Figure 13 is the schematic diagram for the identification authentication device that eighth embodiment of the invention provides;
Figure 14 is the schematic diagram for the identification authentication device that ninth embodiment of the invention provides;
Figure 15 is the schematic diagram for the identification authentication device that tenth embodiment of the invention provides;
Figure 16 is the schematic diagram for the identification authentication system that eleventh embodiment of the invention provides.
Specific embodiment
Further to illustrate that the present invention is the technical means and efficacy realizing predetermined goal of the invention and being taken, below in conjunction with
Attached drawing and preferred embodiment, to specific embodiment, structure, feature and its effect according to the present invention, detailed description is as follows.
Near-field communication (Near Field Communication, NFC) is a kind of non-contact radio-frequency identification and interconnection skill
Art can operate in short distance, pass through radiofrequency signal automatic identification target object and obtain related data therefore, Ke Yi
Wireless near field communication is carried out between mobile device, personal computer and intelligent electronic device (such as access controller, intelligent door lock),
It is patched without cable.
The embodiment of the present invention provides a kind of identification authentication method based on near-field communication technology.It refering to fig. 1, is above-mentioned
Method running environment schematic diagram.As shown in Figure 1:
Authentication server 101, for issuing authentication information to the first user terminal 103 of near field group 102, and near field group
The confirmation message that the first user terminal 103, second user end 104, third user terminal 105 in group, fourth user end 106 are submitted into
Whether row authentication, identification are safety legal user terminals and its operation;
Near field group 102, for a plurality of clients connected by NFC, including the first user terminal 103, second user
End 104, third user terminal 105,106 any one user terminal of fourth user end request authentication to authentication server 101, and connect
The authentication message that authentication server 101 is sent is received, the authentication message is then shared to by other users end by NFC.
The present embodiment provides a kind of identification authentication methods, can be used in electronic apparatus 200 shown in Fig. 2.It is mobile
Electronic device 200 includes memory 202, storage control 204, one or more (one is only shown in figure) processors 206, outer
If interface 208, radio-frequency module 210, Touch Screen 212, key module 214 and near-field communication module 216.These components pass through
One or more communication bus/signal wire 222 mutually communicates.
It is appreciated that structure shown in Fig. 2 is only to illustrate, electronic apparatus 200 may also include more than shown in Fig. 2
Perhaps less component or with the configuration different from shown in Fig. 2.Each component shown in Fig. 2 can use hardware, software
Or combinations thereof realize.
Memory 202 can be used for storing software program and module, as in the embodiment of the present invention in electronic apparatus
Corresponding program instruction/the module of interior application rights management method and device, processor 202 are stored in memory 204 by operation
Interior software program and module is realized above-mentioned in mobile electron thereby executing various function application and data processing
The identification authentication method of authentication efficiency is improved in device.
Memory 202 may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic
Property storage device, flash memory or other non-volatile solid state memories.In some instances, memory 202 can further comprise
The memory remotely located relative to processor 206, these remote memories can pass through network connection to electronic apparatus
200.The example of above-mentioned network includes but is not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.Place
Reason device 206 and other possible components can carry out the access of memory 202 under the control of storage control 204.
Various input/output devices are couple CPU and memory 202 by Peripheral Interface 208.The operation of processor 206 is deposited
Various softwares, instruction in reservoir 202 are to execute the various functions of electronic apparatus 200 and carry out data processing.
In some embodiments, Peripheral Interface 208, processor 206 and storage control 204 can be in one single chips
It realizes.In some other example, they can be realized by independent chip respectively.
Radio-frequency module 210 is used to receive and transmit electromagnetic wave, realizes the mutual conversion of electromagnetic wave and electric signal, thus with
Communication network or other equipment are communicated.Radio-frequency module 210 may include various existing for executing the electricity of these functions
Circuit component, for example, antenna, RF transceiver, digital signal processor, encryption/deciphering chip, subscriber identity module (SIM) card,
Memory etc..Radio-frequency module 210 can be communicated or be led to various networks such as internet, intranet, wireless network
Wireless network is crossed to be communicated with other equipment.Above-mentioned wireless network may include cellular telephone networks, WLAN or
Metropolitan Area Network (MAN).Various communication standards, agreement and technology can be used in above-mentioned wireless network, and including but not limited to the whole world is mobile logical
Letter system (Global System for Mobile Communication, GSM), enhanced mobile communication technology
(Enhanced Data GSM Environment, EDGE), Wideband CDMA Technology (wideband code division
Multiple access, W-CDMA), Code Division Multiple Access (Code division access, CDMA), time division multiple access technology
(time division multiple access, TDMA), bluetooth, adopting wireless fidelity technology (Wireless, Fidelity,
WiFi) (such as American Institute of Electrical and Electronics Engineers's standard IEEE 802.11a, IEEE802.11b, IEEE802.11g and/or
IEEE802.11n), the networking telephone (Voice over internet protocal, VoIP), worldwide interoperability for microwave accesses
(Worldwide Interoperability for Microwave Access, Wi-Max), other be used for mail, Instant Messenger
The agreement and any other suitable communications protocol of news and short message, or even may include that those are not developed currently yet
Agreement.
Touch Screen 212 provides an output and input interface simultaneously between electronic apparatus 200 and user.Specifically
Ground, Touch Screen 212 to user show video output, these videos output content may include text, figure, video and its
Any combination.Some outputs are the result is that correspond to some user interface objects.Touch Screen 212 also receives the input of user, example
The click of such as user, sliding gesture operation, so that user interface object responds the input of these users.Detect user
The technology of input can be based on resistance-type, condenser type or any other possible touch control detection technology.Touch Screen 212 is aobvious
The specific example for showing unit includes but is not limited to liquid crystal display or light emitting polymer displays.
Key module 214 equally provides user's interface inputted to electronic apparatus 200, and user can be by pressing
Lower different key is so that electronic apparatus 200 executes different functions.
Near-field communication module 216 is used to provide the interface for realizing near-field communication, and user can pass through near-field communication module 216
Short-range near-field communication is carried out with other users equipment to realize data exchange.
First embodiment
Refering to Fig. 3, the method for the present embodiment the following steps are included:
Identification authentication request is sent to authentication server by step 301;
When user will obtain a certain authorization, need that this is requested to authorize to authentication server 101, then the first user terminal 103
After the request for receiving user, identification authentication request is sent to authentication server 101, requests authentication server 101 to user
End carries out identification authentication.
Step 302, the identification authentication information for receiving authentication server transmission;
After authentication server 101 receives the identification authentication request of the first user terminal 103 transmission, to the first user terminal 103
Identification authentication information is sent, which, which can be, requires authenticator to return to the confirmation message for being used for identification authentication, should
User terminal receives the identification authentication information that authentication server 101 is sent.
Step 303 gives the identification authentication information sharing to multiple other users ends by NFC, so that other multiple use
Family end sends confirmation message to the authentication server according to the identification authentication information.
The identification authentication information is sent to second user end 104, third user terminal by NFC by the first user terminal 103
105, fourth user end 106 is realized shared, so that this multiple other users end is according to the identification authentication information to authentication server
101 send the confirmation message for being used for identification authentication, the confirmation message with the identification authentication information be it is corresponding, such as the identification authentication
Information is that the first user terminal 103 is required to return to identification information, then the confirmation message is the identification information.Generally
Ground, second user end 104, third user terminal 105, fourth user end 106 are close at a distance from the first user terminal 103, the distance
Information can be transmitted by NFC by meeting.
In the embodiment of the present invention, user terminal can be by the identification authentication information that NFC sends authentication server in low coverage
It is shared between interior multiple user terminals, multiple other users end is sent out according to the identification authentication information to the authentication server
Confirmation message is sent to be authenticated, the communication nature of NFC ensure that each user terminal may only share identity mirror in close distance
Information is weighed, therefore improves in authentication process the safety of transmitting information, and a plurality of clients can simultaneously and authentication service
Device interaction improves authentication efficiency to complete to authenticate.
Second embodiment
Referring to Fig. 4, Fig. 4 is the second embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with Fig. 3 institute
The first embodiment of the identification authentication method shown the difference is that, by NFC by the identification authentication information sharing in step 303
Include: to multiple other users ends
Step 403, identification open the target user end of NFC function;
After first user terminal 103 opens NFC function, the target user end for opening NFC function, the target user end can recognize
As open the user terminal of NFC function.
A user terminal group is established at step 404, all target user ends that will identify that;
In a certain distance, the first user terminal 103 can identify multiple target user ends by NFC, will identify that
A user terminal group is established at all target user ends.For example, the user terminal identifies 3 target user ends second user end
104, a user terminal group is then established, by the use in 3 target user ends by third user terminal 105, fourth user end 106
Hu Duan group is named as " near field group ".
Step 405, all target user ends being sent to the identification authentication information by NFC in the user terminal group;
The received identification authentication information is sent to all target user ends in the user terminal group, example by NFC
Such as, 4 target user ends in the group of near field are sent to.
In the embodiment of the present invention, a user terminal group is established at all target user ends that user terminal will identify that, passes through
The identification authentication information is sent to all target user ends in the user terminal group by NFC, is realized and is shared identity mirror in group
Information is weighed, authentication efficiency is improved.
3rd embodiment
Referring to Fig. 5, Fig. 5 is the 3rd embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with Fig. 3 institute
The first embodiment of the identification authentication method shown the difference is that, the present embodiment can further include:
The confirmation message for being used to carry out identification authentication is sent to the authentication server to carry out user identity by step 504
Authentication.
The confirmation message for being used to carry out identification authentication is sent to authentication server 101 to use by the first user terminal 103
Family identification authentication.
The execution sequence of step 504 is not limited by embodiment description in the present embodiment, can pass through NFC for the identity
Authentication information executes before sharing to multiple other users ends.
In the embodiment of the present invention, the identification authentication information that a user terminal is sent authentication server by NFC is in low coverage
Shared between interior multiple user terminals, a plurality of clients including the user terminal according to the identification authentication information to this
Authentication server sends confirmation message and is authenticated, in this way, a plurality of clients can be interacted with authentication server to complete to reflect simultaneously
Power improves authentication efficiency.And the short haul connection property of NFC ensure that each user terminal shares identity mirror in close distance
Information is weighed, the safety of transmitting information is improved in authentication process.
Fourth embodiment
Referring to Fig. 6, Fig. 6 is the fourth embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with Fig. 3 institute
The first embodiment of the identification authentication method shown the difference is that, the present embodiment can further include:
The identification authentication information received can be included in interaction request by step 604, the user terminal, which is asked
It asks and authentication server is sent to by network or other users end is sent to by near-field communication.
The identification authentication information received can be included in interaction request by the first user terminal 103, by the interaction request
It is sent to authentication server 101 by network, or second user end 103, third user terminal the 104, the 4th are sent to by NFC
User terminal 105.
Specifically, the first user terminal 103, second user end 104, third user terminal 105, fourth user end 106 can be direct
The permission of identification authentication information acquisition certain network service returned using the authentication server 101 shared, for example, into certain
A Web conference room.To hold the identification authentication information at this point, the identification authentication information can be used as a kind of " franchise code "
User terminal obtains certain authorization.Specific application scenarios schematic diagram, referring to Fig. 7, authentication server 101 licenses to the first user terminal
103 can enter Web conference room 707, and authorization message is notified that, to Web conference room 707, the first user terminal 103 then passes through body
Part authentication information enters Web conference room 707.Alternatively, the first user terminal 103 asks the interaction comprising the identification authentication information
Ask other users end second user end 104, third user terminal 105, the fourth user end being sent in the group of near field by NFC
106, so that other users end can also enter Web conference room 707 by the identification authentication information.
First user terminal 103, second user end 104, third user terminal 105, fourth user end 106 are being used for identification authentication
The confirmation message in include its own identity code, such as the NFC device ID of user terminal, authentication server 101 receives
Certain equipment, such as intelligent door lock are issued to after to the identity code, then other users end, which is authorized to, opens intelligent door lock.Tool
The application scenarios schematic diagram of body, referring to Fig. 8, itself NFC device ID can be included in confirmation message by the first user terminal 103 to be passed through
Network is sent to authentication server 101, and authentication server 101, which licenses to the first user terminal 103, can open intelligent door lock 807, together
Shi Baocun NFC device ID, and the corresponding relationship of the permission of unlatching and NFC device ID is notified to intelligent door lock 807, the first user
End 103 can then open intelligent door lock 807.Alternatively, the interaction request is sent near field group by NFC by the first user terminal 103
In other users end second user end 104, third user terminal 105, fourth user end 106 so that other users end can also be with
Intelligent door lock 807 can be opened.
First user terminal 103, second user end 104, third user terminal 105, fourth user end 106 are being used for identification authentication
The confirmation message in include its own identity code, such as the account number of some network service, authentication server 101 receives
Certain permission of account is authorized after to the identity code, when so that user terminal being serviced after being logged in using the account using the network
Obtain rights that have been granted.Specific application scenarios schematic diagram, referring to Fig. 9, what the first user terminal 103 can service some network
Account number is included in confirmation message and is sent to authentication server 101 by network, and authentication server 101 licenses to the first user terminal
103 corresponding permissions, and the permission and the account corresponding relationship of the network service are notified into network server 907, the first user
After end 103 is logged in by the account, network server 907 can be given when the first user terminal 103 is serviced using the network and obtain quilt
The permission authorized.Alternatively, the interaction request is sent to the other users end in the group of near field by the first user terminal 103 by NFC
Second user end 104, third user terminal 105, fourth user end 106, so that other users end can also be serviced using the network
When obtain rights that have been granted.
In the embodiment of the present invention, which can be included in the identification authentication information received in interaction request, will
The interaction request is sent to authentication server by network or is sent to other users end by near-field communication, to obtain authorization
Or other users end is made to obtain authorization, further increase acquisition efficiency.
5th embodiment
Referring to Fig. 10, the 5th embodiment of the identification authentication method in the embodiment of the present invention includes:
Step 1001 receives the identification authentication request that user terminal is sent;
Authentication server receives the identification authentication request that user terminal is sent, and identification authentication request is for requesting the authentication to take
Device be engaged in user terminal progress identification authentication.
Identification authentication information is sent to the user terminal by step 1002, so that the user terminal passes through near-field communication for the body
Part authentication information shares to multiple other users ends;
Identification authentication information is sent to the user terminal by authentication server, so that the user terminal is reflected the identity by NFC
Information sharing is weighed to multiple other users ends, and multiple other users end can be according to the identification authentication information to the authentication service
Device sends the confirmation message for being used for identification authentication.
Step 1003 receives the confirmation message that multiple other users end is sent;
Authentication server receives the confirmation message for identification authentication that multiple other users end is sent.
Step 1004, awarded according to the confirmation message other users end or with the associated user's phase in the other users end
Answer permission.
According to the different content of confirmation message, authentication server is awarded the other users end or is closed with the other users end
User's corresponding authority of connection.
In the embodiment of the present invention, authentication server receives the identification authentication request that user terminal is sent, and identification authentication is believed
Breath is sent to the user terminal, so that the user terminal gives the identification authentication information sharing to multiple other users ends, NFC by NFC
Communication nature ensure that each user terminal may only share identification authentication information in close distance, therefore in authentication process
The safety for improving transmitting information receives the confirmation message for identification authentication that multiple other users end is sent, and root
According to the confirmation message award the other users end or with the associated user's corresponding authority in the other users end, in this way, multiple use
Family end can be interacted with authentication server to complete to authenticate simultaneously, and authentication efficiency can be improved.
Sixth embodiment
Figure 11 is please referred to, Figure 11 is the sixth embodiment schematic diagram of the identification authentication method in the embodiment of the present invention, with figure
5th embodiment of identification authentication method shown in 10 the difference is that, step step 1003 receives multiple other users end
Include: after the confirmation message of transmission
Step 1104 carries out identification authentication to multiple other users end according to the confirmation message.
After receiving the confirmation message that multiple other users end is sent, authentication server is more to this according to the confirmation message
A other users end carries out identification authentication.
Step 1004 according to the confirmation message award the other users end or with the associated user's phase in the other users end
The permission is answered to may include:
The mark at the other users end is sent to terminal device by step 1105, should to authorize other users end access
The permission of terminal device, and the permission that the user is marked in corresponding database or configuration file is serviced in network.
The mark at the other users end is sent to terminal device by authentication server, should to authorize other users end access
The permission of terminal device authorizes other users terminal unlatching for example, the mark at the other users end is sent to intelligent door lock
The permission of the intelligent door lock.And the permission that the user is marked in corresponding database or configuration file is serviced in network, pass through one
Sub-authorization makes the user be used multiple times the permission, simplifies authorisation step, saves the time.
In the embodiment of the present invention, authentication server receives the identification authentication request that user terminal is sent, and identification authentication is believed
Breath is sent to the user terminal, so that the user terminal gives the identification authentication information sharing to multiple other users ends, NFC by NFC
Communication nature ensure that each user terminal may only share identification authentication information in close distance, therefore in authentication process
The safety for improving transmitting information receives the confirmation message for identification authentication that multiple other users end is sent, authentication
Server carries out identification authentication to multiple other users end according to the confirmation message, and the mark at the other users end is sent
To terminal device, to authorize the permission that the other users end accesses the terminal device, in this way, a plurality of clients can simultaneously with authentication
Authentication efficiency can be improved to complete to authenticate in server interaction.And it services in corresponding database or configuration file and marks in network
The permission of the user simplifies authorisation step, saves the time.
7th embodiment
Figure 12 is please referred to, the identification authentication device in the embodiment of the present invention includes:
Transmission unit 1201, for identification authentication request to be sent to authentication server;
Receiving unit 1202, for receiving the identification authentication information of authentication server transmission;
Shared cell 1203, for being given the received identification authentication information sharing of receiving unit 502 by near-field communication
Multiple other users ends, so that multiple other users end sends confirmation letter to the authentication server according to the identification authentication information
Breath.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refers to 3 institute of earlier figures
The specific descriptions for showing embodiment, do not repeat herein.
In the embodiment of the present invention, identification authentication request is sent to authentication server by transmission unit 1201, to request the mirror
It weighs server and carries out identification authentication, receiving unit 1202 receives the identification authentication information that the authentication server is sent, shared cell
1203 give the identification authentication information sharing to multiple other users ends by NFC, so that multiple other users end is according to the body
Part authentication information sends authentication feedback information to the authentication server, in this way, the body that can be sent authentication server by NFC
Part authentication information is shared between multiple user terminals in short distance, then multiple other users end is believed according to the identification authentication
It ceases and is authenticated to authentication server transmission confirmation message, the communication nature of NFC ensure that each user terminal may only be close
Distance in share identification authentication information, therefore improve in authentication process the safety of transmitting information, and multiple users
End can be interacted with authentication server simultaneously to complete to authenticate, and improve authentication efficiency.
8th embodiment
Please refer to Figure 13, Figure 13 is the schematic diagram of the identification authentication device in eighth embodiment of the invention, the present embodiment with
7th embodiment shown in Figure 12 the difference is that:
Shared cell 1203 may further include:
Recognition unit 1204 opens the target user end of near field communication (NFC) function for identification;
Unit 1205 is established, a user terminal group is established at all target user ends for identifying recognition unit 1204
Group;
Information unit 1206 is sent, all targets being sent to the identification authentication information in the user terminal group are also used to
User terminal.
Further, transmission unit 1101 are also used to the confirmation message for being used to carry out identification authentication being sent to the authentication
Server is to carry out subscriber identity authentication.
Transmission unit 1201 is also used to for the identification authentication information being included in interaction request, and the interaction request is led to
Network is crossed to be sent to the authentication server or be sent to other users end by near-field communication.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refer to earlier figures 3 to
The specific descriptions of embodiment illustrated in fig. 6, do not repeat herein.
In the embodiment of the present invention, the target user end of near field communication (NFC) function is opened in the identification of recognition unit 1204, establishes unit
A user terminal group is established at the 1205 all target user ends that will identify that, sends information unit 1206 and passes through NFC for the body
Part authentication information is sent to all target user ends in the user terminal group, realizes and shares identification authentication information in group, mentions
High authentication efficiency.Also, the identification authentication information received can be included in interaction request by the user terminal of transmission unit 1201
In, which is sent to authentication server by network or other users end is sent to by near-field communication, to obtain
It takes authorization or other users end is made to obtain authorization, further increase acquisition efficiency.
9th embodiment
Figure 14 is please referred to, the identification authentication device in the embodiment of the present invention includes:
Receiving unit 1401, for receiving the identification authentication request of user terminal transmission;
Transmission unit 1402, for identification authentication information to be sent to the user terminal, so that the user terminal is logical by near field
Letter gives the identification authentication information sharing to multiple other users ends;
Receiving unit 1401 is also used to receive the confirmation message that multiple other users end is sent;
Authorization unit 1403, for awarding the other users end according to the confirmation message or being associated with the other users end
User's corresponding authority.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refers to 10 institute of earlier figures
The specific descriptions for showing embodiment, do not repeat herein.
In the embodiment of the present invention, receiving unit 1401 receives the identification authentication request that user terminal is sent, transmission unit 1402
Identification authentication information is sent to the user terminal so that the user terminal by NFC by the identification authentication information sharing to it is multiple its
His user terminal, the communication nature of NFC ensure that each user terminal may only share identification authentication information in close distance, therefore
The safety of transmitting information is improved in authentication process, receiving unit 1401 receives being used for for multiple other users end transmission
The confirmation message of identification authentication, authorization unit 1403 according to the confirmation message award the other users end or with the other users
Associated user's corresponding authority is held, in this way, a plurality of clients can be interacted with authentication server to complete to authenticate simultaneously, mirror can be improved
Weigh efficiency.
Tenth embodiment
Please refer to Figure 15, Figure 15 is the schematic diagram of the identification authentication device in tenth embodiment of the invention, the present embodiment with
Tenth embodiment shown in Figure 14 the difference is that, the device further include:
Authenticating unit 1404, for carrying out identification authentication to multiple other users end according to the confirmation message.
Further, authorization unit 1403 are also used to the mark at the other users end being sent to terminal device, to authorize
The other users end accesses the permission of the terminal device.
Identification authentication device in the present embodiment can further include:
Marking unit 1405, for servicing the permission for marking the user in corresponding database or configuration file in network.
Each functional unit realizes the process of respective function in identification authentication device in the present embodiment, refer to earlier figures 14 and
The specific descriptions of embodiment illustrated in fig. 15, do not repeat herein.
In the embodiment of the present invention, receiving unit 1401 receives the identification authentication request that user terminal is sent, transmission unit 1402
Identification authentication information is sent to the user terminal so that the user terminal by NFC by the identification authentication information sharing to it is multiple its
His user terminal, the communication nature of NFC ensure that each user terminal may only share identification authentication information in close distance, therefore
The safety of transmitting information is improved in authentication process, receiving unit 1401 receives being used for for multiple other users end transmission
The confirmation message of identification authentication, authenticating unit 1404 carry out identification authentication to multiple other users end according to the confirmation message,
And the mark at the other users end is sent to terminal device, to authorize the permission that the other users end accesses the terminal device,
In this way, a plurality of clients can be interacted with authentication server to complete to authenticate simultaneously, authentication efficiency can be improved.Marking unit 1405 exists
Network services the permission that the user is marked in corresponding database or configuration file, simplifies authorisation step, saves the time.
11st embodiment
Figure 16 is please referred to, the identification authentication system in the embodiment of the present invention includes:
User terminal 1601 and authentication server 1602;
User terminal 1601 receives authentication server 1602 for identification authentication request to be sent to authentication server 1602
The identification authentication information of transmission gives the identification authentication information sharing to multiple other users ends by near-field communication, so that this is more
A other users end sends confirmation message to authentication server 1602 according to the identification authentication information;
Authentication server 1602 sends out identification authentication information for receiving the identification authentication request of the transmission of user terminal 1601
User terminal 1601 is given, so that user terminal 1601 gives the identification authentication information sharing to multiple other users by near-field communication
End receives the confirmation message that multiple other users end is sent, according to the confirmation message award the other users end or with this
The associated user's corresponding authority in other users end.
Each device realizes the process of respective function in identification authentication system in the present embodiment, refers to earlier figures 2 to Figure 15
The specific descriptions of illustrated embodiment, do not repeat herein.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight
Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other.
For device class embodiment, since it is basically similar to the method embodiment, so being described relatively simple, related place ginseng
See the part explanation of embodiment of the method.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that process, method, article or device including a series of elements are not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or device
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or device including the element.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The above described is only a preferred embodiment of the present invention, be not intended to limit the present invention in any form, though
So the present invention has been disclosed as a preferred embodiment, and however, it is not intended to limit the invention, any technology people for being familiar with this profession
Member, without departing from the scope of the present invention, when the technology contents using the disclosure above are modified or are modified
It is right according to the technical essence of the invention for the equivalent embodiment of equivalent variations, but without departing from the technical solutions of the present invention
Any simple modification, equivalent change and modification made by above embodiments, all of which are still within the scope of the technical scheme of the invention.
Claims (16)
1. a kind of identification authentication method characterized by comprising
Identification authentication request is sent to authentication server;
The identification authentication information that the authentication server is sent is received, the identification authentication information is to require authenticator to return to be used for
The confirmation message of identification authentication, the confirmation message include the identity code of user terminal itself;
The identification authentication information sharing is given to multiple other users ends by near-field communication, so that the multiple other users end
Confirmation message is sent to the authentication server according to the identification authentication information, makes the authentication server according to the confirmation letter
Breath award the other users end or with the associated user's corresponding authority in the other users end;
Any user end for carrying out near-field communication can request to authenticate to authentication server, and receive the body of authentication server transmission
Part authentication information, gives the identification authentication information sharing to other users end by near-field communication.
2. the method according to claim 1, wherein described be total to the identification authentication information by near-field communication
It enjoys and includes: to multiple other users ends
The target user end of near field communication (NFC) function is opened in identification;
A user terminal group is established at all target user ends that will identify that;
The identification authentication information is sent to all target user ends in the user terminal group by near-field communication.
3. the method according to claim 1, wherein further include:
The confirmation message for being used to carry out identification authentication is sent to the authentication server to carry out subscriber identity authentication.
4. the method according to claim 1, wherein further include:
The identification authentication information is included in interaction request, and the interaction request is sent to the authentication by network
Server is sent to other users end by near-field communication.
5. a kind of identification authentication method characterized by comprising
Receive the identification authentication request that user terminal is sent;
Identification authentication information is sent to the user terminal, so that the user terminal is believed the identification authentication by near-field communication
Breath shares to multiple other users ends, and the identification authentication information is that authenticator is required to return to the confirmation letter for being used for identification authentication
Breath, the confirmation message include the identity code of user terminal itself, and any user end for carrying out near-field communication can be to authentication
Server request authentication, and the identification authentication information of authentication server transmission is received, by near-field communication by the identification authentication
Other users end is given in information sharing;
Receive the confirmation message that the multiple other users end is sent;
According to the confirmation message award the other users end or with the associated user's corresponding authority in the other users end.
6. according to the method described in claim 5, it is characterized in that, the confirmation for receiving the multiple other users end and sending
Include: after information
Identification authentication is carried out to the multiple other users end according to the confirmation message.
7. according to the method described in claim 5, it is characterized in that, the other users end corresponding authority of awarding includes:
The mark at the other users end is sent to terminal device, accesses the terminal device to authorize the other users end
Permission.
8. according to the described in any item methods of claim 5 to 7, which is characterized in that described award is closed with the other users end
User's corresponding authority of connection includes:
The permission that the user is marked in corresponding database or configuration file is serviced in network.
9. a kind of identification authentication device characterized by comprising
Transmission unit, for identification authentication request to be sent to authentication server;
Receiving unit, the identification authentication information sent for receiving the authentication server, the identification authentication information are to require
Authenticator returns to the confirmation message for being used for identification authentication, and the confirmation message includes the identity code of user terminal itself;
Shared cell, for by near-field communication by the received identification authentication information sharing of the receiving unit to it is multiple its
His user terminal, so that the multiple other users end sends confirmation letter to the authentication server according to the identification authentication information
Breath, make the authentication server according to the confirmation message award the other users end or with the associated user in the other users end
Corresponding authority;Any user end for carrying out near-field communication can request to authenticate to authentication server, and receive authentication server hair
The identification authentication information sent gives the identification authentication information sharing to other users end by near-field communication.
10. device according to claim 9, which is characterized in that the shared cell includes:
Recognition unit opens the target user end of near field communication (NFC) function for identification;
Unit is established, a user terminal group is established at all target user ends for identifying the recognition unit;
Information unit is sent, all target users being sent to the identification authentication information in the user terminal group are also used to
End.
11. device according to claim 9 or 10, which is characterized in that
The transmission unit is also used to the confirmation message for being used to carry out identification authentication being sent to the authentication server to carry out
Subscriber identity authentication;
The transmission unit is also used to for the identification authentication information being included in interaction request, and the interaction request is led to
Network is crossed to be sent to the authentication server or be sent to other users end by near-field communication.
12. a kind of identification authentication device characterized by comprising
Receiving unit, for receiving the identification authentication request of user terminal transmission;
Transmission unit, for identification authentication information to be sent to the user terminal, so that the user terminal will by near-field communication
Multiple other users ends are given in the identification authentication information sharing, and the identification authentication information is that authenticator is required to return for identity
The confirmation message of authentication, the confirmation message include the identity code of user terminal itself, carry out any user of near-field communication
End can request to authenticate to authentication server, and receive the identification authentication information of authentication server transmission, will by near-field communication
Other users end is given in the identification authentication information sharing;
The receiving unit is also used to receive the confirmation message that the multiple other users end is sent;
Authorization unit, for according to the confirmation message award the other users end or with the other users end it is associated
User's corresponding authority.
13. device according to claim 12, which is characterized in that described device further include:
Authenticating unit, for carrying out identification authentication to the multiple other users end according to the confirmation message.
14. device according to claim 12, which is characterized in that
The authorization unit is also used to the mark at the other users end being sent to terminal device, to authorize other described use
Family end accesses the permission of the terminal device.
15. 2 to 14 described in any item devices according to claim 1, which is characterized in that
Marking unit, for servicing the permission for marking the user in corresponding database or configuration file in network.
16. a kind of identification authentication system characterized by comprising
User terminal and authentication server;
The user terminal receives the authentication server and sends for identification authentication request to be sent to the authentication server
Identification authentication information, by near-field communication by the identification authentication information sharing give multiple other users ends so that described more
A other users end sends confirmation message, the identification authentication information to the authentication server according to the identification authentication information
To require authenticator to return to the confirmation message for identification authentication, the confirmation message includes the identification of user terminal itself
Code, any user end for carrying out near-field communication can request to authenticate to authentication server, and receive the body of authentication server transmission
Part authentication information, gives the identification authentication information sharing to other users end by near-field communication;
The authentication server, the identification authentication request sent for receiving the user terminal, identification authentication information is sent to
The user terminal, so that the user terminal gives the identification authentication information sharing to multiple other users ends by near-field communication,
Receive the confirmation message that the multiple other users end is sent, according to the confirmation message award the other users end or with
The associated user's corresponding authority in other users end.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310574590.4A CN104640112B (en) | 2013-11-15 | 2013-11-15 | A kind of identification authentication method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310574590.4A CN104640112B (en) | 2013-11-15 | 2013-11-15 | A kind of identification authentication method, apparatus and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104640112A CN104640112A (en) | 2015-05-20 |
CN104640112B true CN104640112B (en) | 2019-01-11 |
Family
ID=53218318
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310574590.4A Active CN104640112B (en) | 2013-11-15 | 2013-11-15 | A kind of identification authentication method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104640112B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105025039B (en) * | 2015-08-18 | 2018-09-14 | 宇龙计算机通信科技(深圳)有限公司 | Auth method, terminal and server |
CN105681291B (en) * | 2016-01-07 | 2019-07-09 | 锐达互动科技股份有限公司 | A kind of realization multi-client uniform authentication method and system |
CN106815685A (en) * | 2017-01-22 | 2017-06-09 | 杭州纳戒科技有限公司 | Full industrial chain is shared in the benefit the construction method and system of contract |
CN109410384B (en) * | 2018-09-26 | 2020-10-27 | 郑州轻工业学院 | Safety management system |
CN111882842B (en) * | 2020-08-04 | 2022-12-02 | 珠海格力电器股份有限公司 | Early warning method of sharing equipment and sharing equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1420659A (en) * | 2001-10-31 | 2003-05-28 | 雅马哈株式会社 | Method and apparatus for authenticating and veritying user and computer over network |
WO2010060242A1 (en) * | 2008-11-27 | 2010-06-03 | 中兴通讯股份有限公司 | An authentication method for the mobile terminal and a system thereof |
CN101911581A (en) * | 2007-11-30 | 2010-12-08 | 三星电子株式会社 | Method and system for secure communication in near field communication network |
CN102647291A (en) * | 2011-02-17 | 2012-08-22 | 三星电子(中国)研发中心 | Intelligent multidevice management method based on account group |
CN102685025A (en) * | 2011-03-17 | 2012-09-19 | 深圳市同洲软件有限公司 | Multi-terminal service switching method, terminal and system |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8024811B2 (en) * | 2006-01-19 | 2011-09-20 | Research In Motion Limited | System and method for secure PIN exchange |
KR20130027930A (en) * | 2011-09-08 | 2013-03-18 | 주식회사 팬택 | Nfc terminal and data synchronizing method between nfc terminals |
-
2013
- 2013-11-15 CN CN201310574590.4A patent/CN104640112B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1420659A (en) * | 2001-10-31 | 2003-05-28 | 雅马哈株式会社 | Method and apparatus for authenticating and veritying user and computer over network |
CN101911581A (en) * | 2007-11-30 | 2010-12-08 | 三星电子株式会社 | Method and system for secure communication in near field communication network |
WO2010060242A1 (en) * | 2008-11-27 | 2010-06-03 | 中兴通讯股份有限公司 | An authentication method for the mobile terminal and a system thereof |
CN102647291A (en) * | 2011-02-17 | 2012-08-22 | 三星电子(中国)研发中心 | Intelligent multidevice management method based on account group |
CN102685025A (en) * | 2011-03-17 | 2012-09-19 | 深圳市同洲软件有限公司 | Multi-terminal service switching method, terminal and system |
Also Published As
Publication number | Publication date |
---|---|
CN104640112A (en) | 2015-05-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104637131B (en) | A kind of access control system authorization method, device and access control system | |
WO2020253856A1 (en) | Smart lock unlocking method and related device | |
CN113766507B (en) | Service layer dynamic authorization | |
CA2926206C (en) | A system and method for nfc peer-to-peer authentication and secure data transfer | |
US10769877B2 (en) | Secure handsfree proximity-based access control | |
CN104731612B (en) | Mobile equipment safety component software is tied to SIM | |
US10820203B2 (en) | Method, apparatus, and system for mobile provisioning of NFC credentials | |
CN104640112B (en) | A kind of identification authentication method, apparatus and system | |
CN104270250B (en) | WiFi internets online connection authentication method based on asymmetric whole encryption | |
CN104050510A (en) | Intelligent room reservation system based on mobile terminal | |
CN102821085A (en) | Third party authorization login method, open platform and system | |
CN110266642A (en) | Identity identifying method and server, electronic equipment | |
CN106373235A (en) | Authorization method and authorization system for virtual keys and server | |
EP2693787B1 (en) | Secure key distribution with general purpose mobile device | |
CN103167498B (en) | A kind of ability control method and system | |
CA2816787C (en) | Communications system providing remote access via mobile wireless communications device and related methods | |
CN102298683A (en) | Authentication device, system and method for short-distance radio-frequency communication authentication | |
CN102223630A (en) | Remote control system and method | |
CN109583154A (en) | A kind of system and method based on Web middleware access intelligent code key | |
CN105325021B (en) | Method and apparatus for remote portable wireless device authentication | |
CN106790080A (en) | Secure communication of network method and apparatus between operation system and electronic certificate system | |
US20220014353A1 (en) | Method by which device shares digital key | |
US9621546B2 (en) | Method of generating one-time password and apparatus for performing the same | |
CN103324878A (en) | Method and system for remotely controlling unlocking permission of hand-held equipment | |
CN106779711A (en) | Safe payment method and device based on eID |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |