CN104980277A - System, device and method for generating and authenticating authentication information - Google Patents
System, device and method for generating and authenticating authentication information Download PDFInfo
- Publication number
- CN104980277A CN104980277A CN201410144786.4A CN201410144786A CN104980277A CN 104980277 A CN104980277 A CN 104980277A CN 201410144786 A CN201410144786 A CN 201410144786A CN 104980277 A CN104980277 A CN 104980277A
- Authority
- CN
- China
- Prior art keywords
- server
- authentication
- unit
- key
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a server, comprising a processing unit for generating a secret key; an associated communication unit for receiving an application signal of establishing authentication information for a trigger; an authentication unit for judging whether the authentication information is legal; an authentication information output unit for transmitting an authentication result of the authentication unit to a service device; a storage unit for storing the secret key generated by the processing unit; and a communication unit communicated with an advanced server. The invention discloses a device, comprising a triggering interface communicated with an associated device; a triggering application unit for generating an authentication information establishment application, the communication unit communicated with the server. The invention discloses an authentication communicator, comprising an authentication interface communicated with the service device and the communication unit communicated with the server. The invention further discloses a method and a system for generating and authenticating authentication information. The method and the system of the invention could provide generation and authentication for the authentication information by communicating the trigger with the associated device and communicating the authentication communicator with the service device.
Description
Technical field
Relate to wireless communication technology field, particularly relate to the generation of identity information and the system and device of certification and method.
Background technology
Authentication is a thing always existed from ancient times to the present, for different crowds provides different services, needs to carry out authentication.Internet era, authentication is almost ubiquitous, and service provider will provide the service of different brackets and different rights according to different user identity attributes.
At present, the identification authentication mode generally mode of planting is account number cipher formula, and namely user in service provider there register account number, need carry out the mode of certification by the password of user's setting in advance.This kind of mode needs user's registered in advance to fill in related identification information, and for user, program is comparatively loaded down with trivial details.
Another kind of identification authentication mode arranges a unified password to service unit, and user is by this equipment of code entry thus obtain service.This kind of mode be not owing to distinguishing user property, and it is just the same for giving and obtaining user right, can not distinguish different user, therefore have its limitation.
content
The problem to be solved in the present invention is to provide system, the apparatus and method of the generation of a kind of authentication information and certification, utilizes associated apparatus to trigger and produces authentication information life, for service unit provides authentication function.
The embodiment of the present invention provides a technical scheme to provide a kind of trigger, a kind of server and a kind of authentication communication device.Server comprises: processing unit, according to preset rules and the signal associating communication unit transmission, generates key, and transmits back association communication unit; Association communication unit, communicates with trigger, sets up the communication port of processing unit to trigger, for receiving the triggering application signal of trigger, and by Signal transmissions to processing unit; Authentication ' unit, for analysis authentication information, identifies key, differentiates that whether it is effective, analyzes the authority comprised; Authentication communication unit, communicates with service unit, and service unit authentication application is passed to authentication ' unit, and the authentication result of authentication ' unit is passed to service unit; Memory cell, the key that storage processing unit produces and corresponding authority are authentication ' unit query key and authority; Communication unit, key authentication request, to advanced server, is uploaded to advanced server certification, and receives the authentication result of advanced server, be delivered to authentication ' unit by the key that upload server stores.Trigger comprises: trigger interface, communicates with associated apparatus, the communication port be associated between device and server.The triggering signal of associated apparatus and user profile are delivered to triggering application unit; Trigger application unit, comprehensive triggering signal, user profile, system information generate to set up and trigger application; Communication unit, is connected with server, sets up the communication port between trigger and server, and the triggering application that application unit produces is delivered to server, passes the key that server generates back.Authentication communication device comprises: authentication interface, for communicating with between service unit with service unit connection setup system, sets up the authentication information passage of service unit end; Communication unit, for authentication communication unit and server communication, sets up the information channel between authentication communication device and server.
The technical scheme of embodiments of the invention is to provide a kind of authentication information and generates and the method for certification, comprising: associated apparatus triggers application by trigger, and server generates user key and corresponding authority information and exports key; The key authentication that server is submitted to user also returns corresponding authority information; The authority information that service unit provides according to the authentication result of server and server provides service for user.
The technical scheme of embodiments of the invention is to provide a kind of system realizing authentication information foundation and authentication, it is characterized in that, comprise: server, for generating key after trigger identity sets up application, store and upload to advanced server, certification is carried out to the authentication request information of service unit; Advanced server, for server communication, storage server produce key, for server submit to authentication application carry out certification.Do not have and server communication ability at associated apparatus or service unit itself, can not by trigger function module integration to associated apparatus, authentication communication device functional module is integrated into service unit, this system also comprises: trigger, for extracting user profile and receiving associated apparatus triggering signal from associated apparatus, reach the backward server that imposes a condition and send identity information and set up solicited message; Authentication communication device, is connected with service unit also and server communication, sets up the communication port between service unit and server.
The technical scheme of the embodiment of the present invention at least has the following advantages:
Communicated with associated apparatus by trigger, obtain associated apparatus operating state and user profile, the operating state according to associated apparatus sets up authentication information; Communicated with service unit by authentication communication device, set up the certification passage between service unit and system, system is certification for it, can quickly and easily along with the operating state of associated apparatus is that service unit generates key, and certification for it.
Accompanying drawing explanation
Fig. 1 is the system construction drawing that the present invention realizes authentication information foundation and certification;
Fig. 2 is the structure chart of the trigger in Fig. 1;
Fig. 3 is the server architecture figure in Fig. 1;
Fig. 4 is authentication communication device structure chart in Fig. 1;
Fig. 5 is a kind of method flow diagram realizing authentication information and set up in the embodiment of the present invention;
Fig. 6 is a kind of method flow diagram realizing certification of the embodiment of the present invention.
Embodiment
The embodiment of the present invention a kind of realize identity information set up and the system of certification as shown in 1, comprise associated apparatus 11, associated apparatus 12, trigger 13, trigger 14, server 15, advanced server 16, authentication communication device 17, service unit 18 and service object 19.Wherein server 15 is communicated with associated apparatus 11 by trigger 13, realizes associated apparatus 11 and triggers the foundation of authentication information and export key.Server 15 is communicated with associated apparatus 12 by trigger 14, and be associated the communication port of device 12 to server 15.Server 15 is by communicating with authentication communication device 16, and communication for service device communicates with service unit, the certification passage setting up from service unit to 18 servers 15.
The structure of the trigger in Fig. 1 as shown in Figure 2, comprises trigger interface 21, triggers application unit 22 and communication unit 23.Wherein trigger interface 21 communicates with associated apparatus 11 or 12, sets up and server transmission channel; By this communication port, obtain the user profile at associated apparatus place 11 or 12, catch triggering signal, be transferred to and trigger application unit 22; Trigger application unit, for user profile, triggering signal, system information that comprehensive trigger interface 21 transmits, trigger application signal by setting generate rule.Triggering signal is the signal characterizing associated apparatus operating state, comprises the signal of telecommunication, light signal, pulse signal, acoustic signals etc.; Communication unit 23 and server set up communication port, and by this passage, trigger is uploaded and triggered application, accepts the key that server returns, and pass to communication interface 21 and output to associated apparatus 11 or 12.
The structure of the server in Fig. 1 as shown in Figure 3, comprises association communication unit 31, processing unit 32, memory cell 33, communication unit 34, authentication ' unit 35, authentication communication unit 36.Wherein associate communication unit 31 to be connected with processing unit 32, formation trigger, communication port between associated apparatus and server; Processing unit 32, for comprehensively triggering the user profile of application, trigger, system information and other information, generate key and corresponding authority information according to preset rules, be connected with memory cell 33, transmission key and corresponding authority information are saved in memory cell 33 and preserve; Memory cell 33, is connected with communication unit 16, and the key produced for specimens preserving unit 32 and authority information, upload key to advanced server 16, for authentication ' unit 16 provides key and authority information inquiry.Communication unit 16, communicates with advanced server, forms the communication port of server and advanced server, uploads local key and authority information, uploads the authentication application of authentication ' unit 35 and receives authentication result and the authority information of advanced server 16.Authentication ' unit 35, for confirming the legitimacy of applying for, being connected with communication unit 16, when needs are to advanced server 16 certification, authentication application being delivered to advanced server 16; Authentication communication unit 36, is connected with authentication ' unit 35, sets up the certification passage between server and service unit.
Authentication communication device in Fig. 1 as shown in Figure 4, comprises authentication interface 41 and communication unit 42.Wherein authentication interface 41 communicates with service unit 18, and the authentication application that reception service unit 18 transmits also is delivered to communication unit 42, the authentication result that receiving communication unit 42 returns is sent to service unit 18; Communication unit, communicates with server 15, sets up the communication port between authentication communication device and server, uploads authentication application and return authentication result.
Set up and the authentication communication device structure chart shown in server architecture figure and Fig. 4 shown in trigger structure figure, the Fig. 3 shown in the system construction drawing of certification, Fig. 2 when adopting the authentication information that realizes as shown in Figure 1, a kind of authentication information method for building up in the embodiment of the present invention as shown in Figure 5, suppose in the present embodiment that associated apparatus 11 reaches set condition in the working of oneself, trigger 13 sends after receiving triggering signal and triggers application to server 15, and server 15 is set up identity information and returned associated apparatus 11.First, user profile, trigger information and other relevant informations that trigger comprehensively obtains from associated apparatus generate identity information, after receiving triggering signal, set up application; Then, server 15, according to solicited message and preset rules, generates key and authority information, preserves and upload to advanced server 16; Finally, key is exported.With reference to Fig. 4, the present embodiment comprises the following steps:
Step S51, associated apparatus 11 sets up communication port with the trigger interface 21 of trigger 12, by this passage, the triggering signal of this device operating state of the reaction of associated apparatus 11 is real-time transmitted to trigger 12, when the triggering signal of associated apparatus 11 reaches prescribed situation, trigger flip-flops 12 is set up and is triggered application.
Step S52, the triggering application unit 22 of trigger 12 obtains user profile, if replace with default information without user-specific information from trigger interface 21 in real time.Triggering application unit 22 receives triggering signal and reaches triggering application status, and trigger application unit 22 comprehensive trigger 12 information, user profile, system information and other information generate to trigger and applies for being transferred to server 15 by the communication unit 23 of trigger 12.
Step S53, triggering application is transferred to processing unit 32 by the association communication unit 31 of server 15, generates key and authority information after processing unit 32 synthetic user information, trigger information, system information and other information..
Step S54, the key of memory cell 33 specimens preserving unit 33 generation of server 15 and corresponding authority information, be stored into advanced server 16 when setting and needing advanced server to store.
Step S55, server 15 exports key..
Set up and the communication for service device structure chart shown in server architecture figure and Fig. 4 shown in the system construction drawing of certification, Fig. 3 when just adopting the authentication information that realizes as shown in Figure 1, a kind of authentication information method for building up in the embodiment of the present invention as shown in Figure 6, in the present embodiment, hypothesis uses object 18 to be submitted to service unit 18 by key, and service unit 18 submits authentication application to server 15.First, receive service unit and send authentication application to server, what service unit 18 was set up by authentication communication device 17 sends authentication application information from the communication port between service unit 18 and server 15 to server; Then, confirmed key confirmation, authority by authentication ' unit, server is sent to service unit to key authentication result and corresponding authority information; Finally, according to the authentication result of server and authority information, service unit confirms that result provides corresponding authority for user.With reference to Fig. 5, the present embodiment comprises the following steps:
Step S61, the communication port between the service unit 18 that service unit 18 is set up by authentication communication device 17 and server 15 sends authentication request to server 15,
Step S62, the authentication communication unit 37 of server 15 accepts authentication request, and is delivered to authentication ' unit 36, and authentication ' unit 36 obtains service unit information, key and other information in authentication request.
Step S63, authentication ' unit 36 judges that whether key is local and produces.Produce if local, then the key comparison directly stored with memory cell 33, and the authority information of confirmation correspondence.Memory cell 33 stores corresponding secret key, then return authentication passes through, otherwise does not then pass through.
Step S64, authentication ' unit 36 is after judging the non-local generation of key, if setting needs to advanced server certification, the server 15 then set up by communication unit 34 arrives the communication port of advanced server 16, authentication application is sent to advanced server 16, if the authority information of authentication result and correspondence is delivered to authentication ' unit 35. setting and does not need advanced server certification by advanced server 16, then authentication result is not for pass through.
Step S65, the communication port between the server 15 that authentication ' unit 36 is set up by authentication communication device 17 and service unit, to service unit 17 return authentication result and authority information, comprises the result of local authentication authentication or advanced server authentication.
Step S66, service unit 17 determines whether serve for service object 17 provides and provide corresponding authority, Service Privileges comprises the types such as service time, type service, user's grade according to authentication result and authority information.
Associated apparatus in the embodiment of the present invention and service unit can be entity or the software that can realize standalone feature in reality.Associated apparatus can the functional module of integrated trigger, the functional module of service unit also accessible site communication for service device, or service device under communication protocol can directly and server communication when, also can directly and server set up authentication communication passage, thus do not need independent trigger or communication for service device can build this system.Automatically generated by authentication information and the system of certification, authentication information and authority information produce automatically when the use of associated apparatus, and user uses key Sign-On services device, and system provides certification and authority to confirm for service unit.
The above is only the preferred embodiment of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; or can make some improvement can retouch, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (18)
1. a server, is characterized in that, comprising:
Processing unit, according to the signal that preset rules and receiving element are transmitted, generates key and corresponding authority information, is stored in memory cell, and by cipher key delivery to associative cell;
Association communication unit, for communicating with trigger, sets up the communication port between trigger and server;
Authentication ' unit, for analysis authentication information, identifies key, differentiates that whether it is effective, analyzes the authority comprised;
Authentication communication unit, for the communication of communication for service device, sets up the communication port between server and service unit;
Memory cell, for the key that storage processing unit produces, is authentication ' unit query key;
Communication unit, for communicating with advanced server, sets up the communication port between server and advanced server.
2. server as claimed in claim 1, is characterized in that, described processing unit, according to the difference of trigger, user profile, system information, generates key and corresponding authority information.
3. server as claimed in claim 1, is characterized in that, whether described authentication ' unit is legal for the key differentiated user and submit to, and determines the authority information that double secret key is answered.
4. server as claimed in claim 1, is characterized in that, described authentication communication unit by communicating with communication for service device, certified transmission request application and authentication result information between server and service unit.
5. server as claimed in claim 1, is characterized in that, described memory cell is used for the key that specimens preserving unit produces, for authentication ' unit provides key to inquire about and authority information inquiry.
6. server as claimed in claim 1, is characterized in that, described communication unit is used for the communication between server and advanced server, and the key produce book server and authority information upload to advanced server; The authentication request of book server is submitted to advanced server, returns authentication result and the authority information of advanced server.
7. a device, is characterized in that, comprising:
Trigger interface, communicates with associated apparatus, the communication port be associated between device and server.
8. the triggering signal of associated apparatus and user profile are delivered to triggering application unit;
Trigger application unit, comprehensive triggering signal, user profile, system information generate to set up and trigger application;
Communication unit, is connected with server, sets up the communication port between trigger and server, and the triggering application that application unit produces is delivered to server, passes the key that server generates back.
9. device as claimed in claim 7, is characterized in that described trigger interface can detect the triggering signal of associated apparatus, is delivered to triggering application unit after prosperity.
10. a device, is characterized in that, comprising:
Authentication interface: for communicating with service unit, sets up the communication port between communication for service device and service unit, and the authentication application of reception service unit and return authentication result are to service unit;
Communication unit: for server communication, set up the communication port between communication for service device and server, the authentication application that upload service device transmits is to server, and the authentication result of delivery server is to service unit.
11. 1 kinds realize authentication information and automatically generate and the method for certification, it is characterized in that, comprising:
The triggering signal trigger flip-flops of associated apparatus sends and triggers application, and server is set up user key and corresponding authority information and exported key;
The key authentication that server is submitted to user also returns corresponding authority information;
The authority information that service unit provides according to the authentication result of server and server provides service for user.
12. realize authentication information as claimed in claim 10 generates and the method for certification automatically, it is characterized in that, the triggering signal trigger flip-flops of described associated apparatus sends and triggers application, and server sets up user key and corresponding authority information, and the step exporting key specifically comprises:
Trigger, comprehensively from user profile, trigger information system information that associated apparatus obtains, sends application receiving after triggering signal reaches set condition;
Server, according to solicited message and preset rules, generates key and corresponding authority information, preserves, uploads to advanced server;
Server exports key.
13. methods as claimed in claim 11, is characterized in that, the key authentication that described server is submitted to user the step returning corresponding authority information specifically comprise:
Receive service unit and send authentication application to server;
Result is sent to service unit to key authentication, authority after confirming by server;
According to the authentication result of server and authority information, service unit confirms that result provides authority for user.
14. methods as described in claim 10,11,12, is characterized in that, if the non-book server of key that user submits to produces, server submits authentication application to advanced server, by advanced server certification.
15. methods as described in claim 10,12,13, it is characterized in that, described server comprises key authentication step:
Judge whether key is that book server produces;
Book server produce key directly to its certification, return authentication result;
The key that non-book server produces is by advanced server return authentication result.
16. 1 kinds realize authentication information and set up and the system of certification, it is characterized in that, comprising:
Server, for receive trigger application after generate key and corresponding authority information, and store, upload to advanced server, certification is carried out to the authentication request information of service unit;
Advanced server, for server communication, the key that storage server produces and corresponding authority information, the authentication application submitted to for server carries out certification and confirms authority, returns results.
17. systems as claimed in claim 16, do not have and server communication ability at associated apparatus or service unit itself described in it is characterized in that, can not by trigger function module integration to associated apparatus, authentication communication device functional module is integrated into service unit, and this system also comprises:
Trigger, for extracting user profile and receiving associated apparatus triggering signal from associated apparatus, reaches the backward server that imposes a condition and sends identity information and set up solicited message;
Authentication communication device, is connected with service unit also and server communication, sets up the communication port between service unit and server.
18. devices as described in claim 7,8,10,11,17, is characterized in that described triggering signal is the signal characterizing associated apparatus operating state, comprise the signal of telecommunication, light signal, pulse signal, acoustic signals.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410144786.4A CN104980277A (en) | 2014-04-12 | 2014-04-12 | System, device and method for generating and authenticating authentication information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410144786.4A CN104980277A (en) | 2014-04-12 | 2014-04-12 | System, device and method for generating and authenticating authentication information |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104980277A true CN104980277A (en) | 2015-10-14 |
Family
ID=54276410
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410144786.4A Pending CN104980277A (en) | 2014-04-12 | 2014-04-12 | System, device and method for generating and authenticating authentication information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104980277A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112287307A (en) * | 2019-07-24 | 2021-01-29 | 柯尼卡美能达株式会社 | Authentication system, support server, and recording medium |
-
2014
- 2014-04-12 CN CN201410144786.4A patent/CN104980277A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112287307A (en) * | 2019-07-24 | 2021-01-29 | 柯尼卡美能达株式会社 | Authentication system, support server, and recording medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106357649B (en) | User identity authentication system and method | |
| CN106330442B (en) | Identity authentication method, device and system | |
| CN104901928A (en) | Data interaction method, device and system | |
| CN102752269B (en) | Based on the method for the authentication of cloud computing, system and cloud server | |
| US20130067544A1 (en) | System for authentication management of a sensor node having a subscription processing function, and a method for operating the system | |
| CN107124433A (en) | Internet of things system, internet of things equipment access method, access authorization methods and equipment | |
| CN111882704B (en) | Control method of intelligent door lock system and intelligent door lock management system | |
| CN105099985A (en) | Login method and device of multiple applications | |
| CN104247485B (en) | Network application function authorization in Generic Bootstrapping Architecture | |
| CN104852913A (en) | Dynamic password electronic coded lock | |
| CN101626316B (en) | Method, apparatus and system for confirming attribution of account numbers | |
| CN104702562A (en) | Terminal fusion service access method, terminal fusion service access system, and terminal | |
| FR3028979A1 (en) | METHOD FOR CONTROLLING ACCESS TO A SYSTEM FOR PRODUCING A COMPUTER SYSTEM NOT CONNECTED WITH AN INFORMATION SYSTEM OF THE COMPUTER SYSTEM | |
| CN109981312A (en) | Smart machine configuration method, apparatus and system | |
| CN104125230A (en) | Short message authentication service system and authentication method | |
| CN109962781B (en) | Digital certificate distributing device | |
| WO2014180431A1 (en) | Network management security authentication method, device and system, and computer storage medium | |
| CN101005678A (en) | Method for revising terminal configuration, network side management unit, terminal and system | |
| CN107211265A (en) | The safety interacting method and device of a kind of terminal room | |
| CN107888376B (en) | NFC authentication system based on quantum communication network | |
| CN105656854B (en) | A kind of method, equipment and system for verifying Wireless LAN user sources | |
| CN110635894A (en) | Quantum key output method and system based on frame protocol format | |
| CN105187417A (en) | Authority obtaining method and device | |
| CN102404114A (en) | Monitoring method and system both for Web service | |
| CN103425101A (en) | Intelligent control system and method for internet of things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20151014 |