CN105022939B - Information Authentication method and device - Google Patents

Information Authentication method and device Download PDF

Info

Publication number
CN105022939B
CN105022939B CN201410173229.5A CN201410173229A CN105022939B CN 105022939 B CN105022939 B CN 105022939B CN 201410173229 A CN201410173229 A CN 201410173229A CN 105022939 B CN105022939 B CN 105022939B
Authority
CN
China
Prior art keywords
access
account
information
attribute information
historical data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410173229.5A
Other languages
Chinese (zh)
Other versions
CN105022939A (en
Inventor
刘金星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Tencent Cloud Computing Beijing Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201410173229.5A priority Critical patent/CN105022939B/en
Publication of CN105022939A publication Critical patent/CN105022939A/en
Application granted granted Critical
Publication of CN105022939B publication Critical patent/CN105022939B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention discloses a kind of Information Authentication method and device, the method for the different access account corresponding informance that the embodiment of the present invention possesses same application based on intermediate account using same natural person user, with the advantageous effect for intelligently reading master's information by intermediate account, the attribute information between the different access account that server can use same natural person user to be registered based on same application is achieved the purpose that;Server is eliminated to same user based on the small size cumbersome verification process for accessing the add-on security authentication policy executed required for same application with main number binding, save the processing time of server, the performance loss for reducing server, improves man-machine interactivity.

Description

Information Authentication method and device
Technical field
The present invention relates to internet arena more particularly to a kind of Information Authentication method and devices.
Background technology
As internet is universal in people work and live, it is generally the case that correspond to same application such as client Social software, game application, webpage version application program (such as webpage version is played) are held, a user may possess multiple simultaneously Access account number;But these access the corresponding attribute information of account in server-side and any association are not present, therefore, even same User, using different access accounts when accessing to above application program, the security strategy of enjoyment is also different, is unfavorable for Human-computer interaction;And for user side, also seriously affect user experience.
Such as some game, a user is in addition to registering a main extra, it is also possible to can apply for that multiple game are small Number be used for do task, brush copy etc..Due to independently from each other between these accounts, so while these accounts belong to the same use Family, but still the corresponding attribute information of each account institute that the user is possessed can not be shared, therefore trumpet can not be enjoyed With main number same security strategy treatment;For example, when user is based on small size login game application, for security consideration, clothes Whether the cumbersome proving program for providing the verification of the add-on securities such as identifying code is legal step on come the trumpet for verifying user's login by business device Land, to be unfavorable for human-computer interaction.
Invention content
In view of the foregoing, it is necessary to a kind of Information Authentication method and device is provided, with settlement server to same nature The problem that the attribute information for the different access account that people user is registered based on same application cannot be shared.
The embodiment of the invention discloses a kind of Information Authentication methods, include the following steps:
It receives user terminal and accesses a triggering command applied based on account is accessed, search and accessed based on the access account Historical data corresponding to the application;
According to the historical data of lookup, identify that the access account does not meet default access rule, then searching is The no intermediate account existed with the access account mapping;
If in the presence of the intermediate account with the access account mapping, lookup association account associated with the intermediate account Number, and obtain the corresponding relating attribute information of the associated account number;
It sets the relating attribute information to the corresponding access attribute information of the access account, and the association is belonged to Property the corresponding secure access strategy setting of information be to verify the accesss account to access secure access plan used by the application Slightly;
Based on the legitimacy for having secure access to access account described in policy validation described in the access attribute use of information.
A kind of Information Authentication device is also disclosed in the embodiment of the present invention, including:
Data obtaining module is used for:
It receives user terminal and accesses a triggering command applied based on account is accessed, search and accessed based on the access account Historical data corresponding to the application;According to the historical data of lookup, it is default to identify that the access account is not met Access rule then searches whether the intermediate account for having with the access account mapping;If being mapped in the presence of with the access account Intermediate account, then search associated account number associated with the intermediate account, and obtain the corresponding association of the associated account number Attribute information;
Information sharing module, is used for:
It sets the relating attribute information to the corresponding access attribute information of the access account, and the association is belonged to Property the corresponding secure access strategy setting of information be to verify the accesss account to access secure access plan used by the application Slightly;
Information authentication module is accessed for being based on having secure access to described in the access attribute use of information described in policy validation The legitimacy of account.
The different access that the embodiment of the present invention possesses same application based on intermediate account using same natural person user The method of account corresponding informance has the advantageous effect for intelligently reading master's information by intermediate account, has reached server energy Enough use the purpose of the attribute information between the different access account registered based on same application of same natural person user;It eliminates Server accesses the add-on security authentication policy executed required for same application to same user based on the trumpet with main number binding Cumbersome verification process, save the processing time of server, reduce the performance loss of server, improve it is man-machine can Interactivity.
Description of the drawings
Fig. 1 is one embodiment running environment schematic diagram of Information Authentication method and device of the present invention;
Fig. 2 is Information Authentication method first embodiment flow diagram of the present invention;
Fig. 3 is that it is default to identify that access account is not met according to the historical data of lookup in Information Authentication method of the present invention One embodiment flow diagram of access rule;
Fig. 4 is Information Authentication method second embodiment flow diagram of the present invention;
Fig. 5 is Information Authentication method 3rd embodiment flow diagram of the present invention;
Fig. 6 is that account and intermediate one embodiment schematic diagram of account correspondence are accessed in Information Authentication method of the present invention;
Fig. 7 is Information Authentication device first embodiment high-level schematic functional block diagram of the present invention;
Fig. 8 is Information Authentication device second embodiment high-level schematic functional block diagram of the present invention;
Fig. 9 is Information Authentication device 3rd embodiment high-level schematic functional block diagram of the present invention;
Figure 10 is one embodiment hardware structure schematic diagram of Information Authentication device of the present invention.
Realization, functional characteristics and the advantage of purpose of the embodiment of the present invention will be done furtherly with reference to attached drawing in conjunction with the embodiments It is bright.
Specific implementation mode
The technical solution further illustrated the present invention below in conjunction with Figure of description and specific embodiment.It should be appreciated that this The described specific embodiment in place is only used to explain the present invention, is not intended to limit the present invention.
In following embodiments of Information Authentication method and device of the present invention, the intermediate account can be understood as unique mark The account of one natural person user, and using the intermediate account as related information, it is associated with above-mentioned same natural person's user's registration Access different access account used in same application;I.e. by the intermediate account, the access of same natural person's user's registration is same One can share corresponding access attribute information and be taken when accessing the application program using used all access accounts It is engaged in having secure access to strategy used by device.Wherein, the same application includes same application and same webpage, such as identical Instant messaging application program, identical game application program and same webpage, subsequent embodiment will not be described in great detail.
As shown in Figure 1, terminal 100 and terminal 200 are based on internet carries out data interaction with server 300;For example, user Methyl accesses server 300 in terminal 100, and an access account is had registered on the user interface that server 300 provides Number A, and pass through 200 frequent access application X of terminal 100 or terminal using the access account A as main number;Server 300 is remembered The historical operation that record accesses account A access applications X records and stores corresponding historical data, while server 300 is to visit It asks that account A establishes corresponding intermediate account a, and stores the mapping relations accessed between account A and intermediate account a, then work as user Methyl is when terminal 100 or 200 new registration of terminal one access account B, access account that server 300 is registered based on user's first Number corresponding access attribute information of B identifies that the access account B belongs to the corresponding access account of same natural person with account A is accessed Number, then server 300 establishes the mapping relations of the access account B and intermediate account a;When server 300 detect terminal 100 or Person's terminal 200 be based on accessing account B for the first time access application X when, server 300 find access account B exist it is intermediate Account a, and the intermediate account a is associated with account A is accessed, then server 300, which obtains, accesses the corresponding access attribute letters of account A Breath, and to access the access attribute information that account B uses access account A, and using the secure access of authentication-access account A Policy validation accesses the register of account B access applications X, and is no longer directed to and accesses account B and issue cumbersome additional test Card program such as issues the legitimacy of the access operation of identifying code authentication-access account B access applications X, has saved server 300 data processing resources improve the convenience of Information Authentication while assuring data security, also improve man-machine Interactivity;For user side, the user experience is improved.
An embodiment of the present invention provides a kind of Information Authentication method first embodiments, as shown in Fig. 2, Information Authentication of the present invention Method includes:
Step S01, it receives user terminal and accesses a triggering command applied based on account is accessed, search and be based on the access Account accesses the historical data corresponding to the application;
When server receives user terminal based on the triggering command for accessing the one of application of account access, server The above-mentioned triggering command that user terminal is sent is responded, searches and the corresponding historical data of above application is accessed based on the access account, For example corresponding IP address when based on the access account the last time accessing the application, the last to access the application lasting Access that duration, (such as within one week or within one month) accesses the total degree of the application and every in the first preset duration The historical datas such as secondary corresponding access duration and access IP address.
For example, server, which receives user terminal, is based on login account such as QQ number and QQ password logins QQ this instant messaging When application program, the whois lookup user terminal is based on above-mentioned QQ number code and logs in corresponding history access record when QQ, obtains Performed action event after operation duration, the login when QQ number code corresponding last login QQ after login time, login is stepped on The historical datas such as corresponding IP address and MAC Address when record.
Step S02, according to the historical data of lookup, identify that the access account does not meet default access rule, Then search whether the intermediate account for having with the access account mapping;
Server accesses the corresponding historical data of above application according to the access account found, identifies the access account Whether default access rule is met;For example identify whether the access account is to access the application or the access account for the first time to be It is no for very with area access the application or the access account whether in third preset duration (such as in 10 minutes) base It repeatedly attempts to access above application etc. in different IP address.Identifying that above-mentioned access account do not meet default access rule When, for example, above-mentioned access account be access the application for the first time or the access account be very accessing the application with area, or Person's account was repeatedly attempted to access above application etc. based on different IP address in 10 minutes, then in whois lookup database Whether the intermediate account that with the access account maps is stored.
In the present embodiment, the intermediate account can be understood as the access account and access account phase with other in same application Associated related information;By the corresponding intermediate account of the access account, other mapped with the intermediate account can be found Other associated with the access account access account.
In one preferred embodiment of the embodiment of the present invention, server identifies described according to the historical data of lookup It accesses account and does not meet default access rule, including:
Server is obtained user terminal and is accessed corresponding to the triggering command of above application program based on the access account IP address and/or MAC Address;In the access account of acquisition accesses the corresponding historical data of above application program, in lookup It states IP address and/or MAC Address whether there is;If server can not find this in the historical data and access in account access IP address and/or MAC Address used in application program are stated, then identifies that the access account does not meet default access rule.
If step S03, being searched associated with the intermediate account in the presence of the intermediate account with the access account mapping Associated account number, and obtain the corresponding relating attribute information of the associated account number;
Whois lookup to the access account exist map with the access account intermediate account when, whois lookup and Other access accounts that can equally access the application program of the intermediate account relating, the i.e. intermediate associated association of account Account;When intermediate account has associated account number associated with account among this, server obtains above-mentioned each associated account number pair The relating attribute information answered;Wherein, the corresponding relating attribute information of associated account number is it can be appreciated that above-mentioned associated account number corresponds to Access attribute information.
Whois lookup to the access account exist mapped with the account intermediate account when, but do not find in this Between account relating associated account number when, also just says, in server, with the access account map intermediate account only with this A access account establishes mapping relations, then server directly acquires the corresponding access attribute information of the intermediate account.
Step S04, it is the corresponding access attribute information of the access account by the relating attribute information sharing, and by institute It is to be visited safely used by the access account accesses the application to state the corresponding secure access Policies sharing of relating attribute information Ask strategy;
Step S05, based on the conjunction for having secure access to access account described in policy validation described in the access attribute use of information Method.
Server sets the relating attribute information of the corresponding associated account number of above-mentioned intermediate account of acquisition to the access account Number corresponding access attribute information, meanwhile, it is to verify the visit by the corresponding secure access strategy setting of above-mentioned relating attribute information Ask that account accesses secure access strategy used by above application, and based on shared above-mentioned access attribute information, utilization is above-mentioned Shared secure access strategy, verifies the legitimacy that above-mentioned access account accesses above application, and add-on security is used to save Authentication policy such as issues identifying code, control user terminal provides the additional safety verification strategy such as other additional verification informations To verify the legitimacy that the access account accesses above application.
When the embodiment of the present invention receives user based on the triggering command for accessing one application of account access, the access account is searched Number access the corresponding historical data of above application program;Based on above-mentioned historical data, it is pre- to identify that the access account is not met If access rule, and find in the presence of the intermediate account with the access account mapping, and by related to the intermediate account The associated account number of connection obtains the corresponding relating attribute information of above-mentioned associated account number;The relating attribute information is set as described The corresponding access attribute information of account is accessed, and is verification institute by the corresponding secure access strategy setting of the relating attribute information State secure access strategy used by accessing the account access application;Based on being visited safely described in the access attribute use of information Ask the legitimacy that account is accessed described in policy validation;In compared to the prior art, though same natural person user using main number and When small size common access same application, server still verifies above-mentioned access to above-mentioned trumpet using additional safety verification strategy The legitimacy of this access of account, the embodiment of the present invention have the advantageous effect that master's information is intelligently read by intermediate account, The attribute reached between the different access account that server can use same natural person user to be registered based on same application is believed The purpose of breath;It is attached based on being executed required for the small size access same application bound with main number to same user to eliminate server Add the cumbersome verification process of safety verification strategy.
The embodiment of the present invention also provides in a kind of Information Authentication method and identifies access account according to the historical data of lookup One embodiment of default access rule is not met;The present embodiment be in embodiment described in Fig. 2 step " S02, according to the institute of lookup State historical data, identify it is described access account do not meet default access rule " carry out further describe.
Based on the description of embodiment described in Fig. 2, as shown in figure 3, according to the history of lookup in Information Authentication method of the present invention Data identify that accessing account does not meet default access rule, including:
Step S11, it according to the historical data, searches and is based on answering described in access account access in the first preset duration Access times;
Step S12, identify whether the access times are less than first threshold;If so, thening follow the steps S13;If it is not, then holding Row step S14;
Step S13, identify that the access account does not meet default access rule;
Server accesses the corresponding historical data of above application according to the access account found, searches pre- first If (such as in one month or in one week) accesses the total access times of the application, identification based on above-mentioned access account in duration Whether above-mentioned access times are less than first threshold;In the present embodiment, the first threshold can be above-mentioned according to accessing by server The access frequency determination of the different access account of application, or by server according to the corresponding each access account of access above application The corresponding history access record of legitimate verification either historical data determine or by server according to technical staff in user The setting instruction of side triggering obtains above-mentioned first threshold;The present embodiment does not limit the acquisition modes and concrete numerical value of first threshold It is fixed.
Server is identified in the first preset duration and is accessed based on the access account according to the historical data of acquisition It is described that the corresponding access times is applied to be less than first threshold, then identify that above-mentioned access account does not meet default access and advises Then.
Step S14, the corresponding each access duration of the access times is obtained, it is more than second that identification, which accesses duration, Whether the quantity of preset duration is less than second threshold;
When the quantity that the access duration is more than the second preset duration is less than second threshold, executes step S13, identifies The access account does not meet default access rule;
When the quantity that the access duration is more than the second preset duration is greater than or equal to the second threshold, step is executed S15;
Step S15, identify that the access account meets default access rule.
In server according to the historical data of acquisition, identifies in the first preset duration and visited based on the access account When asking that the corresponding access times of the application are greater than or equal to first threshold, it is right respectively that server obtains above-mentioned access times That answers accesses the access duration of the application every time, obtains and accesses whether the quantity that duration is more than the second preset duration is less than the second threshold Value;The validation testing of second preset duration and second threshold is similar to the mode of first threshold is confirmed, described second is default Duration and second threshold can determine by server according to the access frequency for the different access account for accessing above application, Huo Zheyou Server is according to the corresponding history access record of legitimate verification or history for accessing the corresponding each access account of above application Data determine, or setting instruction trigger in user side according to technical staff by server obtain above-mentioned second preset duration with Second threshold;The second preset duration of the present embodiment pair and the acquisition modes and concrete numerical value of second threshold do not limit.
For example, the corresponding each access durations of above-mentioned access times N that server obtains are respectively M1~Mn, then service Device identifies that N number of access duration M1~Mn is more than whether the quantity Nx of the second preset duration M0 is less than second threshold N0, in the visit When asking that duration M1~Mn is more than that the quantity Nx of the second preset duration M0 is less than second threshold N0, server identifies the access account Number default access rule is not met;It is greater than or equal in the quantity Nx that the access duration M1~Mn is more than the second preset duration M0 When second threshold N0, server identifies that the access account meets default access rule.
The embodiment of the present invention identifies the access that the application is accessed based on the access account according to the historical data of acquisition Frequency and the corresponding access duration of the application program is accessed every time to identify that the access account does not meet default access rule Mode improves the convenience of server identification.
The embodiment of the present invention additionally provides a kind of Information Authentication method second embodiment;Described in the embodiment of the present invention and Fig. 2 The difference of embodiment is, when identifying that corresponding intermediate account is not present in the access account, is created in one for the access account Between account.
Based on the description of embodiment described in Fig. 2 and Fig. 3, as shown in figure 4, Information Authentication method of the present invention is " step S02, According to the historical data of lookup, identify that the access account does not meet default access rule, then search whether exist with It is described access account mapping intermediate account, further include later:
If the intermediate account with the access account mapping step S20, is not present, create unique with the access account The intermediate account of mapping, and the intermediate account shares the corresponding access attribute information of the access account.
Server identifies that the access account does not meet default access rule and searches and does not deposit according to the historical data of lookup In the intermediate account mapped with the access account, server is according to the corresponding access attribute information creating of the access account one The intermediate account uniquely mapped with the access account, and the intermediate account can share the corresponding access attribute letter of the access account Breath, that is to say, that after the access account and the intermediate account are bound, by the intermediate account, server can get and The corresponding access attribute information of all access accounts of the intermediate account binding and respectively access account are corresponding to access this using institute The historical data of generation.
After server is that above-mentioned access account creates an intermediate account, if server subsequently identify in the presence of with it is above-mentioned When related other of access account A access account B, according to the incidence relation for accessing account B and above-mentioned access account A, service Device can also bind above-mentioned access account B with the corresponding intermediate accounts of account A are accessed, and server can be shared and have In the corresponding access attribute information of each access account of identical intermediate account and the corresponding secure access strategy of each access account etc. It states and accesses the corresponding relevant information of account.
The embodiment of the present invention is that there is no the access accounts of intermediate account to create corresponding intermediate account, and it is total to improve information That enjoys is intelligent.
The embodiment of the present invention additionally provides Information Authentication method 3rd embodiment;The present embodiment and embodiment described in Fig. 4 Difference is that server is to access account to be pre-created corresponding intermediate account.
Based on the description of embodiment described in Fig. 2, Fig. 3 and Fig. 4, as shown in figure 5, Information Authentication method of the present invention is in " step S01, the triggering command that user terminal accesses an application based on access account is received, searched based on described in access account access Using corresponding historical data " further include before:
Step S10, it establishes described using corresponding each mapping relations for accessing account and intermediate account;
In the present embodiment, server establishes each visit according to the corresponding each incidence relation accessed between account of same application Ask the mapping relations of account and intermediate account and storage;Wherein, the above-mentioned access account and corresponding intermediate account that server is established When mapping relations between number, one accesses account uniquely corresponding one intermediate account, but intermediate account can correspond to one or Multiple access accounts are associated as shown in fig. 6, respectively accessing account by intermediate account;And server accesses account in verification one Number legitimacy when, can share intermediate account mapped identical with the access account respectively access account institute it is corresponding Access attribute information, secure access strategy and corresponding historical data.
In a preferred embodiment, server is established described using corresponding each access account and intermediate account Mapping relations may be used such as under type:
Server obtains the corresponding all access accounts of the application and the corresponding access attribute information of each access account, and It obtains user and is based on the corresponding historical data of each access account access application;According to the access attribute information of acquisition and Historical data calculates each relating value accessed between account;The access account for being more than default correlation threshold for the relating value is built Found same intermediate account;Wherein, the corresponding visit of the access account is shared between the identical each access account of the intermediate account Ask attribute information and the corresponding secure access strategy of the access attribute information.
For example, server obtains a certain corresponding all login accounts of network game software-network game A and each login account Corresponding access attribute information, such as user's pet name, phone number or email address, age of user with the binding of network game account Equal access attributes information;Based on above-mentioned login account, obtains user and be based on the corresponding history of the above-mentioned network game A of each login account login Data, such as common entry address, common login IP address, login time section, log duration etc.;According to the above-mentioned access of acquisition Attribute information and historical data, server calculate the relating value between each access account;For example, common entry address whether phase With, it is common log in IP address it is whether identical, it is common log in whether MAC Address identical, whether login time section consistent etc., and more than Information is stated as relevant parameter, and is that above-mentioned each relevant parameter assigns centainly respectively according to the significance level of each relevant parameter Weighted value the corresponding association of above-mentioned login account is calculated according to above-mentioned relevant parameter and the corresponding weighted value of each relevant parameter Value;The login account for being more than a default correlation threshold for the relating value establishes same intermediate account;And possess identical intermediate account Number each access account between, the shared access attribute information to correspond to each other and corresponding secure access are tactful.
In an alternative embodiment of the invention, server, which is established, described reflects using corresponding each account that accesses with centre account Relationship is penetrated, it can also be in the following way:
Server obtains the corresponding each access account of the application and the corresponding unique mark one of the access account certainly The characteristic identity information of right people user;Same intermediate account is established for the identical access account of the characteristic identity information; The corresponding access attribute information of access account and the visit are shared between the identical each access account of the intermediate account Ask attribute information corresponding secure access strategy.For example, server obtains the corresponding each access account of above application and each visit It asks the characteristic identity identity information of account one natural person user of corresponding unique mark, for example for Chinese user, obtains The ID card No. bound when above-mentioned user's registration access account is taken, then server creates the identical access account of ID card No. Build same intermediate account;Alternatively, server, which obtains one logged in for the first time, accesses the corresponding ID card No. first of account a, then service Device lookup had logged in the corresponding ID card No. of the corresponding each access account of above application, recognized whether and above-mentioned identity Demonstrate,prove the identical intermediate account of number first or identical access account b and the corresponding intermediate accounts of access account b;If in the presence of, Then server directly binds above-mentioned access account a and corresponding intermediate account, establishes and accesses account a and above-mentioned intermediate account Mapping relations.
Server of the embodiment of the present invention establishes the corresponding each mapping relations for accessing account and intermediate account of same application Subsequent server shares the corresponding information of identical access account and provides important evidence, saves the processing time of server, The performance loss for reducing server, improves man-machine interactivity;For user side, due to being not in cumbersome attached Add safety verification program, therefore in verification processing program, improves user experience.
The embodiment of the present invention additionally provides Information Authentication device first embodiment;As shown in fig. 7, Information Authentication dress of the present invention Set including:Data obtaining module 01, information sharing module 02 and information authentication module 03.
Data obtaining module 01, is used for:It receives user terminal and accesses a triggering command applied based on account is accessed, search The historical data corresponding to the application is accessed based on the access account;According to the historical data of lookup, institute is identified It states access account and does not meet default access rule, then search whether the intermediate account existed and the access account maps;If depositing In the intermediate account with the access account mapping, then lookup associated account number associated with the intermediate account, and obtain institute State the corresponding relating attribute information of associated account number;
When the data obtaining module 01 of server receives user terminal one of application is accessed based on account is accessed When triggering command, data obtaining module 01 responds the above-mentioned triggering command that user terminal is sent, and searches and is visited based on the access account Ask above application corresponding historical data, for example, based on the access account the last time access corresponding IP address when the application, The last time access this application lasting access duration, in the first preset duration (such as within one week or one month it It is interior) access the total degree and corresponding accesss duration and the access historical datas such as IP address every time of the application.
For example, data obtaining module 01 receive user terminal be based on login account such as QQ number and QQ password logins QQ this When instant messaging application program, data obtaining module 01 searches the user terminal and is based on corresponding when above-mentioned QQ number code logs in QQ go through History accesses record, is held after the operation duration, login when obtaining the QQ number code corresponding last login QQ after login time, login Capable action event, the historical datas such as corresponding IP address and MAC Address when logging in.
Data obtaining module 01 accesses the corresponding historical data of above application according to the access account found, and identification should Access whether account meets default access rule;For example identify whether the access account is to access the application or the visit for the first time Ask whether account is very to access the application or the access account whether (such as 10 in third preset duration with area In minute) it repeatedly attempts to access above application etc. based on different IP address.Identifying that it is default that above-mentioned access account is not met When access rule, for example above-mentioned access account is to access the application for the first time or the access account is to be accessed with area very much The application or the account were repeatedly attempted to access above application etc. based on different IP address in 10 minutes, then acquisition of information Whether the intermediate account that with the access account maps is stored in 01 searching data library of module.
In the present embodiment, the intermediate account can be understood as the access account and access account phase with other in same application Associated related information;By the corresponding intermediate account of the access account, other mapped with the intermediate account can be found Other associated with the access account access account.
In one preferred embodiment of the embodiment of the present invention, data obtaining module 01 is known according to the historical data of lookup Do not go out the access account and does not meet default access rule, including:
Data obtaining module 01 obtains the triggering command that user terminal accesses above application program based on the access account Corresponding IP address and/or MAC Address;The corresponding historical data of above application program is accessed in the access account of acquisition In, it searches above-mentioned IP address and/or MAC Address whether there is;If data obtaining module 01 can not find in the historical data This accesses account and accesses IP address and/or MAC Address used in above application program, then identifies that the access account is not inconsistent It closes and presets access rule.
When data obtaining module 01 finds the access account and there is the intermediate account mapped with the access account, information Acquisition module 01 searches other access accounts that can equally access the application program with the intermediate account relating, i.e., among this The associated associated account number of account;When there is associated account number associated with account among this in intermediate account, acquisition of information mould Block 01 obtains the corresponding relating attribute information of above-mentioned each associated account number;Wherein, the corresponding relating attribute information of associated account number also may be used Access attribute information is corresponded to be interpreted as above-mentioned associated account number.
When data obtaining module 01 finds the access account and there is the intermediate account mapped with the account, but do not search When to associated account number with the intermediate account relating, also just says, in server, the intermediate account that is mapped with the access account Mapping relations only are established with this access account, then data obtaining module 01 directly acquires the corresponding access of the intermediate account Attribute information.
Information sharing module 02, is used for:The relating attribute information is set to the corresponding access of the access account to belong to Property information, and be to verify to answer described in accesss account access by the corresponding secure access strategy setting of the relating attribute information With used secure access strategy;
Information authentication module 03, is used for:Described in secure access policy validation described in the access attribute use of information Access the legitimacy of account.
Information sharing module 02 sets the relating attribute information of the corresponding associated account number of above-mentioned intermediate account of acquisition to The corresponding access attribute information of the access account, meanwhile, it is by the corresponding secure access strategy setting of above-mentioned relating attribute information It verifies the access account and accesses secure access strategy used by above application;Information authentication module 03 is based on shared above-mentioned visit It asks attribute information, using above-mentioned shared secure access strategy, verifies the legitimacy that above-mentioned access account accesses above application, from And save using add-on security authentication policy such as issue identifying code, control user terminal other additional verification informations etc. are provided Additional safety verification strategy come verify the access account access above application legitimacy.
When the embodiment of the present invention receives user based on the triggering command for accessing one application of account access, the access account is searched Number access the corresponding historical data of above application program;Based on above-mentioned historical data, it is pre- to identify that the access account is not met If access rule, and find in the presence of the intermediate account with the access account mapping, and by related to the intermediate account The associated account number of connection obtains the corresponding relating attribute information of above-mentioned associated account number;It is described by the relating attribute information sharing The corresponding access attribute information of account is accessed, and is verification institute by the corresponding secure access Policies sharing of the relating attribute information State secure access strategy used by accessing the account access application;In compared to the prior art, even if same natural person uses Family is using main number and small size common when accessing same application, server still to it is above-mentioned it is small size using additional safety verification strategy come The legitimacy of this access of above-mentioned access account is verified, the embodiment of the present invention, which has, passes through intermediate account intelligent sharing master's information Advantageous effect, reached server can share different access account that same natural person user is registered based on same application it Between attribute information purpose;Server is eliminated to access needed for same application same user based on the trumpet with main number binding The cumbersome verification process for the add-on security authentication policy to be executed.
Please continue to refer to Fig. 7, in Information Authentication device of the embodiment of the present invention, described information acquisition module 01 is according to lookup Historical data identifies that accessing account does not meet default access rule, can also be accomplished by the following way:
Data obtaining module 01 accesses the corresponding historical data of above application according to the access account found, searches (such as in one month or in one week) accesses the total access of the application based on above-mentioned access account in the first preset duration Number, identifies whether above-mentioned access times are less than first threshold;In the present embodiment, the first threshold can by server according to The access frequency determination of the different access account of above application is accessed, or corresponding each according to above application is accessed by server Either historical data determines or by server according to technology people the corresponding history access record of legitimate verification of access account Member obtains above-mentioned first threshold in the setting instruction of user side triggering;Acquisition modes and specific number of the present embodiment to first threshold Value does not limit.
Data obtaining module 01 identifies according to the historical data of acquisition and is based on the access in the first preset duration Account accesses the corresponding access times of the application and is less than first threshold, then it is pre- to identify that above-mentioned access account is not met If access rule.
In data obtaining module 01 according to the historical data of acquisition, identifies and be based on the visit in the first preset duration When asking that account accesses the corresponding access times of the application more than or equal to first threshold, in the acquisition of data obtaining module 01 The corresponding access duration for accessing the application every time of access times is stated, the number for accessing that duration is more than the second preset duration is obtained Whether amount is less than second threshold;The validation testing of second preset duration and second threshold and the mode phase for confirming first threshold Seemingly, second preset duration and second threshold can be by servers according to the access for the different access account for accessing above application Frequency determines, or is visited according to the corresponding history of legitimate verification for accessing the corresponding each access account of above application by server Ask record that either historical data is determined or obtained according to the setting instruction that technical staff triggers in user side by server above-mentioned Second preset duration and second threshold;The second preset duration of the present embodiment pair and the acquisition modes and concrete numerical value of second threshold are not It limits.
For example, data obtaining module 01 obtain the corresponding each access durations of above-mentioned access times N be respectively M1~ Mn, then data obtaining module 01 identify that N number of access duration M1~Mn is more than whether the quantity Nx of the second preset duration M0 is less than the Two threshold value N0, when the quantity Nx that the access duration M1~Mn is more than the second preset duration M0 is less than second threshold N0, information Acquisition module 01 identifies that the access account does not meet default access rule;It is more than second pre- in the access duration M1~Mn If the quantity Nx of duration M0 is greater than or equal to second threshold N0, it is pre- that data obtaining module 01 identifies that the access account meets If access rule.
The embodiment of the present invention identifies the access that the application is accessed based on the access account according to the historical data of acquisition Frequency and the corresponding access duration of the application program is accessed every time to identify that the access account does not meet default access rule Mode improves the convenience of server identification.
The embodiment of the present invention also provides a kind of Information Authentication device second embodiment;The embodiment of the present invention and reality described in Fig. 7 Applying the difference of example is, server is created when identifying that corresponding intermediate account is not present in the access account for the access account One intermediate account.
Based on the description of embodiment described in Fig. 7, as shown in figure 8, Information Authentication device of the present invention further includes:
Information creation module 04, is used for:
If there is no the intermediate account with the access account mapping, create in uniquely being mapped with the access account Between account, and the intermediate account shares the corresponding access attribute information of the access account.
Data obtaining module 01 according to the historical data of lookup, identify the access account do not meet default access rule and It searches there is no when the intermediate account mapped with the access account, information creation module 04 is according to the corresponding access of access account Attribute information creates an intermediate account uniquely mapped with the access account, and the intermediate account can share the access account Corresponding access attribute information, that is to say, that after the access account and the intermediate account are bound, pass through the intermediate account, letter The corresponding access attribute information of all access accounts and each visit that breath acquisition module 01 can be got with the intermediate account is bound It asks that account is corresponding and accesses this using generated historical data.
After information creation module 04 is that above-mentioned access account creates an intermediate account, if data obtaining module 01 is follow-up When identifying in the presence of account B is accessed with related other of above-mentioned access account A, according to access account B and above-mentioned access account A Incidence relation, information creation module 04 can also tie up above-mentioned access account B with the corresponding intermediate accounts of account A are accessed It is fixed, and information sharing module 02 can share the corresponding access attribute information of each access account with identical intermediate account and respectively Access the corresponding relevant informations of above-mentioned access account such as the corresponding secure access strategy of account.
The embodiment of the present invention is that there is no the access accounts of intermediate account to create corresponding intermediate account, and it is total to improve information That enjoys is intelligent.
The embodiment of the present invention additionally provides a kind of Information Authentication device 3rd embodiment;The present embodiment is implemented with described in Fig. 8 The difference of example is that server is to access account to be pre-created corresponding intermediate account.
Description based on above example, as shown in figure 9, Information Authentication device of the present invention further includes:
Module 05 is established in mapping, is used for:
It establishes described using corresponding each mapping relations for accessing account and intermediate account;Wherein, the access account is only One corresponds to an intermediate account, and the intermediate account corresponds at least one access account.
In the present embodiment, mapping establish module 05 according to same application it is corresponding it is each access account between incidence relation, Establish the mapping relations of each access account and intermediate account and storage;Wherein, the above-mentioned access account of the foundation of module 05 is established in mapping When mapping relations number between corresponding intermediate account, one accesses account uniquely corresponding one intermediate account, but intermediate account Number can correspond to it is one or more access accounts, be associated by intermediate account as shown in fig. 6, respectively accessing account;And it services Device can share intermediate account mapped identical with the access account and respectively access when verifying the legitimacy that one accesses account The corresponding access attribute information of account institute, secure access strategy and corresponding historical data.
In a preferred embodiment, mapping establishes module 05 and establishes the corresponding each access account of the application in Between account mapping relations, may be used such as under type:
Mapping establishes module 05 and obtains the corresponding all access accounts of the application and the corresponding access category of each access account Property information, and obtain user and be based on each accesss account and access described to apply corresponding historical data;According to the access of acquisition Attribute information and historical data calculate each relating value accessed between account;It is more than default correlation threshold for the relating value It accesses account and establishes same intermediate account;Wherein, the access account is shared between the identical each access account of the intermediate account Number corresponding access attribute information and the corresponding secure access strategy of the access attribute information.
For example, module 05 is established in mapping obtains corresponding all login accounts of a certain network game software-network game A and each The corresponding access attribute information of login account, such as the phone number or email address of user's pet name and the binding of network game account, The access attributes information such as age of user;Based on above-mentioned login account, obtains user and be based on above-mentioned A pairs of the network game of each login account login The historical data answered, such as common entry address, common login IP address, login time section, log duration etc.;According to acquisition Above-mentioned access attribute information and historical data, mapping establish module 05 and calculate each relating value accessed between account;For example, common Whether entry address is identical, whether common login IP address is identical, whether common login MAC Address is identical, login time section is It is no consistent etc., and using above- mentioned information as relevant parameter, and be above-mentioned each association according to the significance level of each relevant parameter Parameter assigns certain weighted value respectively, according to above-mentioned relevant parameter and the corresponding weighted value of each relevant parameter, calculates above-mentioned step on Record the corresponding relating value of account;The login account for being more than a default correlation threshold for the relating value establishes same intermediate account; And between possessing each access account of identical intermediate account, the shared access attribute information to correspond to each other and corresponding secure access Strategy.
In an alternative embodiment of the invention, mapping establishes module 05 and establishes the corresponding each access account of the application and centre The mapping relations of account, can also be in the following way:
Mapping establishes module 05 and obtains the corresponding each access account of the application and the corresponding unique mark of the access account Show the characteristic identity information of a natural person user;For the identical access account of the characteristic identity information establish it is same in Between account;Shared between the identical each access account of the intermediate account the corresponding access attribute information of the access account and The corresponding secure access strategy of the access attribute information.For example, module 05 is established in mapping obtains the corresponding each visit of above application Ask account and each characteristic identity identity information for accessing account one natural person user of corresponding unique mark, such as in It for state user, obtains above-mentioned user's registration and accesses the ID card No. bound when account, then mapping establishes module 05 by identity It demonstrate,proves the identical access account of number and creates same intermediate account;Alternatively, module 05 is established in mapping obtains the access logged in for the first time The corresponding ID card No. first of account a, then mapping establish the lookup of module 05 and had logged in the corresponding each access account of above application Corresponding ID card No. recognizes whether intermediate account identical with above-mentioned ID card No. first or identical access account Number b and the corresponding intermediate accounts of access account b;If in the presence of, mapping establish module 05 directly by above-mentioned access account a with it is right The intermediate account binding answered, establishes the mapping relations for accessing account a and above-mentioned intermediate account.
Server of the embodiment of the present invention establishes the corresponding each mapping relations for accessing account and intermediate account of same application Subsequent server shares the corresponding information of identical access account and provides important evidence, saves the processing time of server, The performance loss for reducing server, improves man-machine interactivity;For user side, due to being not in cumbersome attached Add safety verification program, therefore in verification processing program, improves user experience.
The embodiment of the present invention also provides a kind of hardware configuration of Information Authentication device, as shown in Figure 10, Information Authentication dress Set including:
Processor 101, memory 102, user interface 103, network interface 104 and communication bus 105.Communication bus 105 for the communication between each building block in local server, and user interface 103, should for receiving information input by user User interface can be wireline interface and wireless interface, such as keyboard, mouse etc..Network interface 104 is used for Information Authentication device It is communicated with outside, which can also include wireline interface and wireless interface.Memory 102 may include one A or more than one computer readable storage medium, and it includes not only internal storage, further includes external memory.This is deposited Operating system and information sharing application program etc. are stored in reservoir.Processor 101 is used to call the information in memory 102 Sharing application program, to execute following operation:
User terminal is received based on user interface 103 and accesses a triggering command applied based on account is accessed, and passes through communication Bus 105 is searched accesses the corresponding historical data of the application based on the access account;
According to the historical data of lookup, identify that the access account does not meet default access rule, then searching is The no intermediate account existed with the access account mapping;
If in the presence of the intermediate account with the access account mapping, lookup association account associated with the intermediate account Number, and obtain the corresponding relating attribute information of the associated account number;
It sets the relating attribute information to the corresponding access attribute information of the access account, and the association is belonged to Property the corresponding secure access strategy setting of information be to verify the accesss account to access secure access plan used by the application Slightly;
Based on the legitimacy for having secure access to access account described in policy validation described in the access attribute use of information;It saves Data processing resources, improve the convenience of Information Authentication while assuring data security, also improve it is man-machine can Interactivity.
Further, processor 101 is additionally operable to call the information sharing application program in memory 102, following to execute Operation:
The corresponding IP address of the triggering command and/or MAC Address are obtained by communication bus 105;
In the historical data, the IP address and/or MAC Address are searched;
If can not find the IP address and/or MAC Address in the historical data, the access account is identified not Meet default access rule.
Further, processor 101 is additionally operable to call the information sharing application program in memory 102, following to execute Operation:
According to the historical data, is searched in the first preset duration by communication bus 105 and visited based on the access account The access times for asking the application, identify whether the access times are less than first threshold;
When the access times are less than first threshold, identify that the access account does not meet default access rule;
When the access times are greater than or equal to the first threshold, it is corresponding every time to obtain the access times Access duration, whether it is more than the quantity of the second preset duration less than second threshold that identification accesses duration;
When the quantity that the access duration is more than the second preset duration is less than second threshold, the access account is identified Default access rule is not met.
Further, processor 101 is additionally operable to call the information sharing application program in memory 102, following to execute Operation:
If there is no the intermediate account with the access account mapping, create in uniquely being mapped with the access account Between account, and the intermediate account shares the corresponding access attribute information of the access account.
Further, processor 101 is additionally operable to call the information sharing application program in memory 102, following to execute Operation:
It establishes described using corresponding each mapping relations for accessing account and intermediate account;Wherein, the access account is only One corresponds to an intermediate account, and the intermediate account corresponds at least one access account.
Further, processor 101 is additionally operable to call the information sharing application program in memory 102, following to execute Operation:
The corresponding all access accounts of the application are obtained by communication bus 105 and the corresponding access of each access account belongs to Property information, and obtain user and be based on each accesss account and access described to apply corresponding historical data;
According to the access attribute information and historical data, each relating value accessed between account is calculated;
The access account for being more than default correlation threshold for the relating value establishes same intermediate account;
Wherein, the corresponding access attribute letter of the access account is shared between the identical each access account of the intermediate account Breath and the corresponding secure access strategy of the access attribute information.
Further, processor 101 is additionally operable to call the information sharing application program in memory 102, following to execute Operation:
The corresponding each access account of the application and the corresponding unique mark of the access account are obtained by communication bus 105 Show the characteristic identity information of a natural person user;
Same intermediate account is established for the identical access account of the characteristic identity information;
Wherein, the corresponding access attribute letter of the access account is shared between the identical each access account of the intermediate account Breath and the corresponding secure access strategy of the access attribute information.
Information Authentication of embodiment of the present invention device gathers around same application based on intermediate account using same natural person user The method of some different access account corresponding informances has through intermediate account intelligently using the advantageous effect of master's information, reaches Attribute information between the different access account that same natural person user is registered based on same application can be shared by having arrived server Purpose;It is additional based on being executed required for the small size access same application bound with main number to same user to eliminate server The cumbersome verification process of safety verification strategy, saves the processing time of server, reduces the performance loss of server, carries High man-machine interactivity.
It should be noted that herein, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that process, method, article or device including a series of elements include not only those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or device institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including this There is also other identical elements in the process of element, method, article or device.
The embodiments of the present invention are for illustration only, can not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical scheme of the present invention substantially in other words does the prior art Going out the part of contribution can be expressed in the form of software products, which is stored in a storage medium In (such as ROM/RAM, magnetic disc, CD), including some instructions are used so that a station terminal equipment (can be mobile phone, computer, clothes It is engaged in device or the network equipment etc.) execute method described in each embodiment of the present invention.
The foregoing is merely the preferred embodiment of the present invention, it is not intended to limit its scope of the claims, it is every to utilize the present invention Equivalent structure or equivalent flow shift made by specification and accompanying drawing content is directly or indirectly used in other relevant technology necks Domain is included within the scope of the present invention.

Claims (15)

1. a kind of Information Authentication method, which is characterized in that include the following steps:
The triggering command that user terminal accesses an application based on access account is received, is searched based on described in access account access Using corresponding historical data;
According to the historical data of lookup, identifies that the access account does not meet default access rule, then search whether to deposit In the intermediate account with the access account mapping;
If in the presence of the intermediate account with the access account mapping, lookup associated account number associated with the intermediate account, And obtain the corresponding relating attribute information of the associated account number;
It sets the relating attribute information to the corresponding access attribute information of the access account, and the relating attribute is believed It is that the verification account that accesses accesses the secure access strategy that the application uses to cease corresponding secure access strategy setting;
Based on the legitimacy for having secure access to access account described in policy validation described in the access attribute use of information.
2. the method as described in claim 1, which is characterized in that the historical data according to lookup identifies described It accesses account and does not meet default access rule, including:
Obtain the corresponding IP address of the triggering command and/or MAC Address;
In the historical data, the IP address and/or MAC Address are searched;
If can not find the IP address and/or MAC Address in the historical data, identify that the access account is not met Default access rule.
3. the method as described in claim 1, which is characterized in that the historical data according to lookup identifies described It accesses account and does not meet default access rule, including:
According to the historical data, the access time for accessing the application in the first preset duration based on the access account is searched Number, identifies whether the access times are less than first threshold;
When the access times are less than first threshold, identify that the access account does not meet default access rule;
When the access times are greater than or equal to the first threshold, the corresponding each visit of the access times is obtained Ask that duration, identification access whether the quantity that duration is more than the second preset duration is less than second threshold;
When the quantity that the access duration is more than the second preset duration is less than second threshold, identify that the access account is not inconsistent It closes and presets access rule.
4. the method as described in claim 1, which is characterized in that it is described search whether exist with the accesss account mapping in Between account, further include later:
If there is no the intermediate account with the access account mapping, the intermediate account uniquely mapped with the access account is created Number, and the intermediate account shares the corresponding access attribute information of the access account.
5. method according to any one of claims 1-4, which is characterized in that the reception user terminal is based on accessing account visit The triggering command for asking an application further includes before:
It establishes described using corresponding each mapping relations for accessing account and intermediate account;Wherein, the access account is uniquely right An intermediate account, the intermediate account is answered to correspond at least one access account.
6. method as claimed in claim 5, which is characterized in that described to establish the corresponding each access account of the application and centre The mapping relations of account, including:
The corresponding all access accounts of the application and the corresponding access attribute information of each access account are obtained, and obtains user's base The corresponding historical data of the application is accessed in each access account;
According to the access attribute information and historical data, each relating value accessed between account is calculated;
The access account for being more than default correlation threshold for the relating value establishes same intermediate account;
Wherein, shared between the identical each access account of the intermediate account the corresponding access attribute information of the access account with And the corresponding secure access strategy of the access attribute information.
7. method as claimed in claim 5, which is characterized in that described to establish the corresponding each access account of the application and centre The mapping relations of account, including:
It obtains and described each access account using corresponding and described access account one natural person user's of corresponding unique mark Characteristic identity information;
Same intermediate account is established for the identical access account of the characteristic identity information;
Wherein, shared between the identical each access account of the intermediate account the corresponding access attribute information of the access account with And the corresponding secure access strategy of the access attribute information.
8. a kind of Information Authentication device, which is characterized in that including:
Data obtaining module is used for:
The triggering command that user terminal accesses an application based on access account is received, is searched based on described in access account access Using corresponding historical data;According to the historical data of lookup, identify that the access account does not meet default access Rule then searches whether the intermediate account for having with the access account mapping;If in being mapped with the access account Between account, then search associated account number associated with the intermediate account, and obtain the corresponding relating attribute of the associated account number Information;
Information sharing module, is used for:
It sets the relating attribute information to the corresponding access attribute information of the access account, and the relating attribute is believed It is that the verification account that accesses accesses the secure access strategy that the application uses to cease corresponding secure access strategy setting;
Information authentication module accesses account for being based on having secure access to described in the access attribute use of information described in policy validation Legitimacy.
9. device as claimed in claim 8, which is characterized in that described information acquisition module is additionally operable to:
Obtain the corresponding IP address of the triggering command and/or MAC Address;
In the historical data, the IP address and/or MAC Address are searched;
If can not find the IP address and/or MAC Address in the historical data, identify that the access account is not met Default access rule.
10. device as claimed in claim 8, which is characterized in that described information acquisition module is additionally operable to:
According to the historical data, the access time for accessing the application in the first preset duration based on the access account is searched Number, identifies whether the access times are less than first threshold;
When the access times are less than first threshold, identify that the access account does not meet default access rule;
When the access times are greater than or equal to the first threshold, the corresponding each visit of the access times is obtained Ask that duration, identification access whether the quantity that duration is more than the second preset duration is less than second threshold;
When the quantity that the access duration is more than the second preset duration is less than second threshold, identify that the access account is not inconsistent It closes and presets access rule.
11. device as claimed in claim 8, which is characterized in that further include:
Information creation module is used for:
If there is no the intermediate account with the access account mapping, the intermediate account uniquely mapped with the access account is created Number, and the intermediate account shares the corresponding access attribute information of the access account.
12. such as claim 8-11 any one of them devices, which is characterized in that further include:
Module is established in mapping, is used for:
It establishes described using corresponding each mapping relations for accessing account and intermediate account;Wherein, the access account is uniquely right An intermediate account, the intermediate account is answered to correspond at least one access account.
13. device as claimed in claim 12, which is characterized in that the mapping is established module and is additionally operable to:
The corresponding all access accounts of the application and the corresponding access attribute information of each access account are obtained, and obtains user's base The corresponding historical data of the application is accessed in each access account;
According to the access attribute information and historical data, each relating value accessed between account is calculated;
The access account for being more than default correlation threshold for the relating value establishes same intermediate account;
Wherein, shared between the identical each access account of the intermediate account the corresponding access attribute information of the access account with And the corresponding secure access strategy of the access attribute information.
14. device as claimed in claim 12, which is characterized in that the mapping is established module and is additionally operable to:
It obtains and described each access account using corresponding and described access account one natural person user's of corresponding unique mark Characteristic identity information;
Same intermediate account is established for the identical access account of the characteristic identity information;
Wherein, shared between the identical each access account of the intermediate account the corresponding access attribute information of the access account with And the corresponding secure access strategy of the access attribute information.
15. a kind of computer storage media, which is characterized in that be stored with computer program, institute in the computer storage media State the Information Authentication method realized when computer program is executed by processor as described in any one of claim 1 to 7.
CN201410173229.5A 2014-04-25 2014-04-25 Information Authentication method and device Active CN105022939B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410173229.5A CN105022939B (en) 2014-04-25 2014-04-25 Information Authentication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410173229.5A CN105022939B (en) 2014-04-25 2014-04-25 Information Authentication method and device

Publications (2)

Publication Number Publication Date
CN105022939A CN105022939A (en) 2015-11-04
CN105022939B true CN105022939B (en) 2018-10-30

Family

ID=54412904

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410173229.5A Active CN105022939B (en) 2014-04-25 2014-04-25 Information Authentication method and device

Country Status (1)

Country Link
CN (1) CN105022939B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018023465A1 (en) * 2016-08-02 2018-02-08 步晓芳 Method for pushing patent information during account input, and browser
WO2018023464A1 (en) * 2016-08-02 2018-02-08 步晓芳 Data collection method for quick account input technology, and browser
WO2018023466A1 (en) * 2016-08-02 2018-02-08 步晓芳 Account input method and browser
CN106875217A (en) * 2017-02-04 2017-06-20 武汉昊阳科技有限公司 The price sort method and device of flow product
CN110545528B (en) * 2019-09-19 2021-12-10 白浩 Social method, device and storage medium fusing multiple identities
CN110765507A (en) * 2019-10-31 2020-02-07 重庆大学 Three-dimensional CAD (computer-aided design) modeling method, device and system based on cloud service technology
CN113515575A (en) * 2021-06-16 2021-10-19 北京格灵深瞳信息技术股份有限公司 Associated data processing method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20000036701A (en) * 2000-03-25 2000-07-05 최선정 A sharing method of user accounts in the internet environment
CN1960345A (en) * 2006-09-28 2007-05-09 阿里巴巴公司 Method and system for creating multi-accounting number users in instant communicating system
CN101521633A (en) * 2008-02-28 2009-09-02 阿里巴巴集团控股有限公司 Method and device for delivering message in instant communication
CN101834878A (en) * 2010-01-29 2010-09-15 陈时军 Multiuser system privilege management method and instant messaging system applying same
CN101877637A (en) * 2009-04-30 2010-11-03 中国移动通信集团江西有限公司 Single sign-on method and single sign-on system
CN103618717A (en) * 2013-11-28 2014-03-05 北京奇虎科技有限公司 Multi-account client information dynamic authentication method, device and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20000036701A (en) * 2000-03-25 2000-07-05 최선정 A sharing method of user accounts in the internet environment
CN1960345A (en) * 2006-09-28 2007-05-09 阿里巴巴公司 Method and system for creating multi-accounting number users in instant communicating system
CN101521633A (en) * 2008-02-28 2009-09-02 阿里巴巴集团控股有限公司 Method and device for delivering message in instant communication
CN101877637A (en) * 2009-04-30 2010-11-03 中国移动通信集团江西有限公司 Single sign-on method and single sign-on system
CN101834878A (en) * 2010-01-29 2010-09-15 陈时军 Multiuser system privilege management method and instant messaging system applying same
CN103618717A (en) * 2013-11-28 2014-03-05 北京奇虎科技有限公司 Multi-account client information dynamic authentication method, device and system

Also Published As

Publication number Publication date
CN105022939A (en) 2015-11-04

Similar Documents

Publication Publication Date Title
CN105022939B (en) Information Authentication method and device
CN109639740B (en) Login state sharing method and device based on equipment ID
CN106096343B (en) Message access control method and equipment
CN112597472B (en) Single sign-on method, device and storage medium
JP6574168B2 (en) Terminal identification method, and method, system, and apparatus for registering machine identification code
CN103916244B (en) Verification method and device
CN110401655A (en) Access control right management system based on user and role
CN105246073B (en) The access authentication method and server of wireless network
CN109413096B (en) A kind of login method and device more applied
CN103607416B (en) A kind of method and application system of the certification of network terminal machine identity
CN107493280A (en) Method, intelligent gateway and the certificate server of user authentication
CN110287660A (en) Access right control method, device, equipment and storage medium
CN103475484B (en) USB key authentication methods and system
CN109698809A (en) A kind of recognition methods of account abnormal login and device
CN101729541B (en) Method and system for accessing resources of multi-service platform
CN106878250B (en) Cross-application single-state login method and device
CN109861968A (en) Resource access control method, device, computer equipment and storage medium
CN104184709A (en) Verification method, device, server, service data center and system
EP3008876B1 (en) Roaming internet-accessible application state across trusted and untrusted platforms
CN105162774B (en) Virtual machine entry method, the virtual machine entry method and device for terminal
CN106254328B (en) A kind of access control method and device
CN106060097B (en) A kind of management system and management method of information security contest
CN111294796A (en) Smart phone login management system based on zero-knowledge proof
CN109829271A (en) Method for authenticating and Related product
CN110706143A (en) Identity authentication method and device based on government affair service

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20190813

Address after: 518000 Nanshan District science and technology zone, Guangdong, Zhejiang Province, science and technology in the Tencent Building on the 1st floor of the 35 layer

Co-patentee after: Tencent cloud computing (Beijing) limited liability company

Patentee after: Tencent Technology (Shenzhen) Co., Ltd.

Address before: Shenzhen Futian District City, Guangdong province 518044 Zhenxing Road, SEG Science Park 2 East Room 403

Patentee before: Tencent Technology (Shenzhen) Co., Ltd.

TR01 Transfer of patent right