CN105262717A - Network service security management method and device - Google Patents
Network service security management method and device Download PDFInfo
- Publication number
- CN105262717A CN105262717A CN201510549688.3A CN201510549688A CN105262717A CN 105262717 A CN105262717 A CN 105262717A CN 201510549688 A CN201510549688 A CN 201510549688A CN 105262717 A CN105262717 A CN 105262717A
- Authority
- CN
- China
- Prior art keywords
- access
- network service
- module
- request
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a network service security management method and device. The method comprises the following steps: receiving an interface scheduling request, and obtaining access account information and signature string information from the interface scheduling request; judging whether the obtained access account information is matched with preset access account information, if not, judging the interface scheduling request as an illegal access request, and if so, judging whether the obtained signature string information is successfully verified, if not, judging the interface scheduling request as the illegal access request, if so, scheduling a network serve interface, and adding an access record in a normal access scheduling log.
Description
Technical field
The present invention relates to WebService administrative skill, particularly relate to a kind of network service method for managing security and device.
Background technology
Current Web service is widely used in each software application, if do not carry out management and control to its uses, with regard to likely influential system safety under attack.The control and management method of Web service safety in prior art, it is mostly the pattern using security policy server interception or be directly used alone account number cipher, different interface methods cannot be called for different user and carry out independent Authorization definition, flexibility is poor, larger with Web service interface coupling in some cases, increase the exploitation amount of web interface itself, be unfavorable for Interface Expanding.
Summary of the invention
For this reason, need to provide a kind of network service method for managing security, solve the problem that existing network service is convenient and safe not.
For achieving the above object, inventor provide a kind of network service method for managing security, comprise the steps: receiving interface call request, from described interface interchange request, obtain access account information and signature string information;
Judge whether the access account information got mates with the access account information preset, do not mate, judge that described interface interchange request is as unauthorized access request, coupling then judges whether the signature string information got is proved to be successful, verify unsuccessful, judge that described interface interchange request is as unauthorized access request, be proved to be successful, call network service interface, and Visitor Logs is added to normal access and call daily record.
Further, also comprise pre-configured flow process, described pre-configured flow process comprises step: set up access account information, and described account information comprises access account, access code; Authorize access account, described mandate comprises access account configuration access IP or expiration time parameter.
Particularly, in step, " to call network service interface " front also comprises step:
Authentication-access account authority, specifically comprises: judge whether access account is authorized to.
Further, after step " calls network service interface ", also comprise step: monitor dynamic parameter in real time and dynamic authentication is carried out to described dynamic parameter, if exceed default dynamic parameter threshold value, tackling network service interface call request.
Particularly, described dynamic parameter comprises maximum visit capacity, largest access frequency, calling interface number of times or connection failure number of times; The method of described default dynamic parameter threshold value determines by calculating after statistical summaries or set by artificial.
A kind of network service security control apparatus, comprises receiver module, acquisition module, judge module, calling module and record and adds module;
Described receiver module is used for receiving interface call request;
Described acquisition module is used for from described interface interchange request, obtain access account information and signature string information;
Described judge module is for judging whether the access account information got mates with the access account information preset, and does not mate, judges that described interface interchange request is as unauthorized access request; Coupling then judges whether the signature string information got is proved to be successful, and verifies unsuccessful, judges that described interface interchange request is as unauthorized access request, is proved to be successful then enable calling module and record and adds module;
Described calling module is used for calling network service interface; Described record adds module and is used for being added to by Visitor Logs normally to access calling daily record.
Further, also comprise provisioning module, described provisioning module comprises account and sets up submodule, authorizes submodule;
Described account sets up submodule for setting up access account information, and described account information comprises access account, access code;
Described mandate submodule is used for authorizing access account, and described mandate comprises access account configuration access IP or expiration time parameter.
Particularly, also authentication module is comprised;
Described authentication module is used for, in step front authentication-access account authority of " calling network service interface ", specifically comprising: judge whether access account is authorized to.
Further, dynamic monitoring module is also comprised;
Described dynamic monitoring module is used for " calling network service interface " in step and monitors dynamic parameter carry out dynamic authentication to described dynamic parameter in real time afterwards, also for then tackling network service interface call request exceeding default dynamic parameter threshold value.
Particularly, described dynamic parameter comprises maximum visit capacity, largest access frequency, calling interface number of times or connection failure number of times; Described device also comprises threshold preset module, and described threshold preset module is used for determining predetermined threshold value or inputting information by receive threshold by calculating after statistical summaries, setting predetermined threshold value.
Be different from prior art, technique scheme is passed through the request of different account individual reception interface interchange, and increases real-time monitoring module, improves convenience and the fail safe of network service management.
Accompanying drawing explanation
Fig. 1 is network service method for managing security flow chart described in the specific embodiment of the invention;
Fig. 2 is network service security control apparatus module map described in the specific embodiment of the invention.
Description of reference numerals:
200, receiver module;
202, acquisition module;
204, judge module;
206, calling module;
207, record adds module;
208, provisioning module;
2081, account sets up submodule;
2082, submodule is authorized;
210, authentication module;
212, dynamic monitoring module;
214, threshold preset module.
Embodiment
By describe in detail technical scheme technology contents, structural feature, realized object and effect, coordinate accompanying drawing to be explained in detail below in conjunction with specific embodiment.
Refer to Fig. 1, be a kind of network service method for managing security of the present invention, can be applied in the network service security control apparatus shown in Fig. 2, comprise the steps:
S104: receiving interface call request, obtains access account information and signature string information from described interface interchange request;
S106 judges whether the access account information got mates with the access account information preset, do not mate, judge that described interface interchange request is as unauthorized access request, coupling is then carried out step S108 and is judged whether the signature string information got is proved to be successful, verify unsuccessful, judge that described interface interchange request is as unauthorized access request, be proved to be successful, carry out step S112 and call network service interface, and Visitor Logs is added to normal access and call daily record.
In some specific embodiment, interface interchange request can send by needing the client of calling interface, client uses the account preset, password and encryption keyValue after, in the soap head of call request file, assemble account and generate Guid and dynamically go here and there (GUID, the numeric identifier of 128 that to be a kind of binary length generated by algorithm be, the object generating this string is not identical in order to ensure the encryption string of each request, be not easy to be intercepted to crack), then sign according to the rule of agreement, generate Md5 (widely used a kind of hash function three algorithm of computer safety field) signature string.The object generating signature string is used to the legitimacy being supplied to background authentication user request, and after completing message assembling, client will send Web service interface call request to service end.Automatically will tackle described request when receiving interface interchange request, the packet of analysis request, and the access account, access code, requesting method, the signature string information that obtain in soap head, wherein access account and access code belong to above-mentioned access account information.
In certain embodiments, proceed step S106, the main purpose of this step is whether the invoke user of checking client exists, be specially: service end judges that the account extracted is mated to access account information database, if do not mate or there is not access account information, is then invalid account, be judged to be unauthorized access request, its access will be refused, return error message, and record correlation log.The match is successful then carries out step S108, and the object of this step is whether the signature string that checking client is sent is legal, prevents from forging.Be specially: service end is according to the client-requested information obtained in message extraction step, according to current request method, from the keyvalue value obtaining backstage configuration, and to compare checking according to the signature string information that obtains in the generate rule signature string of agreement and interface interchange request, if to be proved to be successful and the configuration of calling interface method is normal, then allow to call network service interface, add Visitor Logs to normal access log.Otherwise be then judged to be unauthorized access request, denied access, return error message, and record correlation log.By said method, before calling network service interface, docking port call request can carry out multiple authentication, reach and improve the convenience of network service and the effect of fail safe.
In further embodiments, also comprise pre-configured flow process, described pre-configured flow process comprises step S100 and sets up access account information, and described account information comprises access account, access code; The mode setting up access account information can be that equipment transmission registration request is registered, and also initiatively can be configured access account information to requesting service.Also comprise step S102 to authorize access account, described mandate comprises access account configuration access IP or expiration time parameter.By such scheme, effectively can manage access request, improve fail safe of the present invention.
In other further embodiments, in step, " to call network service interface " front also comprises step: authentication-access account authority, specifically comprises step S110: judge whether access account is authorized to.Whether check it and whether have whether the authority of this website of access, access IP authorized, whether account access expired authorized comprising, if checking not by; return error message, and record correlation log.By above-mentioned steps, can prevent undelegated access account from conducting interviews, the account that also can prevent from exceeding the term of validity conducts interviews, and reaches the effect that improve fail safe of the present invention.
In a preferred embodiment, after step " calls network service interface ", also comprise step S114 monitor dynamic parameter in real time and dynamic authentication is carried out to described dynamic parameter, if exceed default dynamic parameter threshold value, tackle network service interface call request.Particularly, described dynamic parameter comprises maximum visit capacity, largest access frequency, calling interface number of times or connection failure number of times; The method of described default dynamic parameter threshold value determines by calculating after statistical summaries or set by artificial.Monitor in real time after setting above-mentioned parameter, can both react in time for exception issuable in interface calling procedure.Make the automation more of network service management method, facilitation, also improve fail safe of the present invention simultaneously.
In some embodiment shown in Fig. 2, for a kind of network service security control apparatus of the present invention, native system can run on the server end of management and control network service interface, comprises receiver module 200, acquisition module 202, judge module 204, calling module 206 and record and adds module 207;
Described receiver module 200 is for receiving interface call request;
Described acquisition module 202 for obtaining access account information and signature string information from described interface interchange request;
Described judge module 204 is for judging whether the access account information got mates with the access account information preset, and does not mate, judges that described interface interchange request is as unauthorized access request; Coupling then judges whether the signature string information got is proved to be successful, and verifies unsuccessful, judges that described interface interchange request is as unauthorized access request, is proved to be successful then enable calling module and record and adds module;
Described calling module 206 is for calling network service interface; Described record adds module 207 and calls daily record for Visitor Logs being added to normal access.
In some specific embodiment, receiver module 200 receiving interface call request, automatically will tackle described request when receiving interface interchange request, the packet of analysis request, obtained the access account in soap head, access code, requesting method, signature string information by acquisition module 202, wherein access account and access code belong to above-mentioned access account information.Judge module 204 main purpose is whether the invoke user of checking client exists, be specially: judge module 204 judges that the account extracted is mated to access account information database, if do not mate or there is not access account information, it is then invalid account, be judged to be unauthorized access request, device will refuse its access, returns error message, and records correlation log by record interpolation module 207.The match is successful then judge module 204 proceed step S108, object is whether the signature string that checking client is sent legal, prevent forge.Be specially: judge module 204 is according to the client-requested information obtained in message extraction step, according to current request method, from the keyvalue value obtaining backstage configuration, and to compare checking according to the signature string information that obtains in the generate rule signature string of agreement and interface interchange request, if to be proved to be successful and the configuration of calling interface method is normal, then allow to call network service interface, record adds module 207 and adds Visitor Logs to normal access log.Otherwise request can be judged to be unauthorized access request, denied access by judge module 204, returns error message, record adds module 207 and records correlation log.By above-mentioned module installation, reach and improve the convenience of network service and the effect of fail safe.
In further embodiments, also comprise provisioning module 208, described provisioning module comprises account and sets up submodule 2081, authorizes submodule 2082;
Described account sets up submodule 2081 for setting up access account information, and described account information comprises access account, access code;
Described mandate submodule 2082 is for authorizing access account, and described mandate comprises access account configuration access IP or expiration time parameter.
The mode that described account sets up submodule 2081 foundation access account information can be that equipment transmission registration request is registered, and also initiatively can be configured access account information to requesting service.Authorize submodule 2082 for authorizing access account, described mandate comprises access account configuration access IP or expiration time parameter.By above-mentioned modular design, effectively can manage access request, improve fail safe of the present invention.
Particularly, authentication module 210 is also comprised;
Described authentication module is used for, in step front authentication-access account authority of " calling network service interface ", specifically comprising: judge whether access account is authorized to.
Authentication module 210 carries out step and judges whether access account is authorized to.Whether check it and whether have whether the authority of this website of access, access IP authorized, whether account access expired authorized comprising, if checking not by; return error message, and record correlation log.By above-mentioned modular design, can prevent undelegated access account from conducting interviews, the account that also can prevent from exceeding the term of validity conducts interviews, and reaches the effect that improve fail safe of the present invention.
In some further embodiment, also comprise dynamic monitoring module 212;
Described dynamic monitoring module 212 monitors dynamic parameter carry out dynamic authentication to described dynamic parameter afterwards in real time for " calling network service interface " in step, also for then tackling network service interface call request exceeding default dynamic parameter threshold value.Particularly, described dynamic parameter comprises maximum visit capacity, largest access frequency, calling interface number of times or connection failure number of times; Described device also comprises threshold preset module 214, and described threshold preset module 214 is for determining predetermined threshold value by calculating after statistical summaries or input information by receive threshold, setting predetermined threshold value.By above-mentioned modular design, make the automation more of network service management method, facilitation, also improve fail safe of the present invention simultaneously.
It should be noted that, in this article, the such as relational terms of first and second grades and so on is only used for an entity or operation to separate with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or terminal equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or terminal equipment.When not more restrictions, the key element limited by statement " comprising ... " or " comprising ... ", and be not precluded within process, method, article or the terminal equipment comprising described key element and also there is other key element.In addition, in this article, " be greater than ", " being less than ", " exceeding " etc. be interpreted as and do not comprise this number; " more than ", " below ", " within " etc. be interpreted as and comprise this number.
Those skilled in the art should understand, the various embodiments described above can be provided as method, device or computer program.These embodiments can adopt the form of complete hardware embodiment, completely software implementation or the embodiment in conjunction with software and hardware aspect.The hardware that all or part of step in the method that the various embodiments described above relate to can carry out instruction relevant by program has come, described program can be stored in the storage medium that computer equipment can read, for performing all or part of step described in the various embodiments described above method.Described computer equipment, includes but not limited to: personal computer, server, all-purpose computer, special-purpose computer, the network equipment, embedded device, programmable device, intelligent mobile terminal, intelligent home device, wearable intelligent equipment, vehicle intelligent equipment etc.; Described storage medium, includes but not limited to: the storage of RAM, ROM, magnetic disc, tape, CD, flash memory, USB flash disk, portable hard drive, storage card, memory stick, the webserver, network cloud storage etc.
The various embodiments described above describe with reference to the flow chart of method, equipment (system) and computer program according to embodiment and/or block diagram.Should understand can by the combination of the flow process in each flow process in computer program instructions realization flow figure and/or block diagram and/or square frame and flow chart and/or block diagram and/or square frame.These computer program instructions can being provided to the processor of computer equipment to produce a machine, making the instruction performed by the processor of computer equipment produce device for realizing the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
These computer program instructions also can be stored in can in the computer equipment readable memory that works in a specific way of vectoring computer equipment, the instruction making to be stored in this computer equipment readable memory produces the manufacture comprising command device, and this command device realizes the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
These computer program instructions also can be loaded on computer equipment, make to perform sequence of operations step on a computing device to produce computer implemented process, thus the instruction performed on a computing device is provided for the step realizing the function of specifying in flow chart flow process or multiple flow process and/or block diagram square frame or multiple square frame.
Although be described the various embodiments described above; but those skilled in the art are once obtain the basic creative concept of cicada; then can make other change and amendment to these embodiments; so the foregoing is only embodiments of the invention; not thereby scope of patent protection of the present invention is limited; every utilize specification of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included within scope of patent protection of the present invention.
Claims (10)
1. a network service method for managing security, is characterized in that, comprises the steps: receiving interface call request, obtains access account information and signature string information from described interface interchange request;
Judge whether the access account information got mates with the access account information preset, do not mate, judge that described interface interchange request is as unauthorized access request, coupling then judges whether the signature string information got is proved to be successful, verify unsuccessful, judge that described interface interchange request is as unauthorized access request, be proved to be successful, call network service interface, and Visitor Logs is added to normal access and call daily record.
2. network service method for managing security according to claim 1, is characterized in that, also comprises pre-configured flow process, and described pre-configured flow process comprises step: set up access account information, and described account information comprises access account, access code; Authorize access account, described mandate comprises access account configuration access IP or expiration time parameter.
3. network service method for managing security according to claim 2, is characterized in that, in step, " to call network service interface " front also comprises step:
Authentication-access account authority, specifically comprises: judge whether access account is authorized to.
4. network service method for managing security according to claim 1, it is characterized in that, also step is comprised: monitor dynamic parameter in real time and dynamic authentication is carried out to described dynamic parameter, if exceed default dynamic parameter threshold value, tackling network service interface call request after step " calls network service interface ".
5. network service method for managing security according to claim 4, is characterized in that, described dynamic parameter comprises maximum visit capacity, largest access frequency, calling interface number of times or connection failure number of times; The method of described default dynamic parameter threshold value determines by calculating after statistical summaries or set by artificial.
6. a network service security control apparatus, is characterized in that, comprises receiver module, acquisition module, judge module, calling module and record and adds module;
Described receiver module is used for receiving interface call request;
Described acquisition module is used for from described interface interchange request, obtain access account information and signature string information;
Described judge module is for judging whether the access account information got mates with the access account information preset, and does not mate, judges that described interface interchange request is as unauthorized access request; Coupling then judges whether the signature string information got is proved to be successful, and verifies unsuccessful, judges that described interface interchange request is as unauthorized access request, is proved to be successful then enable calling module and record and adds module;
Described calling module is used for calling network service interface; Described record adds module and is used for being added to by Visitor Logs normally to access calling daily record.
7. network service security control apparatus according to claim 6, is characterized in that, also comprise provisioning module, and described provisioning module comprises account and sets up submodule, authorizes submodule;
Described account sets up submodule for setting up access account information, and described account information comprises access account, access code;
Described mandate submodule is used for authorizing access account, and described mandate comprises access account configuration access IP or expiration time parameter.
8. network service security control apparatus according to claim 7, is characterized in that, also comprise authentication module;
Described authentication module is used for, in step front authentication-access account authority of " calling network service interface ", specifically comprising: judge whether access account is authorized to.
9. network service security control apparatus according to claim 6, is characterized in that, also comprises dynamic monitoring module;
Described dynamic monitoring module is used for " calling network service interface " in step and monitors dynamic parameter carry out dynamic authentication to described dynamic parameter in real time afterwards, also for then tackling network service interface call request exceeding default dynamic parameter threshold value.
10. network service security control apparatus according to claim 9, is characterized in that, described dynamic parameter comprises maximum visit capacity, largest access frequency, calling interface number of times or connection failure number of times; Described device also comprises threshold preset module, and described threshold preset module is used for determining predetermined threshold value or inputting information by receive threshold by calculating after statistical summaries, setting predetermined threshold value.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510549688.3A CN105262717A (en) | 2015-08-31 | 2015-08-31 | Network service security management method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510549688.3A CN105262717A (en) | 2015-08-31 | 2015-08-31 | Network service security management method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105262717A true CN105262717A (en) | 2016-01-20 |
Family
ID=55102223
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510549688.3A Pending CN105262717A (en) | 2015-08-31 | 2015-08-31 | Network service security management method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105262717A (en) |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106357807A (en) * | 2016-10-25 | 2017-01-25 | 广东欧珀移动通信有限公司 | Data processing method, device and system |
CN106453519A (en) * | 2016-09-21 | 2017-02-22 | 合网络技术(北京)有限公司 | Interface call method and device |
CN106550365A (en) * | 2016-10-27 | 2017-03-29 | 努比亚技术有限公司 | A kind of method and terminal of WIFI network access process |
CN106778250A (en) * | 2016-12-16 | 2017-05-31 | 四川长虹电器股份有限公司 | The method whether determining interface is illegally called |
CN107317800A (en) * | 2017-06-01 | 2017-11-03 | 努比亚技术有限公司 | Safe checking method, terminal and computer-readable recording medium |
CN107426245A (en) * | 2017-08-30 | 2017-12-01 | 安徽天达网络科技有限公司 | A kind of multi-level recording method of site access based on network security |
CN107733842A (en) * | 2016-11-08 | 2018-02-23 | 北京奥斯达兴业科技有限公司 | Method for authenticating and device based on cloud platform |
CN108616522A (en) * | 2018-04-12 | 2018-10-02 | 苏州市铜钱草科技有限公司 | A kind of internet data acquisition methods and acquisition device |
CN108667802A (en) * | 2018-03-30 | 2018-10-16 | 全球能源互联网研究院有限公司 | A kind of monitoring method and system of electric power application network safety |
CN109801092A (en) * | 2017-11-16 | 2019-05-24 | 腾讯科技(武汉)有限公司 | Resource security management method, device, computer equipment and storage medium |
CN110049031A (en) * | 2019-04-08 | 2019-07-23 | 厦门网宿有限公司 | A kind of interface security authentication method and server, authentication center's server |
CN111274046A (en) * | 2020-01-16 | 2020-06-12 | 平安医疗健康管理股份有限公司 | Service call validity detection method and device, computer equipment and computer storage medium |
CN111669398A (en) * | 2020-06-17 | 2020-09-15 | 国动物联网有限公司 | Implementation method for unified entry management based on Java API |
CN111970178A (en) * | 2019-05-20 | 2020-11-20 | 青岛海尔电冰箱有限公司 | Communication control method and system for household appliance |
CN112052135A (en) * | 2020-07-30 | 2020-12-08 | 许继集团有限公司 | Client program user operation record and exception reporting method based on C/S architecture |
CN112100220A (en) * | 2020-09-22 | 2020-12-18 | 福建天晴在线互动科技有限公司 | System for realizing real-time monitoring of illegal account group |
CN112532423A (en) * | 2020-10-29 | 2021-03-19 | 锐捷网络股份有限公司 | Equipment access method, device and system |
CN112804242A (en) * | 2021-01-25 | 2021-05-14 | 蔡世泳 | API safety management system and method for non-perception automatic discovery |
CN113630283A (en) * | 2020-05-08 | 2021-11-09 | 网联清算有限公司 | Service link testing method and system |
CN113656473A (en) * | 2021-07-30 | 2021-11-16 | 平安消费金融有限公司 | Interface access method, device, equipment and medium |
WO2022052972A1 (en) * | 2020-09-11 | 2022-03-17 | 中国银联股份有限公司 | Network terminal authentication method and apparatus |
CN114765608A (en) * | 2021-01-15 | 2022-07-19 | 广州汽车集团股份有限公司 | Management method and system for requesting to download OTA software package by vehicle machine and storage medium |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101202753A (en) * | 2007-11-29 | 2008-06-18 | 中国电信股份有限公司 | Method and device for accessing plug-in connector applied system by client terminal |
WO2012129121A1 (en) * | 2011-03-21 | 2012-09-27 | Apple Inc. | Apparatus and method for managing peer-to-peer connections between different service providers |
CN103516595A (en) * | 2013-10-18 | 2014-01-15 | 北京奇虎科技有限公司 | Method, device and system for message reminding |
CN103973695A (en) * | 2014-05-16 | 2014-08-06 | 浪潮电子信息产业股份有限公司 | Signature algorithm for server validation |
CN104113551A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
CN104113552A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
CN104113549A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
CN104158802A (en) * | 2014-07-28 | 2014-11-19 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform service side, application client side and system |
US20150180870A1 (en) * | 2013-04-28 | 2015-06-25 | Tencent Technology (Shenzhen) Company Limited | Authorization Authentication Method And Apparatus |
CN104780176A (en) * | 2015-04-28 | 2015-07-15 | 中国科学院微电子研究所 | Method and system for securely calling representational state transfer application programming interface |
-
2015
- 2015-08-31 CN CN201510549688.3A patent/CN105262717A/en active Pending
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101202753A (en) * | 2007-11-29 | 2008-06-18 | 中国电信股份有限公司 | Method and device for accessing plug-in connector applied system by client terminal |
WO2012129121A1 (en) * | 2011-03-21 | 2012-09-27 | Apple Inc. | Apparatus and method for managing peer-to-peer connections between different service providers |
US20150180870A1 (en) * | 2013-04-28 | 2015-06-25 | Tencent Technology (Shenzhen) Company Limited | Authorization Authentication Method And Apparatus |
CN103516595A (en) * | 2013-10-18 | 2014-01-15 | 北京奇虎科技有限公司 | Method, device and system for message reminding |
CN103973695A (en) * | 2014-05-16 | 2014-08-06 | 浪潮电子信息产业股份有限公司 | Signature algorithm for server validation |
CN104113551A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
CN104113552A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
CN104113549A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
CN104158802A (en) * | 2014-07-28 | 2014-11-19 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform service side, application client side and system |
CN104780176A (en) * | 2015-04-28 | 2015-07-15 | 中国科学院微电子研究所 | Method and system for securely calling representational state transfer application programming interface |
Cited By (30)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106453519A (en) * | 2016-09-21 | 2017-02-22 | 合网络技术(北京)有限公司 | Interface call method and device |
CN106357807A (en) * | 2016-10-25 | 2017-01-25 | 广东欧珀移动通信有限公司 | Data processing method, device and system |
CN106357807B (en) * | 2016-10-25 | 2019-08-13 | Oppo广东移动通信有限公司 | A kind of data processing method, device and system |
CN106550365A (en) * | 2016-10-27 | 2017-03-29 | 努比亚技术有限公司 | A kind of method and terminal of WIFI network access process |
CN106550365B (en) * | 2016-10-27 | 2020-04-17 | 深圳市微网力合信息技术有限公司 | WIFI network access processing method and terminal |
CN107733842A (en) * | 2016-11-08 | 2018-02-23 | 北京奥斯达兴业科技有限公司 | Method for authenticating and device based on cloud platform |
CN106778250A (en) * | 2016-12-16 | 2017-05-31 | 四川长虹电器股份有限公司 | The method whether determining interface is illegally called |
CN107317800A (en) * | 2017-06-01 | 2017-11-03 | 努比亚技术有限公司 | Safe checking method, terminal and computer-readable recording medium |
CN107426245A (en) * | 2017-08-30 | 2017-12-01 | 安徽天达网络科技有限公司 | A kind of multi-level recording method of site access based on network security |
CN107426245B (en) * | 2017-08-30 | 2020-12-01 | 西安阳易信息技术有限公司 | Site access multi-level recording method based on network security |
CN109801092A (en) * | 2017-11-16 | 2019-05-24 | 腾讯科技(武汉)有限公司 | Resource security management method, device, computer equipment and storage medium |
CN109801092B (en) * | 2017-11-16 | 2023-09-08 | 腾讯科技(武汉)有限公司 | Resource security management method, device, computer equipment and storage medium |
CN108667802A (en) * | 2018-03-30 | 2018-10-16 | 全球能源互联网研究院有限公司 | A kind of monitoring method and system of electric power application network safety |
CN108616522A (en) * | 2018-04-12 | 2018-10-02 | 苏州市铜钱草科技有限公司 | A kind of internet data acquisition methods and acquisition device |
CN110049031B (en) * | 2019-04-08 | 2021-05-18 | 厦门网宿有限公司 | Interface security authentication method, server and authentication center server |
CN110049031A (en) * | 2019-04-08 | 2019-07-23 | 厦门网宿有限公司 | A kind of interface security authentication method and server, authentication center's server |
CN111970178A (en) * | 2019-05-20 | 2020-11-20 | 青岛海尔电冰箱有限公司 | Communication control method and system for household appliance |
CN111970178B (en) * | 2019-05-20 | 2022-06-14 | 青岛海尔电冰箱有限公司 | Communication control method and system for household appliance |
CN111274046A (en) * | 2020-01-16 | 2020-06-12 | 平安医疗健康管理股份有限公司 | Service call validity detection method and device, computer equipment and computer storage medium |
CN113630283B (en) * | 2020-05-08 | 2022-07-05 | 网联清算有限公司 | Service link testing method and system |
CN113630283A (en) * | 2020-05-08 | 2021-11-09 | 网联清算有限公司 | Service link testing method and system |
CN111669398A (en) * | 2020-06-17 | 2020-09-15 | 国动物联网有限公司 | Implementation method for unified entry management based on Java API |
CN112052135A (en) * | 2020-07-30 | 2020-12-08 | 许继集团有限公司 | Client program user operation record and exception reporting method based on C/S architecture |
WO2022052972A1 (en) * | 2020-09-11 | 2022-03-17 | 中国银联股份有限公司 | Network terminal authentication method and apparatus |
CN112100220B (en) * | 2020-09-22 | 2022-06-21 | 福建天晴在线互动科技有限公司 | System for realizing real-time monitoring of illegal account group |
CN112100220A (en) * | 2020-09-22 | 2020-12-18 | 福建天晴在线互动科技有限公司 | System for realizing real-time monitoring of illegal account group |
CN112532423A (en) * | 2020-10-29 | 2021-03-19 | 锐捷网络股份有限公司 | Equipment access method, device and system |
CN114765608A (en) * | 2021-01-15 | 2022-07-19 | 广州汽车集团股份有限公司 | Management method and system for requesting to download OTA software package by vehicle machine and storage medium |
CN112804242A (en) * | 2021-01-25 | 2021-05-14 | 蔡世泳 | API safety management system and method for non-perception automatic discovery |
CN113656473A (en) * | 2021-07-30 | 2021-11-16 | 平安消费金融有限公司 | Interface access method, device, equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105262717A (en) | Network service security management method and device | |
CN109510849B (en) | Cloud-storage account authentication method and device | |
CN111917773B (en) | Service data processing method and device and server | |
CN111556006B (en) | Third-party application system login method, device, terminal and SSO service platform | |
CN106330850B (en) | Security verification method based on biological characteristics, client and server | |
CN103095457B (en) | A kind of login of application program, verification method | |
CN104092647B (en) | Network access method, system and client | |
EP2963958B1 (en) | Network device, terminal device and information security improving method | |
CN109033857B (en) | Method, device and equipment for accessing data and readable storage medium | |
US9544769B2 (en) | Method for providing application service | |
CN105100034A (en) | Method and apparatus for an access function in network applications | |
CN107846414A (en) | A kind of single-point logging method and system, Centralized Authentication System | |
CN102479305A (en) | Software licensing verification method and system | |
CN103368942A (en) | Cloud data security storage and management method | |
CN106330813A (en) | Method, device and system for processing authorization | |
CN103905399A (en) | Account registration management method and apparatus | |
CN103347020A (en) | Cross-application authentication access system and method | |
CN105450658A (en) | System login method and device | |
CN113225351A (en) | Request processing method and device, storage medium and electronic equipment | |
CN113542242B (en) | Equipment management method and equipment management device | |
CN107645474B (en) | Method and device for logging in open platform | |
CN113067802A (en) | User identification method, device, equipment and computer readable storage medium | |
CN101854357A (en) | Method and system for monitoring network authentication | |
CN102202291B (en) | Card-free terminal, service access method and system thereof, terminal with card and bootstrapping server function (BSF) | |
CN106685914A (en) | Information authentication method, server and client |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20160120 |