A kind of computer security implementation method based on hardware and server authentication and device
Technical field
The present invention relates to computer safety field, particularly a kind of computer security implementation method based on hardware and server authentication and device.
Background technology
At computer safety field, traditional method is that the user name password for verifying is sent to service end after encryption.Under this mode, its password is the combination of simple numeral and character, this password is uploaded to service end after encryption, this kind of mode is after user name password is revealed, easily use after other places are verified, reduce fail safe, its server end also effectively cannot control behavior and the state of user.
Summary of the invention
The technical problem to be solved in the present invention is, for the defect that the above-mentioned fail safe of prior art is not high, and the computer security implementation method based on hardware and server authentication providing a kind of fail safe higher and device.
The technical solution adopted for the present invention to solve the technical problems is: construct a kind of computer security implementation method based on hardware and server authentication, comprise the steps:
A) on described computer, input username and password and carry out certification by server;
B) after certification is passed through, described computer obtains user ID, unique hardware identification and date codes;
C) user security identifying information is obtained after reversible encryption process being carried out to described user ID, unique hardware identification and date codes;
D) described user security identifying information is uploaded to described server by use safety transmission channel;
E) described server is by user ID before treatment for reversible encryption, unique hardware identification and date codes and user security identifying information corresponding stored;
F) user is again through the certification of described server, and whether its unique hardware identification of described server authentication and date codes mate, and in this way, then performs step G); Otherwise, authentification failure;
G) again after described server authentication passes through, the date codes after reversible encryption process in user security identifying information is upgraded.
Of the present invention based in the computer security implementation method of hardware and server authentication, described unique hardware identification comprises hard disk serial number and MAC Address.
Of the present invention based in the computer security implementation method of hardware and server authentication, described date codes is encoded by date during certification to current.
Of the present invention based in the computer security implementation method of hardware and server authentication, described secure transmission tunnel is the passage set up at client and server, and transmission means is https protocol transmission.
Of the present invention based in the computer security implementation method of hardware and server authentication, what described reversible encryption adopted is DES reversible encryption mode.
The invention still further relates to a kind of device realizing the computer security implementation method of above-mentioned hardware and server authentication, comprising: input unit: carrying out certification for inputting username and password on described computer by server;
Acquiring unit: for after certification is passed through, described computer obtains user ID, unique hardware identification and date codes;
Ciphering unit: obtain user security identifying information after reversible encryption process is carried out to described user ID, unique hardware identification and date codes;
Uploading unit: described user security identifying information is uploaded to described server for use safety transmission channel;
Memory cell: for making described server by user ID before treatment for reversible encryption, unique hardware identification and date codes and user security identifying information corresponding stored;
Authentication unit: for user again through the certification of described server, whether its unique hardware identification of described server authentication and date codes mate, in this way, certification is by the date codes after reversible encryption process in rear renewal user security identifying information; Otherwise, authentification failure;
Certification updating block: for again after described server authentication passes through, upgrades the date codes after reversible encryption process in user security identifying information.
In the device of the computer security implementation method realizing above-mentioned hardware and server authentication of the present invention, described unique hardware identification comprises hard disk serial number and MAC Address.
In the device of the computer security implementation method realizing above-mentioned hardware and server authentication of the present invention, described date codes is encoded by date during certification to current.
In the device of the computer security implementation method realizing above-mentioned hardware and server authentication of the present invention, described secure transmission tunnel is the passage set up at client and server, and transmission means is https protocol transmission.
In the device of the computer security implementation method realizing above-mentioned hardware and server authentication of the present invention, what described reversible encryption adopted is DES reversible encryption mode.
Implement the computer security implementation method based on hardware and server authentication of the present invention and device, have following beneficial effect: due to after certification is passed through, computer obtains user ID, unique hardware identification and date codes and obtains user security identifying information after carrying out reversible encryption process; When user is again through the certification of server, whether its unique hardware identification of server authentication and date codes mate, namely by mode that secondary is verified, and in conjunction with the legitimacy of unique hardware identification and date codes decision verification user, one-one relationship between user bound and computer, strengthen the stringency of user rs authentication, so its fail safe is higher.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the flow chart that the present invention is based on method in the computer security implementation method of hardware and server authentication and device embodiment;
Fig. 2 is the structural representation of device in described embodiment.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
In the computer security implementation method that the present invention is based on hardware and server authentication and device embodiment, its flow chart based on the computer security implementation method of hardware and server authentication as shown in Figure 1.In Fig. 1, the method comprises the steps: that step S01 inputs username and password on computers and carries out certification by server: in this step, be verified username and password first and carry out certification through server, it is worth mentioning that, the username and password verified first is distributed by server, only has legal user just can obtain.The username and password of this distribution can only bind the unique computer by server authentication.
Step S02 is after certification is passed through, computer obtains user ID, unique hardware identification and date codes: in this step, after the serviced device certification of username and password is passed through, computer obtains user ID, unique hardware identification and date codes, it is worth mentioning that, in the present embodiment, user ID is unique, user ID is for current system user, unique hardware identification comprises hard disk serial number and MAC Address, and date codes is encoded by the date (namely current date) during certification to current.
Step S03 obtains user security identifying information after carrying out reversible encryption process to user ID, unique hardware identification and date codes: in this step, in order to increase the fail safe of system, after reversible encryption is carried out to user ID, unique hardware identification and date codes, obtain user security identifying information.In the present embodiment, what reversible encryption adopted is DES reversible encryption mode, current, under the certain situation of the present embodiment, also can select other cipher mode.
User security identifying information is uploaded onto the server by step S04 use safety transmission channel: in this step, user security identifying information is uploaded onto the server by use safety transmission channel, this secure transmission tunnel is the passage set up at client and server, and transmission means is https protocol transmission.So also can increase the fail safe of system.
Step S05 server is by user ID before treatment for reversible encryption, unique hardware identification and date codes and user security identifying information corresponding stored: in this step, and server is by user ID before treatment for reversible encryption, unique hardware identification and date codes and user security identifying information corresponding stored.
Step S06 user is again through the certification of server, whether its unique hardware identification of server authentication and date codes mate: in this step, user is again through the certification of server, whether its unique hardware identification of server authentication and date codes mate, if the result of checking is yes, then perform step S07; Otherwise, perform step S08.
Step S07, again after server authentication passes through, upgrades the date codes after reversible encryption process in user security identifying information: if the judged result of above-mentioned steps S06 is yes, and namely unique hardware identification and date codes coupling, then perform this step.In this step, again after server authentication passes through, upgrade the date codes after reversible encryption process in user security identifying information.
Step S08 authentification failure: if the judged result of above-mentioned steps S06 is no, namely unique hardware identification and date codes are not mated, then perform this step.In this step, the result of return authentication failure.The mode that the present invention is verified by secondary, and in conjunction with the legitimacy of unique hardware identification and date codes decision verification user, the one-one relationship between user bound and computer, strengthens the stringency of user rs authentication, so its fail safe is higher.It is worth mentioning that, after server have recorded user name and user security identifying information, user cannot change the computer of client again, if user needs to change computer, again must obtain legal username and password to server, this further improves the fail safe of system.
The present embodiment also relates to a kind of device realizing the above-mentioned computer security implementation method based on hardware and server authentication, and its structural representation as shown in Figure 2.In Fig. 2, this device comprises input unit 1, acquiring unit 2, ciphering unit 3, uploading unit 4, memory cell 5, authentication unit 6 and certification updating block 7; Wherein, input unit 1 carries out certification for inputting username and password on computers by server; Acquiring unit 2 is for after certification is passed through, and computer obtains user ID, unique hardware identification and date codes; Ciphering unit 3 obtains user security identifying information after carrying out reversible encryption process to user ID, unique hardware identification and date codes; User security identifying information is uploaded onto the server for use safety transmission channel by uploading unit 4; Memory cell 5 is for making server by user ID before treatment for reversible encryption, unique hardware identification and date codes and user security identifying information corresponding stored; Authentication unit 6 for user again through the certification of server, whether its unique hardware identification of server authentication and date codes mate, and in this way, certification is by the date codes after reversible encryption process in rear renewal user security identifying information; Otherwise, authentification failure; Certification updating block 7, for again after server authentication passes through, upgrades the date codes after reversible encryption process in user security identifying information.The mode that the present invention is verified by secondary, and in conjunction with the legitimacy of unique hardware identification and date codes decision verification user, the one-one relationship between user bound and computer, strengthens the stringency of user rs authentication, so its fail safe is higher.It is worth mentioning that, after server have recorded user name and user security identifying information, user cannot change the computer of client again, if user needs to change computer, again must obtain legal username and password to server, this further improves the fail safe of system.
It is worth mentioning that, in the present embodiment, above-mentioned unique hardware identification comprises hard disk serial number and MAC Address, and certainly, unique hardware identification also can comprise the hardware identifier of other types.Above-mentioned date codes is encoded by date during certification to current.Secure transmission tunnel is the passage set up at client and server, and transmission means is https protocol transmission, can increase the fail safe of system like this.What above-mentioned reversible encryption adopted is DES reversible encryption mode, certainly, also can adopt other cipher mode, and the Method compare of its encryption is flexible.
In a word, in the present embodiment, the user name using server subtend user to distribute, password carry out first time checking, and user security identifying information is generated to unique subscriber identification, unique hardware identification and the date codes that computer obtains, when again verifying, verify the matching of its unique hardware identification and date codes, which enhance the fail safe of system, so its fail safe is higher.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.