CN105635090B - System access method, system access mechanism and terminal - Google Patents
System access method, system access mechanism and terminal Download PDFInfo
- Publication number
- CN105635090B CN105635090B CN201510040758.2A CN201510040758A CN105635090B CN 105635090 B CN105635090 B CN 105635090B CN 201510040758 A CN201510040758 A CN 201510040758A CN 105635090 B CN105635090 B CN 105635090B
- Authority
- CN
- China
- Prior art keywords
- terminal
- goal systems
- identifier information
- terminals
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention proposes a kind of system access method, a kind of system access mechanism and a kind of terminals, wherein, the described method includes: receiving the first identifier information from other any terminals after the terminal and other any terminals that operate in current system establish connection;Receive the second identifier information inputted in the terminal;Judge whether the first identifier information matches with the second identifier information, and when the judgment result is yes, the terminal is allowed to switch to goal systems by the current system;Otherwise, the terminal is forbidden to switch to the goal systems by the current system;Wherein, the goal systems is the system for the security level that security level is higher than the current system in the multiple system.According to the technical solution of the present invention, during the security level that remote authorization enters terminal higher system, it is ensured that into the safety of this process of the higher system of security level, so that the data in the system be avoided illegally to be stolen.
Description
Technical field
The present invention relates to field of terminal technology, in particular to a kind of system access method, a kind of system access mechanism
With a kind of terminal.
Background technique
It, can be by identification informations such as finger print informations currently, be equipped with the different multiple systems of security level in terminal
Enter into the higher system of security level, for example, dual system is installed on mobile phone, the lower conventional system of security level and safety
Higher ranked security system, due to being stored with the private data of user in security system, so passing through the finger in security system
The certification of line information, user's just accessible and safe operation system.
But when terminal not user at one's side, and when terminal operating is in the lower system of security level, but user
Want to get data in the higher system of security level in time, at this point, in the related art, can by two ways into
Enter into the higher system of security level, one is local authorization, another kind is remote authorization.It is remote about remote authorization
Journey input in the terminal enter the higher system of security level in security key, hence into arrive the higher system of security level
In, but the mode for inputting security key has following a few strip defects:
1) it is easy to be seen by other users when the security key of input fixation, so that other users be made to enter peace
In the congruent higher system of grade, increase the risk of data leak in the system.
2) security key may be intercepted during user communication, and illegal user is made to steal security level in mobile phone
Information in higher system.
3) enter login interface, it may appear that the problems such as accessing the network attack or logon attempt of connection increases security level
The risk that data in higher system are leaked.
Therefore, during the security level that remote authorization enters terminal higher system, how to ensure safely etc.
The Information Security of the higher system of grade, avoids illegal user from entering the number stolen in the system in the higher system of security level
According to becoming urgent problem to be solved.
Summary of the invention
The present invention is based on the above problems, proposes a kind of new technical solution, enters terminal in remote authorization
During the higher system of security level, it can be ensured that the Information Security of the higher system of security level, it is ensured that enter peace
The safety of this process of the congruent higher system of grade is effectively prevented from illegal user and enters the higher system of security level
In, so that the data in the higher system of security level be avoided illegally to be stolen, improve the safety of the security system of terminal
Energy.
In view of this, an aspect of of the present present invention proposes a kind of system access method, for being equipped with the end of multiple systems
End, comprising: after the terminal and other any terminals that operate in current system establish connection, receive from it is described other
The first identifier information of one terminal;Receive the second identifier information inputted in the terminal;Judge the first identifier information with
Whether the second identifier information matches, and when the judgment result is yes, the terminal is allowed to be switched to by the current system
Goal systems;Otherwise, the terminal is forbidden to switch to the goal systems by the current system;Wherein, the goal systems
It is higher than the system of the security level of the current system for security level in the multiple system, other described any terminals are institute
State any terminal except terminal.
In the technical scheme, when the specified data in remote acquisition terminal in the higher goal systems of security level,
And terminal operating, at this point, terminal and other any terminals are established connection first, makes in the lower current system of security level
The user of other any terminals can send first identifier information to terminal by other any terminals, and make the user of terminal
Second identifier information can be inputted to terminal, when first identifier information and second identifier information matches, this illustrates the use of terminal
Be between family and the user of other any terminals it is trusty, then allow terminal to be switched in goal systems by current system, make
The user of terminal can temporarily enter in goal systems, and when first identifier information and second identifier information mismatch, this is said
The user of bright terminal is not other any terminals user trusty or logs on to goal systems there may be remote authorization is upset
In situation, for example, the case where hacker is to malicious attack or the logon attempt of network, then forbid terminal to be switched to by current system
In goal systems, so that it is guaranteed that remote authorization trusted user enters the safety in the higher system of security level, in addition, by
It can further avoid what use was fixed in the related technology in first identifier information and second identifier information with real-time change
Security key carrys out remote authorization and enters in goal systems, has thereby further ensured that the data peace of the higher system of security level
Quan Xing, it is ensured that into the safety of this process of the higher system of security level, when security key being avoided illegally to be stolen
Specified data in goal systems are leaked, and are entered in the higher system of security level to finally improve remote authorization
Safety, certainly, in the present invention, it will be appreciated by those skilled in the art that terminal is first terminal, other any terminals are
For second terminal.
In the above-mentioned technical solutions, it is preferable that the terminal is being allowed to switch to the target system by the current system
After system, the terminal is controlled by the current system and switches to the goal systems, so that the user of the terminal will be described
Specified data in goal systems are sent to other described any terminals.
In the technical scheme, after allowing terminal to switch to goal systems by current system, then illustrate other any ends
The user of the user at end successfully Remote authorization terminal temporarily enters in goal systems, and then terminal is switched to by current system
In goal systems, the specified data in goal systems can be sent to other any terminals by the user of terminal, keep other any
The available specified data of the user of terminal avoid specified data and illegally steal by illegal user.
In the above-mentioned technical solutions, it is preferable that the terminal is being allowed to switch to the target system by the current system
Before system, further includes: return to the first identifier information to other described any terminals and match with the second identifier information
Matching result so that other described any terminals again to the terminal send third identification information;Receiving described
After three identification informations, judge whether the third identification information matches with pre-stored matching identification information, and in judging result
When to be, determining allows the terminal to switch to the goal systems by the current system, otherwise, forbids the terminal by institute
It states current system and switches to the goal systems.
In the technical scheme, before allowing terminal to switch to the higher goal systems of security level, further includes: if
First identifier information and the success of second identifier information matches, then return to the information of successful match, to other any terminals for logical
The user's first identifier information and the success of second identifier information matches for knowing other any terminals, to notify other any terminals
User can send third identification information to terminal again by other any terminals, when terminal receives third identification information
Afterwards, if third identification information and pre-stored matching identification information matches, illustrate that the user of other any terminals is and end
The user for holding binding, is not illegal user, terminal is allowed for be switched in goal systems by current system, to make terminal
User can temporarily enter in goal systems, if third identification information and pre-stored matching identification information mismatch,
Illustrate that the user of other any terminals may be illegal user, just terminal is forbidden to be switched in goal systems by current system, from
And illegal operation of the illegal user to terminal is avoided, and the Dual Matching of identification information, then it can be further improved remote authorization
The safety in goal systems is entered, to further increase the security performance of the goal systems of terminal.
In the above-mentioned technical solutions, it is preferable that further include: when there are multiple goal systems, if first mark
Know information to match with the second identifier information, then according to the use of the goal systems each in multiple goal systems
Frequency and/or system banner from other any terminals, determine final goal systems.
In the technical scheme, by the cooperation of terminal and other any terminals, the user of other any terminals can be remote
The user of journey authorization terminal enters in the goal systems of terminal, can be according to multiple when the quantity of goal systems is multiple
The frequency of use of each goal systems and/or the system banner from other any terminals in goal systems, in multiple target systems
Final goal systems is determined in system, and the user of terminal is avoided to manually select final goal systems in multiple goal systems,
To keep terminal more intelligent.
In the above-mentioned technical solutions, it is preferable that the first identifier information, the second identifier information, the third mark
Know information and the pre-stored matching identification information includes: system access key, random code, finger print information, facial characteristics letter
At least one information in breath, voice identification information.
In the technical scheme, first identifier information, second identifier information, third identification information and pre-stored matching mark
Knowing information includes but is not limited to: system access key, random code, finger print information, face feature information, in voice identification information
At least one information, due to first identifier information, second identifier information, third identification information and pre-stored matching identification information
It is in real time or periodically constantly to change, avoids first identifier information, second identifier information, third identification information and be pre-stored
Matching identification information leaked, avoid illegal user from entering in the higher system of security level of terminal, so improve
The security performance that terminal remote logs in.
Another aspect of the present invention proposes a kind of system access mechanism, for being equipped with the terminal of multiple systems, comprising:
First receiving unit receives after the terminal and other any terminals that operate in current system establish connection from described
The first identifier information of other any terminals;Second receiving unit receives the second identifier information inputted in the terminal;Judgement
Unit, judges whether the first identifier information matches with the second identifier information;Processing unit is yes in judging result
When, allow the terminal to switch to goal systems by the current system;Otherwise, the terminal is forbidden to be cut by the current system
Shift to the goal systems;Wherein, the goal systems is that security level is higher than the current system in the multiple system
The system of security level, other described any terminals are any terminal except the terminal.
In the technical scheme, when the specified data in remote acquisition terminal in the higher goal systems of security level,
And terminal operating, at this point, terminal and other any terminals are established connection first, makes in the lower current system of security level
The user of other any terminals can send first identifier information to terminal by other any terminals, and make the user of terminal
Second identifier information can be inputted to terminal, when first identifier information and second identifier information matches, this illustrates the use of terminal
Be between family and the user of other any terminals it is trusty, then allow terminal to be switched in goal systems by current system, make
The user of terminal can temporarily enter in goal systems, and when first identifier information and second identifier information mismatch, this is said
The user of bright terminal is not other any terminals user trusty or logs on to goal systems there may be remote authorization is upset
In situation, for example, the case where hacker is to malicious attack or the logon attempt of network, then forbid terminal to be switched to by current system
In goal systems, so that it is guaranteed that remote authorization trusted user enters the safety in the higher system of security level, in addition, by
It can further avoid what use was fixed in the related technology in first identifier information and second identifier information with real-time change
Security key carrys out remote authorization and enters in goal systems, has thereby further ensured that the data peace of the higher system of security level
Quan Xing, it is ensured that into the safety of this process of the higher system of security level, when security key being avoided illegally to be stolen
Specified data in goal systems are leaked, and are entered in the higher system of security level to finally improve remote authorization
Safety, certainly, in the present invention, it will be appreciated by those skilled in the art that terminal is first terminal, other any terminals are
For second terminal.
In the above-mentioned technical solutions, it is preferable that further include: control unit, in the permission terminal by the current system
It switches to after the goal systems, controls the terminal by the current system and switch to the goal systems, so that described
Specified data in the goal systems are sent to other described any terminals by the user of terminal.
In the technical scheme, after allowing terminal to switch to goal systems by current system, then illustrate other any ends
The user of the user at end successfully Remote authorization terminal temporarily enters in goal systems, and then terminal is switched to by current system
In goal systems, the specified data in goal systems can be sent to other any terminals by the user of terminal, keep other any
The available specified data of the user of terminal avoid specified data and illegally steal by illegal user.
In the above-mentioned technical solutions, it is preferable that further include: transmission unit, in the permission terminal by the current system
It switches to before the goal systems, returns to the first identifier information to other described any terminals and the second identifier is believed
The matched matching result of manner of breathing, so that other described any terminals send third identification information to the terminal again;It is described to sentence
Disconnected unit is also used to: after receiving the third identification information, judging the third identification information and pre-stored matching mark
Know whether information matches;The processing unit is also used to: when the judgment result is yes, determining allows the terminal by described current
System switches to the goal systems, otherwise, the terminal is forbidden to switch to the goal systems by the current system.
In the technical scheme, before allowing terminal to switch to the higher goal systems of security level, further includes: if
First identifier information and the success of second identifier information matches, then return to the information of successful match, to other any terminals for logical
The user's first identifier information and the success of second identifier information matches for knowing other any terminals, to notify other any terminals
User can send third identification information to terminal again by other any terminals, when terminal receives third identification information
Afterwards, if third identification information and pre-stored matching identification information matches, illustrate that the user of other any terminals is and end
The user for holding binding, is not illegal user, terminal is allowed for be switched in goal systems by current system, make the user of terminal
It can temporarily enter in goal systems, if third identification information and pre-stored matching identification information mismatch, illustrate
The user of other any terminals may be illegal user, just terminal be forbidden to be switched in goal systems by current system, to keep away
Exempt from illegal operation of the illegal user to terminal, and the Dual Matching of identification information, then it can be further improved remote authorization entrance
Safety into goal systems, to further increase the security performance of the goal systems of terminal.
In the above-mentioned technical solutions, it is preferable that further include: the processing unit is also used to: when there are multiple targets
When system, if the first identifier information matches with the second identifier information, according to every in multiple goal systems
The frequency of use of a goal systems and/or system banner from other any terminals, determine final target system
System.
In the technical scheme, by the cooperation of terminal and other any terminals, the user of other any terminals can be remote
The user of journey authorization terminal enters in the goal systems of terminal, can be according to multiple when the quantity of goal systems is multiple
The frequency of use of each goal systems and/or the system banner from other any terminals in goal systems, in multiple target systems
Final goal systems is determined in system, and the user of terminal is avoided to manually select final goal systems in multiple goal systems,
To keep terminal more intelligent.
In the above-mentioned technical solutions, it is preferable that the first identifier information, the second identifier information, the third mark
Know information and the pre-stored matching identification information includes: system access key, random code, finger print information, facial characteristics letter
At least one information in breath, voice identification information.
In the technical scheme, first identifier information, second identifier information, third identification information and pre-stored matching mark
Knowing information includes but is not limited to: system access key, random code, finger print information, face feature information, in voice identification information
At least one information, due to first identifier information, second identifier information, third identification information and pre-stored matching identification information
It is in real time or periodically constantly to change, avoids first identifier information, second identifier information, third identification information and be pre-stored
Matching identification information leaked, avoid illegal user from entering in the higher system of security level of terminal, so improve
The security performance that terminal remote logs in.
Another aspect of the present invention proposes a kind of terminal, accesses including system described in any one of above-mentioned technical proposal
Device.
In the technical scheme, when the specified data in remote acquisition terminal in the higher goal systems of security level,
And terminal operating, at this point, terminal and other any terminals are established connection first, makes in the lower current system of security level
The user of other any terminals can send first identifier information to terminal by other any terminals, and make the user of terminal
Second identifier information can be inputted to terminal, when first identifier information and second identifier information matches, this illustrates the use of terminal
Be between family and the user of other any terminals it is trusty, then allow terminal to be switched in goal systems by current system, make
The user of terminal can temporarily enter in goal systems, and when first identifier information and second identifier information mismatch, this is said
Bright there may be upset remote authorizations to log on to the situation in goal systems, for example, malicious attack or trial of the hacker to network
The case where login, then forbids terminal to be switched in goal systems by current system, in addition, due to first identifier information and the second mark
Knowing information can avoid carrying out remote authorization using security key fixed in the related technology entering target system with real-time change
In system, so that specified data when security key being avoided illegally to be stolen in goal systems are leaked, remotely awarded to improve
Power enters the safety in the higher system of security level.
According to the technical solution of the present invention, the process for the higher system of security level for entering terminal in remote authorization
In, it can be ensured that the Information Security of the higher system of security level, it is ensured that into this mistake of the higher system of security level
The safety of journey is effectively prevented from illegal user and enters in the higher system of security level, to avoid security level higher
Data in system are illegally stolen, and the security performance of the security system of terminal is improved.
Detailed description of the invention
Fig. 1 shows the flow diagram of system access method according to an embodiment of the invention;
Fig. 2 shows the method streams that remote terminal according to an embodiment of the invention is communicated with dual system termi-nal
Journey schematic diagram;
Fig. 3 shows the method stream that dual system termi-nal according to an embodiment of the invention is communicated with remote terminal
Journey schematic diagram;
Fig. 4 shows the structural schematic diagram of system access mechanism according to an embodiment of the invention;
Fig. 5 shows the structural schematic diagram of terminal according to an embodiment of the invention;
Fig. 6 shows the original that remote terminal authorization terminal according to an embodiment of the invention carries out secure system access
Manage structural schematic diagram.
Specific embodiment
It is with reference to the accompanying drawing and specific real in order to be more clearly understood that the above objects, features and advantages of the present invention
Applying mode, the present invention is further described in detail.It should be noted that in the absence of conflict, the implementation of the application
Feature in example and embodiment can be combined with each other.
In the following description, numerous specific details are set forth in order to facilitate a full understanding of the present invention, still, the present invention may be used also
To be implemented using other than the one described here other modes, therefore, protection scope of the present invention is not by described below
Specific embodiment limitation.
Fig. 1 shows the flow diagram of system access method according to an embodiment of the invention.
As shown in Figure 1, system access method according to an embodiment of the invention, comprising: step 102, when operating in
After the terminal and other any terminals of current system establish connection, the first identifier from other any terminals is received
Information;Step 104, the second identifier information inputted in the terminal is received;Step 106, judge the first identifier information with
Whether the second identifier information matches, and when the judgment result is yes, the terminal is allowed to be switched to by the current system
Goal systems;Otherwise, the terminal is forbidden to switch to the goal systems by the current system;Wherein, the goal systems
It is higher than the system of the security level of the current system for security level in the multiple system.
In the technical scheme, when the specified data in remote acquisition terminal in the higher goal systems of security level,
And terminal operating, at this point, terminal and other any terminals are established connection first, makes in the lower current system of security level
The user of other any terminals can send first identifier information to terminal by other any terminals, and make the user of terminal
Second identifier information can be inputted to terminal, when first identifier information and second identifier information matches, this illustrates the use of terminal
Be between family and the user of other any terminals it is trusty, then allow terminal to be switched in goal systems by current system, make
The user of terminal can temporarily enter in goal systems, and when first identifier information and second identifier information mismatch, this is said
The user of bright terminal is not other any terminals user trusty or logs on to goal systems there may be remote authorization is upset
In situation, for example, the case where hacker is to malicious attack or the logon attempt of network, then forbid terminal to be switched to by current system
In goal systems, so that it is guaranteed that remote authorization trusted user enters the safety in the higher system of security level, in addition, by
It can further avoid what use was fixed in the related technology in first identifier information and second identifier information with real-time change
Security key carrys out remote authorization and enters in goal systems, has thereby further ensured that the data peace of the higher system of security level
Quan Xing, it is ensured that into the safety of this process of the higher system of security level, when security key being avoided illegally to be stolen
Specified data in goal systems are leaked, and are entered in the higher system of security level to finally improve remote authorization
Safety.
In the above-mentioned technical solutions, it is preferable that the terminal is being allowed to switch to the target system by the current system
After system, the terminal is controlled by the current system and switches to the goal systems, so that the user of the terminal will be described
Specified data in goal systems are sent to other described any terminals.
In the technical scheme, after allowing terminal to switch to goal systems by current system, then illustrate other any ends
The user of the user at end successfully Remote authorization terminal temporarily enters in goal systems, and then terminal is switched to by current system
In goal systems, the specified data in goal systems can be sent to other any terminals by the user of terminal, keep other any
The available specified data of the user of terminal avoid specified data and illegally steal by illegal user.
In the above-mentioned technical solutions, it is preferable that the terminal is being allowed to switch to the target system by the current system
Before system, further includes: return to the first identifier information to other described any terminals and match with the second identifier information
Matching result so that other described any terminals again to the terminal send third identification information;Receiving described
After three identification informations, judge whether the third identification information matches with pre-stored matching identification information, and in judging result
When to be, determining allows the terminal to switch to the goal systems by the current system, otherwise, forbids the terminal by institute
It states current system and switches to the goal systems.
In the technical scheme, before allowing terminal to switch to the higher goal systems of security level, further includes: if
First identifier information and the success of second identifier information matches, then return to the information of successful match, to other any terminals for logical
The user's first identifier information and the success of second identifier information matches for knowing other any terminals, to notify other any terminals
User can send third identification information to terminal again by other any terminals, when terminal receives third identification information
Afterwards, if third identification information and pre-stored matching identification information matches, illustrate that the user of other any terminals is and end
The user for holding binding, is not illegal user, terminal is allowed for be switched in goal systems by current system, to make terminal
User can temporarily enter in goal systems, if third identification information and pre-stored matching identification information mismatch,
Illustrate that the user of other any terminals may be illegal user, just terminal is forbidden to be switched in goal systems by current system, from
And illegal operation of the illegal user to terminal is avoided, and the Dual Matching of identification information, then it can be further improved remote authorization
The safety in goal systems is entered, to further increase the security performance of the goal systems of terminal.
In the above-mentioned technical solutions, it is preferable that further include: when there are multiple goal systems, if first mark
Know information to match with the second identifier information, then according to the use of the goal systems each in multiple goal systems
Frequency and/or system banner from other any terminals, determine final goal systems.
In the technical scheme, by the cooperation of terminal and other any terminals, the user of other any terminals can be remote
The user of journey authorization terminal enters in the goal systems of terminal, can be according to multiple when the quantity of goal systems is multiple
The frequency of use of each goal systems and/or the system banner from other any terminals in goal systems, in multiple target systems
Final goal systems is determined in system, and the user of terminal is avoided to manually select final goal systems in multiple goal systems,
To keep terminal more intelligent.
In the above-mentioned technical solutions, it is preferable that the first identifier information, the second identifier information, the third mark
Know information and the pre-stored matching identification information includes: system access key, random code, finger print information, facial characteristics letter
At least one information in breath, voice identification information.
In the technical scheme, first identifier information, second identifier information, third identification information and pre-stored matching mark
Knowing information includes but is not limited to: system access key, random code, finger print information, face feature information, in voice identification information
At least one information, due to first identifier information, second identifier information, third identification information and pre-stored matching identification information
It is in real time or periodically constantly to change, avoids first identifier information, second identifier information, third identification information and be pre-stored
Matching identification information leaked, avoid illegal user from entering in the higher system of security level of terminal, so improve
The security performance that terminal remote logs in.
Fig. 2 shows the method streams that remote terminal according to an embodiment of the invention is communicated with dual system termi-nal
Journey schematic diagram.
As shown in Fig. 2, remote terminal according to an embodiment of the invention and dual system termi-nal carry out communication means (
In the embodiment, terminal is mobile phone, is equipped with dual system on mobile phone, i.e., the lower conventional system of security level and security level compared with
The current system of high security system, mobile phone is conventional system, and mobile phone can carry out digital service, in addition, remote terminal has
Have the function of fingerprint recognition), comprising:
Step 202, APK (Android Package, android system are logged in remote terminal (other any terminals)
Installation kit).
Step 204, by APK, remote terminal and mobile phone are established into connection.
Step 206, judge whether that the information for receiving mobile phone feedback can then notify terminal when the judgment result is yes
User's remote terminal and mobile phone successful connection, enter step 208, when the judgment result is no, may be due to network
Reason leads to feedback time-out, terminates remote terminal and carries out system access.
Step 208, the passwords (first identifier information) of user's input of remote terminal are received.
Step 210, judge passwords (second identifier information) in the passwords and mobile phone of remote terminal whether
Match, when the judgment result is yes, allows mobile phone to switch to security system by conventional system, 212 are entered step, when judging result is
When no, mobile phone is forbidden to switch to security system by conventional system, then proceed to the passwords of input remote terminal, step will be entered
Rapid 208, then the passwords of remote terminal are matched with the passwords in mobile phone.
Step 212, the fingerprint log-on message (third identification information) of user's input of remote terminal is received.
Step 214, judge whether successful match is then said when the judgment result is yes for the fingerprint log-on message of remote terminal
The user of bright remote terminal carries out system by remote terminal and accesses successfully, when the judgment result is no, enters step 212.
Fig. 3 shows the method stream that dual system termi-nal according to an embodiment of the invention is communicated with remote terminal
Journey schematic diagram.
As shown in figure 3, the method that dual system termi-nal according to an embodiment of the invention is communicated with remote terminal
(in this embodiment, terminal is mobile phone, and dual system, the i.e. lower conventional system of security level and safety etc. are equipped on mobile phone
The current system of the higher security system of grade, mobile phone is conventional system, and mobile phone can carry out digital service, in addition, long-range whole
End has the function of fingerprint recognition), comprising:
Step 302, the logging request of remote terminal (other any terminals) is received.
Step 304, agree to the logging request of remote terminal, and receive the feedback information from remote terminal, illustrate remote
Journey terminal and mobile phone successful connection.
Step 306, the passwords (second identifier information) of the mobile phone of user's input are received.
Step 308, whether the passwords (first identifier information) of the passwords and remote terminal that judge mobile phone match
Success, when the judgment result is yes, enters step 310, when the judgment result is no, mobile phone is forbidden to switch to peace by conventional system
Total system can continue to the passwords of mobile phone, enter step 306.
Step 310, the notice of input finger print information (third identification information) is sent to remote terminal, and waits remote terminal
The finger print information of transmission.
Step 312, judge whether the finger print information of remote terminal input matches with the matching identification information being pre-stored, when sentencing
Disconnected result is when being, determining allows mobile phone to switch to security system by conventional system, 314 is entered step, when judging result is no
When, forbid mobile phone to switch to security system by conventional system, notice remote terminal continues to send new finger print information, enter step
310。
Step 314, mobile phone switches in security system, makes the user (user of terminal) of mobile phone can be by the safety of mobile phone
Specified data in system are sent in remote terminal.
Fig. 4 shows the structural schematic diagram of system access mechanism according to an embodiment of the invention.
As shown in figure 4, system access mechanism 400 according to an embodiment of the invention, comprising: the first receiving unit
402, after the terminal and other any terminals that operate in current system establish connection, receive from other described any ends
The first identifier information at end;Second receiving unit 404 receives the second identifier information inputted in the terminal;Judging unit
406, judge whether the first identifier information matches with the second identifier information;Processing unit 408 is yes in judging result
When, allow the terminal to switch to goal systems by the current system;Otherwise, the terminal is forbidden to be cut by the current system
Shift to the goal systems;Wherein, the goal systems is that security level is higher than the current system in the multiple system
The system of security level.
In the technical scheme, when the specified data in remote acquisition terminal in the higher goal systems of security level,
And terminal operating, at this point, terminal and other any terminals are established connection first, makes in the lower current system of security level
The user of other any terminals can send first identifier information to terminal by other any terminals, and make the user of terminal
Second identifier information can be inputted to terminal, when first identifier information and second identifier information matches, this illustrates the use of terminal
Be between family and the user of other any terminals it is trusty, then allow terminal to be switched in goal systems by current system, make
The user of terminal can temporarily enter in goal systems, and when first identifier information and second identifier information mismatch, this is said
The user of bright terminal is not other any terminals user trusty or logs on to goal systems there may be remote authorization is upset
In situation, for example, the case where hacker is to malicious attack or the logon attempt of network, then forbid terminal to be switched to by current system
In goal systems, so that it is guaranteed that remote authorization trusted user enters the safety in the higher system of security level, in addition, by
It can further avoid what use was fixed in the related technology in first identifier information and second identifier information with real-time change
Security key carrys out remote authorization and enters in goal systems, has thereby further ensured that the data peace of the higher system of security level
Quan Xing, it is ensured that into the safety of this process of the higher system of security level, when security key being avoided illegally to be stolen
Specified data in goal systems are leaked, and are entered in the higher system of security level to finally improve remote authorization
Safety.In the above-mentioned technical solutions, it is preferable that further include: control unit 410, in the permission terminal by the current system
System switches to after the goal systems, controls the terminal by the current system and switches to the goal systems, so that institute
Specified data in the goal systems are sent to other described any terminals by the user for stating terminal.
In the technical scheme, after allowing terminal to switch to goal systems by current system, then illustrate other any ends
The user of the user at end successfully Remote authorization terminal temporarily enters in goal systems, and then terminal is switched to by current system
In goal systems, the specified data in goal systems can be sent to other any terminals by the user of terminal, keep other any
The available specified data of the user of terminal avoid specified data and illegally steal by illegal user.
In the above-mentioned technical solutions, it is preferable that further include: transmission unit 412, in the permission terminal by the current system
System switches to before the goal systems, returns to the first identifier information and the second identifier to other described any terminals
The matching result that information matches, so that other described any terminals send third identification information to the terminal again;It is described
Judging unit 406 is also used to: after receiving the third identification information, judging the third identification information and pre-stored
Whether matched with identification information;The processing unit 408 is also used to: when the judgment result is yes, determine allow the terminal by
The current system switches to the goal systems, otherwise, the terminal is forbidden to switch to the target by the current system
System.
In the technical scheme, before allowing terminal to switch to the higher goal systems of security level, further includes: if
First identifier information and the success of second identifier information matches, then return to the information of successful match, to other any terminals for logical
The user's first identifier information and the success of second identifier information matches for knowing other any terminals, to notify other any terminals
User can send third identification information to terminal again by other any terminals, when terminal receives third identification information
Afterwards, if third identification information and pre-stored matching identification information matches, illustrate that the user of other any terminals is and end
The user for holding binding, is not illegal user, terminal is allowed for be switched in goal systems by current system, make the user of terminal
It can temporarily enter in goal systems, if third identification information and pre-stored matching identification information mismatch, illustrate
The user of other any terminals may be illegal user, just terminal be forbidden to be switched in goal systems by current system, to keep away
Exempt from illegal operation of the illegal user to terminal, and the Dual Matching of identification information, then it can be further improved remote authorization entrance
Safety into goal systems, to further increase the security performance of the goal systems of terminal.
In the above-mentioned technical solutions, it is preferable that further include: the processing unit 408 is also used to: when there are multiple mesh
When mark system, if the first identifier information matches with the second identifier information, according in multiple goal systems
The frequency of use of each goal systems and/or system banner from other any terminals, determine final target
System.
In the technical scheme, by the cooperation of terminal and other any terminals, the user of other any terminals can be remote
The user of journey authorization terminal enters in the goal systems of terminal, can be according to multiple when the quantity of goal systems is multiple
The frequency of use of each goal systems and/or the system banner from other any terminals in goal systems, in multiple target systems
Final goal systems is determined in system, and the user of terminal is avoided to manually select final goal systems in multiple goal systems,
To keep terminal more intelligent.
In the above-mentioned technical solutions, it is preferable that the first identifier information, the second identifier information, the third mark
Know information and the pre-stored matching identification information includes: system access key, random code, finger print information, facial characteristics letter
At least one information in breath, voice identification information.
In the technical scheme, first identifier information, second identifier information, third identification information and pre-stored matching mark
Knowing information includes but is not limited to: system access key, random code, finger print information, face feature information, in voice identification information
At least one information, due to first identifier information, second identifier information, third identification information and pre-stored matching identification information
It is in real time or periodically constantly to change, avoids first identifier information, second identifier information, third identification information and be pre-stored
Matching identification information leaked, avoid illegal user from entering in the higher system of security level of terminal, so improve
The security performance that terminal remote logs in.
Fig. 5 shows the structural schematic diagram of terminal according to an embodiment of the invention.
As shown in figure 5, terminal 500 according to an embodiment of the invention, including any one of above-mentioned technical proposal institute
The system access mechanism 400 stated.
In the technical scheme, when the specified data in remote acquisition terminal 500 in the higher goal systems of security level
When, and terminal 500 operates in the lower current system of security level, at this point, terminal 500 and other any terminals are built first
Vertical connection allows the user of other any terminals to send first identifier information to terminal 500 by other any terminals, and
The user of terminal 500 is set to input second identifier information to terminal 500, when first identifier information and second identifier information matches
When, this illustrate be between the user of terminal 500 and the user of other any terminals it is trusty, then allow terminal 500 by current
System switches in goal systems, enters the user of terminal 500 temporarily in goal systems, when first identifier information with
When second identifier information mismatches, this explanation logs on to the situation in goal systems there may be remote authorization is upset, for example, black
The case where visitor is to malicious attack or the logon attempt of network, then forbid terminal 500 to be switched in goal systems by current system, separately
Outside, since first identifier information and second identifier information can be avoided with real-time change using peace fixed in the related technology
Full key carrys out remote authorization and enters in goal systems, thus specified in goal systems when security key being avoided illegally to be stolen
Data are leaked, to improve the safety that remote authorization enters in the higher system of security level.
Fig. 6 shows the original that remote terminal authorization terminal according to an embodiment of the invention carries out secure system access
Manage structural schematic diagram.
As shown in fig. 6, remote terminal according to an embodiment of the invention and terminal carry out system access (in the implementation
In example, terminal is mobile phone, and dual system, the i.e. lower conventional system of security level and the higher peace of security level are equipped on mobile phone
The current system of total system, mobile phone is conventional system, and mobile phone can carry out digital service, in addition, remote terminal has fingerprint
The function of identification), comprising:
1. logging in APK by remote terminal, mobile phone and remote terminal is made to establish connection, it is specified for can establish one
Access end to end.
2. illustrating mobile phone and remote terminal successful connection, mobile phone and long-range end by sending feedback information to remote terminal
End enters the interface of input passwords, then the user of mobile phone and the user of remote terminal can negotiate one match it is close
Code.
3. mobile phone receives the passwords (second identifier information) of user (user of the terminal) input of mobile phone, long-range whole
Termination receives the passwords (first identifier information) of user (users of other any terminals) input of remote terminal, by the two
Passwords matched.
If allowing remote terminal to enter the interface of input finger print information (third identification information) 4. successful match, for example,
The relevant informations such as display " waiting in finger print information certification ... " on mobile phone, if re-entering mobile phone without successful match
Passwords and remote terminal passwords, re-start matching.
5. inputting finger print information in the interface of input finger print information.
6. if the user of Successful authorization mobile phone can the finger print information of input and pre-stored matching identification information matches
Temporarily to enter in security system, mobile phone is switched in security system by conventional system, and the user of mobile phone can temporarily pacify
It is operated in total system.If the finger print information of input and pre-stored matching identification information mismatch, authorization failure,
The related announcement that finger print information mistake is shown on remote terminal makes the user of remote terminal re-enter another finger print information,
So as to which another finger print information is matched with pre-stored matching identification information again.
Carry out the technical solution that the present invention will be described in detail below with reference to one embodiment, for example, after user A working to company
It was found that mobile phone is forgotten to be in, wherein the mobile phone is equipped with dual system, the i.e. lower conventional system of security level and security level
Higher security system needs to report several significant datas to leader at this time, and data exist in the security system of mobile phone, hand
Machine operates in conventional system, needs the finger print information of user A, and mobile phone could be switched in security system from conventional system,
Just user B can touch mobile phone, and user B is not the rival of user's company A, will not make to the data of user A
At any threat, so being trusty between user A and user B.That should can just allow this user B trusty to help
The security system of interim operating handset, to provide data from security system.It is combined by passwords and finger print information
Mode, allows user B to succeed and reliably into security system, because inputting the mode of fixed password in the related technology
It is easy to be seen by other users, so that unauthorized access of the illegal user to security system is caused, in addition, passing through single fingerprint
The problems such as information enters security system to carry out remote authorization, can be potentially encountered the network attack or logon attempt of access connection,
To cause to cannot connect to mobile phone with the user of handset binding or connection delay is serious.
According to the technical solution of the present invention, passwords are inputted by the user of the user of mobile phone and remote terminal respectively,
When the matching of the passwords of the two, it can establish one-to-one and access end to end, other upsets can be effectively avoided
The case where login, substantially increases the safety of remote authorization in addition, identifying this bio-identification mode using finger print information.
The technical scheme of the present invention has been explained in detail above with reference to the attached drawings, enters the security level of terminal in remote authorization
During higher system, it can be ensured that the Information Security of the higher system of security level, it is ensured that enter security level compared with
The safety of this process of high system is effectively prevented from illegal user and enters in the higher system of security level, to keep away
The data exempted from the higher system of security level are illegally stolen, and the security performance of the security system of terminal is improved.
In the present invention, term " first ", " second " are only used for the purpose described, are not understood to indicate or imply phase
To importance;Term " multiple " indicates two or more;Term " connection " etc. shall be understood in a broad sense, for example, it may be
It is fixedly connected, may be a detachable connection, or be integrally connected.For the ordinary skill in the art, Ke Yigen
The concrete meaning of above-mentioned term in the present invention is understood according to concrete condition.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, made any to repair
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (7)
1. a kind of system access method, for being equipped with the terminal of multiple systems characterized by comprising
After the terminal and other any terminals that operate in current system establish connection, receive from other described any ends
The first identifier information at end;
Receive the second identifier information inputted in the terminal;
Judge whether the first identifier information matches with the second identifier information, and when the judgment result is yes, allows institute
It states terminal and goal systems is switched to by the current system;Otherwise, the terminal is forbidden to be switched to by the current system described
Goal systems;Wherein, the goal systems is the security level that security level is higher than the current system in the multiple system
System, other described any terminals be the terminal except any terminal;
After allowing the terminal to switch to the goal systems by the current system, the terminal is controlled by described current
System switches to the goal systems so that the user of the terminal the specified data in the goal systems are sent to it is described
Other any terminals;
Before allowing the terminal to switch to the goal systems by the current system, further includes:
The matching result that the first identifier information and the second identifier information match is returned to other described any terminals,
So that other described any terminals send third identification information to the terminal again;
After receiving the third identification information, judge whether are the third identification information and pre-stored matching identification information
Matching, and when the judgment result is yes, determining allows the terminal to switch to the goal systems by the current system, no
Then, the terminal is forbidden to switch to the goal systems by the current system.
2. system according to claim 1 access method, which is characterized in that further include:
When there are multiple goal systems, if the first identifier information matches with the second identifier information, root
According to the frequency of use of each goal systems in multiple goal systems and/or the system from other any terminals
Mark, determines final goal systems.
3. system access method according to claim 1 or 2, which is characterized in that
The first identifier information, the second identifier information, the third identification information and the pre-stored matching identification
Information include: system access key, random code, finger print information, face feature information, in voice identification information at least one of letter
Breath.
4. a kind of system access mechanism, for being equipped with the terminal of multiple systems characterized by comprising
First receiving unit, after the terminal and other any terminals that operate in current system establish connection, reception is come from
The first identifier information of other any terminals;
Second receiving unit receives the second identifier information inputted in the terminal;
Judging unit, judges whether the first identifier information matches with the second identifier information;
Processing unit allows the terminal to switch to goal systems by the current system when the judgment result is yes;Otherwise,
The terminal is forbidden to switch to the goal systems by the current system;Wherein, the goal systems is the multiple system
The system that middle security level is higher than the security level of the current system, other described any terminals are appointing except the terminal
One terminal;
Further include:
Control unit controls the terminal after allowing the terminal to switch to the goal systems by the current system
The goal systems is switched to by the current system, so that the user of the terminal is by the specified data in the goal systems
It is sent to other described any terminals;
Transmission unit, before allowing the terminal to switch to the goal systems by the current system, to it is described other
The matching result that one terminal returns to the first identifier information and the second identifier information matches, so that described, other are any
Terminal sends third identification information to the terminal again;
The judging unit is also used to: after receiving the third identification information, being judged the third identification information and is prestored
Whether the matching identification information of storage matches;
The processing unit is also used to: when the judgment result is yes, determining allows the terminal to be switched to by the current system
Otherwise the goal systems forbids the terminal to switch to the goal systems by the current system.
5. system access mechanism according to claim 4, which is characterized in that further include:
The processing unit is also used to: when there are multiple goal systems, if the first identifier information and described second
Identification information matches, then according to the frequency of use of the goal systems each in multiple goal systems and/or from institute
The system banner for stating other any terminals determines final goal systems.
6. system access mechanism according to claim 4 or 5, which is characterized in that
The first identifier information, the second identifier information, the third identification information and the pre-stored matching identification
Information include: system access key, random code, finger print information, face feature information, in voice identification information at least one of letter
Breath.
7. a kind of terminal characterized by comprising the system access mechanism as described in any one of claim 4 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510040758.2A CN105635090B (en) | 2015-01-27 | 2015-01-27 | System access method, system access mechanism and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510040758.2A CN105635090B (en) | 2015-01-27 | 2015-01-27 | System access method, system access mechanism and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105635090A CN105635090A (en) | 2016-06-01 |
| CN105635090B true CN105635090B (en) | 2019-04-12 |
Family
ID=56049586
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510040758.2A Active CN105635090B (en) | 2015-01-27 | 2015-01-27 | System access method, system access mechanism and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105635090B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107566322A (en) * | 2016-06-30 | 2018-01-09 | 惠州华阳通用电子有限公司 | A kind of onboard system multi-user access method and device |
| CN106357606A (en) * | 2016-08-19 | 2017-01-25 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method, authentication device and terminal |
| WO2019037084A1 (en) * | 2017-08-25 | 2019-02-28 | 深圳传音通讯有限公司 | Dual-system switching method, motile terminal, and computer-readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103237064A (en) * | 2013-04-11 | 2013-08-07 | 百度在线网络技术(北京)有限公司 | Terminals, and method, system and cloud server for remote locking of terminals |
| CN103955638A (en) * | 2014-05-20 | 2014-07-30 | 深圳市中兴移动通信有限公司 | Method and device for privacy protection |
| CN104243716A (en) * | 2014-09-28 | 2014-12-24 | 酷派软件技术(深圳)有限公司 | Information acquiring method and device |
-
2015
- 2015-01-27 CN CN201510040758.2A patent/CN105635090B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103237064A (en) * | 2013-04-11 | 2013-08-07 | 百度在线网络技术(北京)有限公司 | Terminals, and method, system and cloud server for remote locking of terminals |
| CN103955638A (en) * | 2014-05-20 | 2014-07-30 | 深圳市中兴移动通信有限公司 | Method and device for privacy protection |
| CN104243716A (en) * | 2014-09-28 | 2014-12-24 | 酷派软件技术(深圳)有限公司 | Information acquiring method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105635090A (en) | 2016-06-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104639624B (en) | A kind of method and apparatus for realizing mobile terminal remote access control | |
| EP2857947B1 (en) | Terminal device and unlocking method thereof | |
| US10171444B1 (en) | Securitization of temporal digital communications via authentication and validation for wireless user and access devices | |
| CN104156657B (en) | The data inputting method of terminal, the message input device of terminal and terminal | |
| CN111835689B (en) | Identity authentication method of digital key, terminal device and medium | |
| CN108173822A (en) | Intelligent door lock management-control method, intelligent door lock and computer readable storage medium | |
| CN104157029A (en) | Access control system, mobile terminal based control method thereof and mobile terminal | |
| CN107067516A (en) | Method for unlocking and system and door-locking system | |
| CN102215221A (en) | Methods and systems for secure remote wake, boot, and login to a computer from a mobile device | |
| CN105530356A (en) | Mobile communication terminal and data protection method and apparatus thereof | |
| CN103728894A (en) | Remote control method and system of terminal device | |
| CN109067881B (en) | Remote authorization method, device, equipment and storage medium thereof | |
| CN104009844A (en) | Multilevel password processing method based on safety management | |
| CN104794402A (en) | System switching method, system switching device and terminal | |
| CN112528257A (en) | Security debugging method and device, electronic equipment and storage medium | |
| CN103283268A (en) | Wireless terminal and method for managing connection of network using same | |
| CN105635090B (en) | System access method, system access mechanism and terminal | |
| CN109035515A (en) | The control method and door-locking system of smart lock | |
| US20140337951A1 (en) | Security management system including multiple relay servers and security management method | |
| CN113674455B (en) | Remote control method, device, system, equipment and storage medium for intelligent door lock | |
| CN106027467B (en) | A kind of identity card reading response system | |
| CN102333068B (en) | SSH and SFTP (Secure Shell and Ssh File Transfer Protocol)-based tunnel intelligent management and control system and method | |
| EP2436164B1 (en) | Method and equipment for establishing secure connection on a communication network | |
| CN106506491B (en) | Network safety system | |
| CN111946163A (en) | Method and system for remotely opening door by visual intelligent lock |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |