CN105743643A - Communication security detection method and device - Google Patents
Communication security detection method and device Download PDFInfo
- Publication number
- CN105743643A CN105743643A CN201610266594.XA CN201610266594A CN105743643A CN 105743643 A CN105743643 A CN 105743643A CN 201610266594 A CN201610266594 A CN 201610266594A CN 105743643 A CN105743643 A CN 105743643A
- Authority
- CN
- China
- Prior art keywords
- client
- security verification
- verification logic
- resolver
- logic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The embodiment of the invention discloses a communication security detection method and detection device. The detection method comprises following steps of receiving a communication request sent by a to-be-verified client; generating a security verification logic according to the communication request and the analyzing capability of a server analyzer; sending the security verification logic to the to-be-verified client; and according to a return result of the to-be-verified client based on the security verification logic, verifying the security of the to-be-verified client, wherein a client analyzer having the same analyzing capability to that of the server analyzer is configured in the security client. According to the embodiment of the invention, through adoption of the technical scheme, the difficulty of cracking a communication content encryption algorithm can be effectively improved; the possibility that the communication contents are stolen is reduced; the operations for maintaining the encryption algorithm are reduced; illegal communication behaviors in communication behaviors can be discovered timely; and the user experience is improved.
Description
Technical field
The present invention relates to the information processing technology, particularly relate to detection method and the device of a kind of communication security.
Background technology
In recent years, along with the development of communication technology, client-based communication has obtained the most widely should
With, people it is also proposed the highest requirement for the safety of communication.
In order to ensure the safety of client and server communication content, prior art is usually and uses client to add
Close, server deciphering, or the mode that client and server is encrypted simultaneously, made an appointment by both sides
Whether safety is legal for the communication protocol that the client that determines encrypting and decrypting operation and protocol format triggers.But,
The method using this type of method to be encrypted Content of Communication or to decipher is fixing, only need to dip into and just may be used
The encryption-decryption algorithm used with the reverse server and client side of release, encrypting and decrypting method is once cracked,
Then need upgrade server and logging in of client just can redefine new encrypting and decrypting method, maintenance process
Loaded down with trivial details;And, if encryption-decryption algorithm is cracked by third party, then third party can not use legal visitor
Family end software just can directly log in and communicate, and the loss of the aspects such as cause the user property is unfavorable for
Improve the experience of user.
Summary of the invention
In view of this, the embodiment of the present invention provides detection method and the device of a kind of communication security, existing to solve
Having communication security in technology to determine that method is easily cracked, maintenance process is loaded down with trivial details, it is impossible to determine illegal communication row
For technical problem.
First aspect, embodiments provides the detection method of a kind of communication security, including:
Receive the communication request that client to be verified sends;
Analytic ability according to described communication request and server end resolver generates security verification logic,
And described security verification logic is sent to described client to be verified;
According to described client to be verified return result based on described security verification logic, treat described in checking
The safety of checking client, wherein, is configured with and described server end resolver in security client
The client resolver that analytic ability is identical.
Second aspect, embodiments provides the detection method of a kind of communication security, including:
Receive the security verification logic that server sends;
Using client resolver to resolve described security verification logic, wherein, described client resolver is joined
Put in security client, the analytic ability of described client resolver and the service of configuration in described server
The analytic ability of device end resolver is identical;
Calculate the operation result of described security verification logic according to analysis result, and described operation result is made
Return result for described security verification logic is sent to described server.
The third aspect, embodiments provides the detection device of a kind of communication security, is arranged in server
In, including:
Communication request receiver module, for receiving the communication request that client to be verified sends;
Check logic generation module, for the parsing energy according to described communication request and server end resolver
Power generates security verification logic, and sends described security verification logic to described client to be verified;
Communication security authentication module, is used for according to described client to be verified based on described security verification logic
Return result, verify the safety of described client to be verified, wherein, be configured with in security client
The client resolver identical with the analytic ability of described server end resolver.
Fourth aspect, embodiments provides the detection device of a kind of communication security, is arranged in client
In, including:
Check logic receiver module, for receiving the security verification logic that server sends;
Check logic parsing module, is used for using client resolver to resolve described security verification logic, its
In, described client resolver is arranged in security client, the analytic ability of described client resolver with
In described server, the analytic ability of the server end resolver of configuration is identical;
Return result sending module, for calculating the computing knot of described security verification logic according to analysis result
Really, and using described operation result it is sent to described service as the return result of described security verification logic
Device.
The checkschema of the communication security that the embodiment of the present invention provides, the communication that server sends according to client
The analytic ability of request and server end resolver generates security verification logic and is patrolled by described security verification
Collecting and be sent to client, client to be verified resolves this security verification logic by client resolver and generates
Returning result and this return result is sent to server, server judges visitor to be verified based on this return result
The safety of family end.The embodiment of the present invention, by using technique scheme, not only can be effectively improved logical
The difficulty that letter content encryption algorithm is cracked, reduces the probability that Content of Communication is stolen, and reduces AES
Operation needed for maintenance, it is also possible to find the illegal communication behavior in communication behavior in time and take corresponding measure
Safeguard, improve user's experience.
Accompanying drawing explanation
The detailed description that non-limiting example is made made with reference to the following drawings by reading, the present invention
Other features, objects and advantages will become more apparent upon:
The schematic flow sheet of the detection method of a kind of communication security that Fig. 1 provides for the embodiment of the present invention one;
The schematic flow sheet of the detection method of a kind of communication security that Fig. 2 provides for the embodiment of the present invention two;
The schematic flow sheet of the detection method of a kind of communication security that Fig. 3 provides for the embodiment of the present invention three;
The schematic flow sheet of the detection method of a kind of communication security that Fig. 4 provides for the embodiment of the present invention four;
The structured flowchart of the detection device of a kind of communication security that Fig. 5 provides for the embodiment of the present invention five;
The structured flowchart of the detection device of a kind of communication security that Fig. 6 provides for the embodiment of the present invention six.
Detailed description of the invention
The present invention is described in further detail with embodiment below in conjunction with the accompanying drawings.It is understood that this
Specific embodiment described by place is used only for explaining the present invention, rather than limitation of the invention.The most also need
Be noted that for the ease of describing, accompanying drawing illustrate only part related to the present invention and not all in
Hold.
Embodiment one
The embodiment of the present invention one provides the detection method of a kind of communication security.Fig. 1 is that the embodiment of the present invention one carries
The schematic flow sheet of the detection method of confession, the method can be filled by the detection of the communication security configured in the server
Putting execution, wherein this device can be realized by software and/or hardware.As it is shown in figure 1, described detection method bag
Include:
S110, receive client to be verified send communication request.
Client to be verified refers to send the client of communication request to server, and wherein, communication request can
To be first time communication request, or any communication request, it is also possible to it is that client disconnects with server
First time communication request when reconnecting after connection or the sensitive communication of important operation based on user generation
Request.That is, server can detect this client when receiving the communication request that certain client sends first
Safety, or all detect the safety of this client when receiving the communication request that client sends every time
Property, it is also possible to after disconnecting with client, again receive the communication request of this client transmission or sentence
The disconnected communication request finding that client sends is to detect the safety of this client during sensitive communication request.
In order to improve the safety of Content of Communication, and reduce the detection number of times to client secure to improve visitor
The response speed of family end, it is preferred that server can judge that the communication request finding client transmission is quick
The safety of detection client during sense communication request, now, client to be verified is transmission sensitive communication please
The client asked.Wherein, sensitive communication request the most independently can be defined by user, it is also possible to
Default definition is carried out when developing client and server by developer.Exemplary, sensitive communication request can
To be communication request, log on request, message cluster transmition request or transaction request etc. first, user and/or open
Send out business can be defined as required, be not restricted.
Exemplary, the communication request that client to be verified sends can generate in operation based on user, example
As, can be that the account registration operation according to user generates registration request or logon operation based on user is raw
The log on request become, it is also possible to be ballot based on user, browse information or send the operation lifes such as chat content
Other communication request become, are not restricted.Client to be verified can be by cable networks such as Ethernets
Communication request is sent, it is also possible to by the wireless network such as WIFI or mobile data network to server to server
Sending communication request, wherein, mobile data network refers to the Virtual network operator institutes such as mobile, UNICOM and telecommunications
The wireless network provided.
S120, generate security verification according to the analytic ability of described communication request and server end resolver
Logic, and described security verification logic is sent to described client to be verified.
Here, resolver can be used for resolving the security verification logic generated, and security verification logic is for holding
The semantic structure of row, such as addition subtraction multiplication and division class formula operation and non-logic of class computing, corresponding relation computing, adds
Close computing or operation of confusion etc..The computing that the security verification logic generated is used can be based on server end
The analytic ability stochastic generation of resolver, it is also possible to analytic ability based on server end resolver determines safety
Property check logic can computing and these available computings are stored in the logical function of structure storehouse pre-set
In, generate security verification logic time directly call from logical function of structure storehouse required computing and based on
Security verification logic presupposition create-rule generates security verification logic.Exemplary, the safety of generation
Check logic can be " 5+8*4-2=?", or " uihkhio=669, eohhgoa=224,
Uihkhio-eohhgoa=?" etc..
Exemplary, after server end resolver is integrated in server, can be with client-based function
Determine all possible communication request of client, be then that these are likely to occur according to the importance of communication request
Communication request carry out classifying so that client send each communication request have its affiliated communication request class
Type;User's selection can also be primarily based on or developer's definition determines that client needs to carry out detecting its safety
Communication request, then will need detection communication request carry out classifying so that client send every needs
The communication request of checking all has its affiliated communication request type.Preferably, can only to be detected be led to
Letter request carries out classifying to reduce the operand needed for server, improves the generation speed of security verification logic
Degree.Before generating security verification logic first, can be previously according to the parsing energy of server end resolver
Power sets the default create-rule of security verification logic and generates peace for follow-up according to this default create-rule
Full property check logic, the safety logic farther out generated according to default create-rule is preferably server end and resolves
The security verification logic that device can correctly resolve is to improve the practicality of the security verification logic generated.
Here, it should be noted that the communication request type of client communication request can be one, it is possible to
Think multiple;The default create-rule of security verification logic can be one, it is also possible to for multiple.Preferably
, multiple communication request type can be divided into by needing the communication request detecting its safety, multiple peace is set
Full property check logic presets create-rule, so that the communication request type that server can send according to client
Generate security verification logic targetedly, thus improve visitor on the premise of ensureing client communication safety
The response speed of family end.When the default create-rule of communication request type and security verification logic is multiple
Time, preferably the default create-rule of communication request type Yu security verification logic is set to identical
Number, and leading to the communication request to be detected of the default create-rule of security verification logic and client transmission
Letter request type one_to_one corresponding is arranged, to ensure that server can generate not according to different communication request types
Same security verification logic.
In the present embodiment, after server receives the communication request that client sends, client can be first determined whether
Whether the communication request that end sends is communication request to be verified, communicates if it is not, then directly set up with client
Connect;If the communication request that client sends is that (that is, client is that needs lead to communication request to be verified
The client to be verified of letter safety detection), then judge this communication request class belonging to communication request to be verified
Type, and determine the default create-rule of security verification logic according to this communication request type, then according to peace
The default create-rule of full property check logic generates security verification logic, and is patrolled by the security verification of generation
Collect and be sent to client to be verified.
S130, according to described client to be verified return result based on described security verification logic, checking
The safety of described client to be verified, wherein, is configured with and described server end solution in security client
The client resolver that the analytic ability of parser is identical.
Preferably, if the return result of client to be verified be with server to generate security verification logic
The result that the raw operation result carried out analytical operation is consistent, then judge that client to be verified is as security client
End;Otherwise, if the return result of client to be verified is inconsistent with the operation result of server, then judge to treat
Checking client is dangerous client.
Further, described according to the return based on described security verification logic of described client to be verified
As a result, after verifying the safety of described client to be verified, it is also possible to including: if it is determined that described to be tested
Card client is security client, then set up the communication connection between described security client.Accordingly,
If it is determined that described client to be verified is dangerous client, the most do not allow described client to be verified set up with
Communication connection between server.
Further, described server end resolver and described client resolver are primitive solution parser, or
For the customization resolver that described primitive solution parser is generated after setting the first reinforcement safe handling;Wherein,
Described first strengthen safe handling include following at least one: encrypt, upset and obscure.Now, service
Device end resolver and client resolver should be and can generate identical computing for same security verification logic
The resolver of result, it is preferred, therefore, that server end resolver and client resolver are all original parsing
Device or be all customization resolver, i.e. when server end resolver is primitive solution parser, client resolver
Also it is primitive solution parser;Or, when server end resolver is through setting the first reinforcement to primitive solution parser
During the customization resolver generated after safe handling, client resolver is also through same to primitive solution parser
The customization resolver generated after setting the first reinforcement safe handling.In order to improve client and server further
The safety of communication, it is preferred that client resolver and server end resolver can be to be only applicable to safety
The customization resolver of client is usurped by third party's illegal software preventing resolver.Exemplary, customization solves
Parser can generate through primitive solution parser being obscured, encrypt and/or upset process, for example, it is possible to
Upset the original call relation in primitive solution parser and/or corresponding relation to generate distinctive customization resolver,
Can also add new call relation in primitive solution parser and/or corresponding relation formed be only applicable to regular
The customization resolver of client.
The technical scheme that the embodiment of the present invention one proposes is identical in server and client side's Command Line Parsing ability
Resolver, the communication request type of the communication request sent according to the client to be verified that receives and server
The analytic ability of end resolver generates security verification logic and is sent to treat by the security verification logic of generation
Checking client, according to the return result of the security verification logic that client to be verified sends based on server
Judge the safety of client to be verified.The present embodiment, by using technique scheme, can carry effectively
The difficulty that high Content of Communication is cracked, reduces the probability that Content of Communication is stolen, and finds that client is led in time
Illegal communication behavior in letter behavior, reduces operation required when communication security is safeguarded, improves user and uses body
Test.
On the basis of above-described embodiment, it is sent to improve generated security verification logic further
Safety during client to be verified, it is preferred that described security verification logic is sent to described described
Before client to be verified, also include: carry out described security verification logic presetting the second reinforcement safe place
Reason, wherein, described second strengthen safe handling include following at least one: encrypt, upset and obscure.
Exemplary, the detection method using the present embodiment to provide detects the detailed process that client communication is the safest
Can be: receive the communication request that client to be verified sends to resolve according to this communication request and server end
The analytic ability of device generates security verification logic, and the security verification logic of generation is encrypted, is upset
And/or the safe handling such as obscure and the security verification logic through safe handling is sent to client to be verified
End, this security verification logic is carried out analytical operation generation operation result and receive client to be verified based on
The return result that this security verification logic generates, it is judged that the return result of client to be verified and server
Operation result is the most consistent, if unanimously, then judges that client to be verified as security client and is set up and this visitor
The communication connection of family end, performs the communication request that client sends;Otherwise, then judge client to be verified as
Dangerous client, does not allow this client to set up communication connection with server.
Embodiment two
Fig. 2 show the flow process signal of the detection method of a kind of communication security that the embodiment of the present invention two provides
Figure, the present embodiment is optimized on the basis of above-described embodiment, further, described according to described communication
Request and server end resolver analytic ability generate security verification logic, including: with described clothes
In the logical construct element database of the analytic ability coupling of business device end resolver, choose at least one for constructing peace
The structure element of full property check logic;According to the type of the described structure element obtained, generate described safety
Check logic.
Further, described according to described client to be verified return based on described security verification logic knot
Really, verify the safety of described client to be verified, including: use described server end resolver to resolve institute
State security verification logic, and calculate the operation result of described security verification logic according to analysis result;Will
Calculated described operation result and the return based on described security verification logic of described client to be verified
Result compares;If described operation result is consistent with described return result, it is determined that described to be verified
Client is security client.
Accordingly, as in figure 2 it is shown, the detection method of the present embodiment includes:
S210, receive client to be verified send communication request.
S220, in the logical construct element database mated with the analytic ability of described server end resolver, choosing
Take at least one for the structure element constructing security verification logic.
Detection method in the communication security utilizing the present embodiment to provide detects client and server communication content
Safety before, it is preferred that logical construct element database can be set the most in the server, and will structure
The structure element that security verification logic needs stores and in this logical construct element database.Carrying out structure element
Storage time, structure element can unify to be stored in logical construct element database, it is also possible to structure element is pressed
It is stored in this logical construct element database according to different classification.Extract in view of when generating security verification logic
The complexity of target formation element, it is preferred that structure element can be stored according to different classification and patrol
Collect in structure element database.The classification of structure element can be arranged, the most flexibly as formula can be divided into transport
Calculation, logical operations, cryptographic calculation and/or operation of confusion etc., be not restricted.
The number of structure element can be one, it is also possible to for multiple, the concrete number of the structure element of selection
Can determine at random, it is also possible to default create-rule based on security verification logic determines, does not limits
System.Exemplary, when the communication request that client sends is important communication request, can select multiple
(such as 3-10) structure Element generation security verification logic is to improve the safety of client and server communication
Property;When the communication request that client sends is insignificant communication request, lesser amt can be selected (such as 1-2
Individual) structure Element generation security verification logic with improve client response speed.
S230, according to the type of described structure element obtained, generate described security verification logic, and will
Described security verification logic sends to described client to be verified.
Here, the type of structure element can be the arithmetic type of structure element, such as corresponding relation computing, public affairs
Formula computing, logical operations, cryptographic calculation and operation of confusion etc.;Can also be the physical attribute of structure element,
It is not restricted.After structure element has been chosen, can be according to the default generation rule of security verification logic
Then generate security verification logic.Such as, if the structure element chosen is f1(x, y), f2(x)、f3
(y), the default create-rule definition x=f of security verification logic2(x), y=f3Y (), then generate
Security verification logic is f1(f2, f3)。
S240, use described server end resolver resolve described security verification logic, and according to resolve knot
Fruit calculates the operation result of described security verification logic.
In the present embodiment, the security verification logic of generation is preferably explanation type algorithm to improve security verification
The difficulty that logic is cracked by third party's illegal software, owing to explanation type algorithm is not that server can directly perform
Algorithm, it is therefore desirable to the security verification logical analysis first just generated by resolver becomes the server can be direct
Running algorithm, then the security verification logic after resolving is carried out calculating generation operation result by server.Peace
The operation result of full property check logic can be the character with practical significance, such as concrete numerical value, function
Deng, it is also possible to the character string of to be one section do not have practical significance, it is not required herein.
S250, by calculated described operation result and described client to be verified based on described safety school
The return result testing logic compares, and wherein, is configured with and described server end solution in security client
The client resolver that the analytic ability of parser is identical.
If the described operation result of S260 is consistent with described return result, it is determined that described client to be verified
For security client.
Accordingly, if described operation result is inconsistent with described return result, it is determined that described visitor to be verified
Family end is dangerous client.
Here, it should be noted that " unanimously " mentioned here refer to client to be verified return knot
Fruit the most identical with the operation result of server, and do not require that client to be verified return result and
The operation result of server is all correct result, the return result of client the most to be verified and the fortune of server
Calculating result can be to be all the correct operation result for the security verification logic generated, it is also possible to be to be all
Identical for the error running result of security verification logic generated and mistake that both occur.Consider
Practicality to the security verification logic generated, it is preferred that as operation result and the visitor to be verified of server
When the return result of family end is the identical correct operation result for security verification logic, it is determined that
Client to be verified is security client.
The detection method of the communication security that the embodiment of the present invention two kinds provides, receives what client to be verified sent
Communication request, chooses at least in the logical construct element database matched with server end resolver analytic ability
This security verification logic is also sent to client to be verified by one structure Element generation security verification logic
End, uses server end resolver to resolve this security verification logic and according to the safety school calculated after resolving
Test logic and generate operation result, it is judged that the return result of client to be verified is the most consistent with this operation result,
If consistent, then judge that client to be verified is as security client;Otherwise, it is determined that client to be verified is dangerous
Client.The present embodiment, by using technique scheme, uses random manner to generate security verification and patrols
Collect and resolve this safety school by the server end resolver and client resolver with identical analytic ability
Test logic, the difficulty that Content of Communication is cracked can be effectively improved, reduce the possibility that Content of Communication is stolen
Property, find the illegal communication behavior in client communication behavior in time, reduce when communication security is safeguarded required
Operation, improves user's experience.
On the basis of above-described embodiment, described according to described communication request and the parsing of server end resolver
Ability generates security verification logic, it is also possible to including: according to the request type of described communication request, determine
The importance rate of described communication request;According to the importance rate of described communication request, determine safety school
Test the complexity of logic;Analytic ability and described security verification according to described server end resolver are patrolled
The complexity collected, generates described security verification logic.Exemplary, it is assumed that client to be verified sends
Communication request is for paying request, and the request of payment is positioned at the superlative degree of communication request importance rate, communication request
Complexity corresponding to the importance rate superlative degree for calling 5-7 structure Element generation security verification logic,
So, the process generating security verification logic can be: first determines whether the request type of this communication request
(pay request), then judges to pay request importance rate (most important communications request), according to this
Important communication request determines the complexity (the most complicated) of the security verification logic of required generation, finally according to
The security verification algorithm corresponding with the most complicated security verification algorithm presets create-rule random call 5-7
Individual structure Element generation security verification logic within the scope of server end resolver analytic ability.Use
The method can generate safety school targetedly according to the type of the communication request that client to be verified sends
Checking method, on the premise of improving the client safety with server communication, improves further and generates safety
Property checking algorithm speed, and then improve the response speed of client to be verified, when reducing the wait of user
Between, improve user's experience.
Embodiment three
Fig. 3 show the flow process signal of the detection method of a kind of communication security that the embodiment of the present invention three provides
Figure, the present embodiment is optimized on the basis of above-described embodiment, in the present embodiment, when being used for constructing peace
When the structure element of full property check logic is mathematical operation function, will be " according to the described structure element obtained
Element type, generates described security verification logic " it is optimized for: according to the mathematical operation type function chosen
Structure element, construct security verification formula;The parameter included according to described security verification formula
Quantitative value, generates the random number being consistent with the quantitative value of described parameter;The described random number generated is filled
In described security verification formula, generate described security verification logic.
Accordingly, as it is shown on figure 3, the detection method of the present embodiment includes:
S310, receive client to be verified send communication request.
S320, in the logical construct element database mated with the analytic ability of described server end resolver, choosing
Take at least one for the structure element (mathematical operation function) constructing security verification logic.
The structure element of the mathematical operation type function that S330, basis are chosen, constructs security verification formula.
Exemplary, during structure security verification formula, can be first according to leading to that client to be verified sends
The type of letter request determines the number (being assumed to be n) of required mathematical operation function;Then from logic structure
Make and element database randomly selects constructed fuction based on a mathematical operation function, wherein this base configuration letter
Number should include at least two function parameter and at least one functional operation symbol;Last from logical construct element database
In randomly select n-1 mathematical operation function and be nested into base configuration letter according to default nested rule
To generate security verification formula in number.Here, can be only when choosing remaining n-1 mathematical operation function
Once select, n-1 required mathematical operation function is selected from logical construct element database simultaneously;
Can also carry out n-1 this select, by n-1 required mathematical operation function one by one from logical construct
Element database is selected.That is, n-1 selected mathematical operation function can comprise identical function, also
Can be n-1 the mathematical operation function differed completely, not be restricted.
For example, it is assumed that need to choose 3 mathematical operation functions, 3 the mathematical operation functions selected at random divide
Wei f1=a1+b1, f2=a2-b2, f3=a3*b3+c3, it is assumed that f1Based on constructed fuction, then, and construct safety
During verification formula, can first determine the number (being herein 3) of mathematical operation function needing to choose;
Then based on randomly selecting a mathematical operation function from logical construct element database, constructed fuction (is assumed
The base configuration function chosen is f1=a1+b1);Finally from logical construct element database, randomly select 2 mathematics
Operation function f2=a2-b2, f3=a3*b3+c3, and mathematical operation function is nested into base configuration function at random
f1=a1+b1In, i.e. make a1=f2=a2-b2, b1=f3=a3*b3+c3, or, make a1=f3=a3*b3+ c,
b1=f2=a2-b2, generate security verification formula f=f1=a1+b1=f2+f3=a2-b2+a3*b3+c3, i.e. the peace of generation
Full property verification formula is f=a2-b2+a3*b3+c3。
Additionally, when constructing security verification formula, it is also possible to first according to leading to that client to be verified sends
The type of letter request determines the number (being assumed to be n) of required mathematical operation function;Then from logic structure
Make and element database randomly select n mathematical operation function, wherein, the mathematical operation function chosen should include to
Few two function parameters and at least one functional operation symbol, n the mathematical operation function chosen can comprise
Identical function, it is also possible to be n the mathematical operation function differed completely;By n selected mathematics
Operation function is stored in pending function set;A function is obtained as treating from pending function set
Nested function, and from pending function set, obtain at least one handling function (in pending function set
Other functions in addition to treating nested function) as treating the parameter of nested function, handling function is nested into and treats
To generate the first nested function in nested function;The first nested function generated is stored in pending letter again
Manifold close in, and in pending function set delete after nested function and handling function return perform from
Pending function set obtains function as treating the operation of nested function, until pending function set
In only comprise an object function;Finally calling this object function is security verification formula.
For example, it is assumed that need to randomly select 5 mathematical operation functions, the mathematical operation function selected at random
It is respectively f1=a1+b1, f2=a2-b2, f3=a3*b3+c3, f4=a4-b4, f5=a5+b5-c5, it is assumed that randomly select
f1For treating nested function, then, the process of structure security verification formula can be: determines that needs are chosen
The number (being herein 5) of mathematical operation function;5 mathematics are randomly selected from logical construct element database
Operation function f1=a1+b1、f2=a2-b2、f3=a3*b3+c3、f4=a4-b4、f5=a5+b5-c5, and be stored to
In pending function set;One function f of random acquisition from pending function set1=a1+b1Embedding as treating
Set function, and from pending set, randomly select 2 handling functions (be assumed to be f2=a2-b2、
f3=a3*b3+c3) as treating nested function f1Parameter, by handling function f2=a2-b2、f3=a3*b3+c3It is nested into
Treat nested function f1=a1+b1Middle generation the first nested function fm=f1=a1+b1=f2+f3=a2-b2+a3*b3+c3;By
One nested function fm=a2-b2+a3*b3+c3Again it is stored in pending function set, and deletes pending function
Set treats nested function f1=a1+b1With handling function f2=a2-b2、f3=a3*b3+c3, from pending collection of functions
In conjunction, one function of random acquisition (is assumed to be f4=a4-b4) as treating nested function, and from pending collection of functions
Conjunction randomly selects handling function f5=a5+b5-c5、fm=a2-b2+a3*b3+c3As treating nested function f4Ginseng
Number, is nested into handling function and treats nested function f4In (assume a4=fm, b4=f5) become into the second nested function
fn=f4=a4-b4=fm-f5=a2-b2+a3*b3+c3-a5+b5-c5, by the second nested function
fn=a2-b2+a3*b3+c3-a5+b5-c5Again it is stored in pending function set, and nested function is treated in deletion
f4=a4-b4With handling function f5=a5+b5-c5、fm=a2-b2+a3*b3+c3, the most surplus in the most pending function set
Yu a function fn=a2-b2+a3*b3+c3-a5+b5-c5, then the security verification formula generated is
F=fn=a2-b2+a3*b3+c3-a5+b5-c5。
S340, the quantitative value of the parameter included according to described security verification formula, generate and described parameter
The random number that is consistent of quantitative value.
Exemplary, can be based on current time value or current time value and the milli being spaced sometime
Number of seconds generates random number.The number of the random number generated preferably with the parameter that comprises in security verification formula
Number identical, such as, if security verification formula comprises 5 parameters, then preferably generate 5 random
Number.
S350, by generate described random number be filled in described security verification formula, generate described safety
Property check logic, and described security verification logic is sent to described client to be verified.
In the present embodiment, when being filled into by random number in the security verification formula of generation, random number can be with
Machine is filled with, it is also possible to preset the fill order of random number, as by random number according to its size or life
The one-tenth time is filled in security verification formula with order from front to back or from back to front, does not limits
System.Preferably, the random number of generation can be filled in the security verification formula of generation at random to enter one
Step improves the difficulty that security verification formula is cracked, and then improves client communication safety detection to be verified knot
The accuracy of fruit.
S360, use described server end resolver resolve described security verification logic, and according to resolve knot
Fruit calculates the operation result of described security verification logic.
S370, by calculated described operation result and described client to be verified based on described safety school
The return result testing logic compares, and wherein, is configured with and described server end solution in security client
The client resolver that the analytic ability of parser is identical.
If the described operation result of S380 is consistent with described return result, it is determined that described client to be verified
For security client.
Accordingly, described operation result is inconsistent with described return result, it is determined that described client to be verified
For dangerous client.
Exemplary, it is assumed that the security verification logic of generation is f=17-8+5*3+9, then server is for this
The operation result of security verification logic is 33, now, if the return result of client to be verified is 33, then
Judge client to be verified as security client,;Otherwise, if the result that client to be verified returns is removing
Other any number outside 33 or character, then judge that client to be verified is as dangerous client.
The detection method of the communication security that the embodiment of the present invention three provides, when the structure element chosen is mathematics fortune
When calculating function, according to the mathematical operation construction of function safety formula chosen, according to this security verification formula
In the quantity of parameter that comprises generate the random number being consistent with number of parameters and the random number of generation be filled in
In security verification formula with generate needed for security verification logic.The present embodiment is by using above-mentioned technology
Scheme, uses random manner to generate security verification logic and by having the server of identical analytic ability
End resolver and client resolver resolve this security verification logic, can be effectively improved Content of Communication quilt
The difficulty cracked, reduces the probability that is stolen of Content of Communication, and find in client communication behavior in time is non-
Method communication behavior, reduces operation required when communication security is safeguarded, improves user's experience.
On the basis of above-described embodiment, when the structure element chosen is corresponding relation type function, described
According to the element type of the described structure element obtained, generating described security verification logic can also include: carry
Take the destination object that the structure at least two that includes of element of corresponding relation type is corresponding;According at least one
Individual described destination object, the structure query statement to remaining destination object, patrol as described security verification
Volume.Exemplary, it is assumed that needing to choose 1 structure element, the structure element selected at random is
Dinzlofghsxh=3, when the structure element chosen is corresponding relation type function, generates security verification and patrols
The process collected can be: randomly selects at least one corresponding relation type function from logical construct element database
Dinzlofghsxh=3, (is assumed to be according to a destination object in this corresponding relation type function
Dinzlofghsxh) the structure query statement " 3=to remaining destination object (being 3) herein?", to generate
Security verification logic " dinzlofghsxh=3, then 3=?”.
Embodiment four
The schematic flow sheet of the detection method of a kind of communication security that Fig. 4 provides for the embodiment of the present invention five, should
Method can be performed by the detection device of the communication security configured in the client, and wherein this device can be by software
And/or hardware realizes.As it is shown in figure 5, this detection method includes:
The security verification logic that S410, reception server send.
S420, use client resolver resolve described security verification logic, wherein, described client solution
Parser is arranged in security client, configures in the analytic ability of described client resolver and described server
The analytic ability of server end resolver identical.
Here, owing to the security verification logic of server transmission is usually the solution that client is not directly run
Release type algorithm, therefore after the security verification logic receiving service and transmission, client can be first passed through
The security verification logical analysis received is the compiled algorithm that client can directly be run by end resolver.
S430, calculate the operation result of described security verification logic according to analysis result, and by described computing
Result is sent to described server as the return result of described security verification logic.
Further, described server end resolver and described client resolver are primitive solution parser, or
For the customization resolver that described primitive solution parser is generated after presetting the first reinforcement safe handling;Wherein,
Described first strengthen safe handling include following at least one: encrypt, upset and obscure.
Further, before described use client resolver resolves described security verification logic, also wrap
Include: described security verification logic is entered before sending described security verification logic according to described server
Row preset the second reinforcement safe handling, reduce described security verification logic;Wherein, described second strengthens
Safe handling include following at least one: encrypt, upset and obscure.At server, security verification is patrolled
Collect before being sent to client, it will usually the security verification logic of generation is carried out the second reinforcement safe place
Reason, therefore, after client resolves the security verification logic received, it usually needs reduction server
The the second reinforcement safe handling carrying out security verification logic is so that client resolver can be to security verification
Logic carries out resolving operation.
The detection method of the communication security that the embodiment of the present invention four provides, receives the safety school that server sends
Test logic, the security verification logic received carries out reducing the second reinforcement safe handling, use client
Resolver resolves the security verification logic after reduction treatment, calculates the security verification logic after resolving
Operation result and calculated operation result is sent to clothes as the return result of security verification logic
Business device.The present embodiment is by using technique scheme, and configuration resolves utensil with server end in the client
There is the client resolver of identical analytic ability, use the safety that this client resolver resolution server generates
Property check logic, can be effectively improved the difficulty that Content of Communication is cracked, reduce what Content of Communication was stolen
Probability, finds the illegal communication behavior in client communication behavior in time, reduces communication security and safeguards time institute
The operation needed, improves user's experience.
Embodiment five
The structured flowchart of the detection device of a kind of communication security that Fig. 5 provides for the embodiment of the present invention five, this dress
Put and can be realized by software and/or hardware, be generally disposed in server, can be by performing the inspection of communication security
Survey method realizes the detection to communication security.As it is shown in figure 5, this detection device includes:
Communication request receiver module 510, for receiving the communication request that client to be verified sends;
Check logic generation module 520, for according to described communication request and the solution of server end resolver
Analysis ability generates security verification logic, and sends described security verification logic to described client to be verified
End;
Communication security authentication module 530, is used for according to described client to be verified based on described security verification
The return result of logic, verifies the safety of described client to be verified, wherein, joins in security client
It is equipped with the client resolver identical with the analytic ability of described server end resolver.
Further, described server end resolver and described client resolver are primitive solution parser, or
For the customization resolver that described primitive solution parser is generated after setting the first reinforcement safe handling;Wherein,
Described first strengthen safe handling include following at least one: encrypt, upset and obscure.
Further, described check logic generation module 520 may include that structure element chooses unit, uses
In the logical construct element database of the analytic ability coupling of server end resolver described in Yu Yu, choose at least one
The individual structure element for constructing security verification logic;First check logic signal generating unit, for according to obtaining
The type of the described structure element taken, generates described security verification logic.
Further, described first check logic signal generating unit specifically may include that inspection formula generates son list
Unit, for the structure element according to the mathematical operation type function chosen, constructs security verification formula;With
Machine number generates subelement, the quantitative value of the parameter for including according to described security verification formula, generates
The random number being consistent with the quantitative value of described parameter;Random number fills subelement, described in generating
Random number is filled in described security verification formula, generates described security verification logic.
Further, described first check logic signal generating unit may include that destination object extracts subelement,
For extracting the destination object that the structure at least two that includes of element of corresponding relation type is corresponding;Inquiry
Statement constructor unit, for according to destination object at least one described, remaining destination object is looked into by structure
Ask statement, as described security verification logic.
Further, the detection device of the communication security that the embodiment of the present invention six provides can also include: safety
Process reinforcing module, for described by described security verification logic send to described client to be verified it
Before, described security verification logic carries out presetting the second reinforcement safe handling, wherein, described second strengthens
Safe handling include following at least one: encrypt, upset and obscure.
Further, described communication security authentication module 530 may include that check logic resolution unit, uses
In using described server end resolver to resolve described security verification logic, and calculate institute according to analysis result
State the operation result of security verification logic;Analysis result comparing unit, for by calculated described fortune
Calculate result return result based on described security verification logic with described client to be verified to compare;Logical
Letter completely determines unit, if consistent with described return result for described operation result, it is determined that described
Client to be verified is security client.
Further, described check logic generation module 520 can also include: importance determines unit, uses
In the request type according to described communication request, determine the importance rate of described communication request;Complexity is true
Cell, for the importance rate according to described communication request, determines the complexity of security verification logic
Degree;Second check logic signal generating unit, for the analytic ability according to described server end resolver and institute
State the complexity of security verification logic, generate described security verification logic.
Further, the detection device of the communication security that the embodiment of the present invention six provides can also include: communication
Connection establishment module, for described based on described security verification logic according to described client to be verified
Return result, after verifying the safety of described client to be verified, if it is determined that described client to be verified
For security client, then set up the communication connection between described security client.
The detection device of the communication security that the embodiment of the present invention five provides can perform the embodiment of the present invention one to this
The detection method of the communication security that bright embodiment four is provided, the detection method phase possessing with performing communication security
The functional module answered and beneficial effect.The ins and outs of the most detailed description, can be found in this
The detection method of the communication security that bright embodiment one to the embodiment of the present invention four is provided.
Embodiment six
The structured flowchart of the detection device of a kind of communication security that Fig. 6 provides for the embodiment of the present invention six, this dress
Put and can be realized by software and/or hardware, be generally disposed in client, can be by performing the inspection of communication security
Survey method realizes the detection to communication security.As shown in Figure 6, this detection device includes:
Check logic receiver module 610, for receiving the security verification logic that server sends;
Check logic parsing module 620, is used for using client resolver to resolve described security verification and patrols
Volume, wherein, described client resolver is arranged in security client, the parsing of described client resolver
Ability is identical with the analytic ability of the server end resolver of configuration in described server;
Return result sending module 630, for calculating the fortune of described security verification logic according to analysis result
Calculate result, and described operation result is sent to described clothes as the return result of described security verification logic
Business device.
Further, described server end resolver and described client resolver are primitive solution parser, or
For the customization resolver that described primitive solution parser is generated after presetting the first reinforcement safe handling;Wherein,
Described first strengthen safe handling include following at least one: encrypt, upset and obscure.
Further, the detection device of the communication security that the embodiment of the present invention six provides can also include: safety
Process recovery module, before resolving described security verification logic at described use client resolver,
Described security verification logic is carried out before sending described security verification logic according to described server
Preset the second reinforcement safe handling, reduce described security verification logic;Wherein, described second strengthens safety
Process include following at least one: encrypt, upset and obscure.
The detection device of the communication security that the embodiment of the present invention six provides can perform the embodiment of the present invention five to be provided
The detection method of communication security, possess and the corresponding functional module of detection method performing communication security and having
Benefit effect.The ins and outs of the most detailed description, can be found in the embodiment of the present invention five is provided
The detection method of communication security.
Note, above are only presently preferred embodiments of the present invention and institute's application technology principle.Those skilled in the art
It will be appreciated that the invention is not restricted to specific embodiment described here, can enter for a person skilled in the art
Row various obvious changes, readjust and substitute without departing from protection scope of the present invention.Therefore, though
So by above example, the present invention is described in further detail, but the present invention be not limited only to
Upper embodiment, without departing from the inventive concept, it is also possible to include other Equivalent embodiments more,
And the scope of the present invention is determined by scope of the appended claims.
Claims (24)
1. the detection method of a communication security, it is characterised in that including:
Receive the communication request that client to be verified sends;
Analytic ability according to described communication request and server end resolver generates security verification logic,
And described security verification logic is sent to described client to be verified;
According to described client to be verified return result based on described security verification logic, treat described in checking
The safety of checking client, wherein, is configured with and described server end resolver in security client
The client resolver that analytic ability is identical.
Detection method the most according to claim 1, it is characterised in that described server end resolver
It is primitive solution parser with described client resolver, or for described primitive solution parser is added through setting first
The customization resolver generated after strong safe handling;
Wherein, described first strengthen safe handling include following at least one: encrypt, upset and obscure.
Detection method the most according to claim 1, it is characterised in that described according to described communication please
Ask and the analytic ability of server end resolver generates security verification logic, including:
In the logical construct element database mated with the analytic ability of described server end resolver, choose at least
One for constructing the structure element of security verification logic;
According to the type of the described structure element obtained, generate described security verification logic.
Detection method the most according to claim 3, it is characterised in that described according to described in acquisition
The element type of structure element, generates described security verification logic and specifically includes:
According to the structure element of the mathematical operation type function chosen, construct security verification formula;
According to the quantitative value of the parameter that described security verification formula includes, generate the quantity with described parameter
The random number that value is consistent;
The described random number generated is filled in described security verification formula, generates described security verification
Logic.
Detection method the most according to claim 4, it is characterised in that described according to described in acquisition
The element type of structure element, generates described security verification logic and includes:
Extract the destination object that the structure at least two that includes of element of corresponding relation type is corresponding;
According to destination object at least one described, the structure query statement to remaining destination object, as described
Security verification logic.
Detection method the most according to claim 1, it is characterised in that described by described safety
Check logic sent before described client to be verified, also included:
Described security verification logic carries out presetting the second reinforcement safe handling, and wherein, described second strengthens
Safe handling include following at least one: encrypt, upset and obscure.
Detection method the most according to claim 1, it is characterised in that described according to described to be verified
Client return result based on described security verification logic, verifies the safety of described client to be verified
Property, including:
Use described server end resolver to resolve described security verification logic, and calculate according to analysis result
The operation result of described security verification logic;
By calculated described operation result with described client to be verified based on described security verification logic
Return result compare;
If described operation result is consistent with described return result, it is determined that described client to be verified is peace
Full client.
Detection method the most according to claim 1, it is characterised in that described according to described communication please
Ask and the analytic ability of server end resolver generate security verification logic, also include:
According to the request type of described communication request, determine the importance rate of described communication request;
According to the importance rate of described communication request, determine the complexity of security verification logic;
Analytic ability according to described server end resolver and the complexity of described security verification logic,
Generate described security verification logic.
Detection method the most according to claim 1, it is characterised in that described according to described to be tested
Card client return result based on described security verification logic, verifies the safety of described client to be verified
After property, also include:
If it is determined that described client to be verified is security client, then set up between described security client
Communication connection.
10. the detection method of a communication security, it is characterised in that including:
Receive the security verification logic that server sends;
Using client resolver to resolve described security verification logic, wherein, described client resolver is joined
Put in security client, the analytic ability of described client resolver and the service of configuration in described server
The analytic ability of device end resolver is identical;
Calculate the operation result of described security verification logic according to analysis result, and described operation result is made
Return result for described security verification logic is sent to described server.
11. detection methods according to claim 10, it is characterised in that described server end resolves
Device and described client resolver are primitive solution parser, or are through presetting first to described primitive solution parser
The customization resolver generated after strengthening safe handling;
Wherein, described first strengthen safe handling include following at least one: encrypt, upset and obscure.
12. detection methods according to claim 10, it is characterised in that in described use client
Before resolver resolves described security verification logic, also include:
Described security verification logic is entered before sending described security verification logic according to described server
Row preset the second reinforcement safe handling, reduce described security verification logic;
Wherein, described second strengthen safe handling include following at least one: encrypt, upset and obscure.
The detection device of 13. 1 kinds of communication securities, configuration is in the server, it is characterised in that including:
Communication request receiver module, for receiving the communication request that client to be verified sends;
Check logic generation module, for the parsing energy according to described communication request and server end resolver
Power generates security verification logic, and sends described security verification logic to described client to be verified;
Communication security authentication module, is used for according to described client to be verified based on described security verification logic
Return result, verify the safety of described client to be verified, wherein, be configured with in security client
The client resolver identical with the analytic ability of described server end resolver.
14. detection devices according to claim 13, it is characterised in that described server end resolves
Device and described client resolver are primitive solution parser, or are through setting first to described primitive solution parser
The customization resolver generated after strengthening safe handling;
Wherein, described first strengthen safe handling include following at least one: encrypt, upset and obscure.
15. detection devices according to claim 13, it is characterised in that described check logic generates
Module includes:
Structure element chooses unit, in the logic mated with the analytic ability of described server end resolver
In structure element database, choose at least one for the structure element constructing security verification logic;
First check logic signal generating unit, for the type according to the described structure element obtained, generates described
Security verification logic.
16. detection devices according to claim 15, it is characterised in that described first check logic
Signal generating unit specifically includes:
Inspection formula generates subelement, for the structure element according to the mathematical operation type function chosen, structure
Make security verification formula;
Generating random number subelement, the quantity of the parameter for including according to described security verification formula
Value, generates the random number being consistent with the quantitative value of described parameter;
Random number fills subelement, for the described random number generated is filled in described security verification formula
In, generate described security verification logic.
17. detection devices according to claim 16, it is characterised in that described first check logic
Signal generating unit farther includes:
Destination object extract subelement, for extract corresponding relation type structure element include at least two
Individual corresponding destination object;
Query statement constructor unit, for according to destination object at least one described, structure is to remaining target
The query statement of object, as described security verification logic.
18. detection devices according to claim 13, it is characterised in that also include:
Safe handling reinforcing module, for sending described security verification logic to described to be verified described
Before client, described security verification logic carries out presetting the second reinforcement safe handling, wherein, described
Second strengthen safe handling include following at least one: encrypt, upset and obscure.
19. detection devices according to claim 13, it is characterised in that described communication security is verified
Module includes:
Check logic resolution unit, is used for using described server end resolver to resolve described security verification and patrols
Volume, and the operation result of described security verification logic is calculated according to analysis result;
Analysis result comparing unit, for by calculated described operation result and described client to be verified
Return result based on described security verification logic compares;
Communication security determines unit, if consistent, the most really with described return result for described operation result
Fixed described client to be verified is security client.
20. detection devices according to claim 13, it is characterised in that described check logic generates
Module also includes:
Importance determines unit, for the request type according to described communication request, determines described communication request
Importance rate;
Complexity determines unit, for the importance rate according to described communication request, determines security verification
The complexity of logic;
Second check logic signal generating unit, for the analytic ability according to described server end resolver and institute
State the complexity of security verification logic, generate described security verification logic.
21. detection devices according to claim 13, it is characterised in that also include:
Communication connection set up module, for described according to described client to be verified based on described safety school
Test the return result of logic, after verifying the safety of described client to be verified, if it is determined that described to be tested
Card client is security client, then set up the communication connection between described security client.
The detection device of 22. 1 kinds of communication securities, configuration is in the client, it is characterised in that including:
Check logic receiver module, for receiving the security verification logic that server sends;
Check logic parsing module, is used for using client resolver to resolve described security verification logic, its
In, described client resolver is arranged in security client, the analytic ability of described client resolver with
In described server, the analytic ability of the server end resolver of configuration is identical;
Return result sending module, for calculating the computing knot of described security verification logic according to analysis result
Really, and using described operation result it is sent to described service as the return result of described security verification logic
Device.
23. detection devices according to claim 22, it is characterised in that described server end resolves
Device and described client resolver are primitive solution parser, or are through presetting first to described primitive solution parser
The customization resolver generated after strengthening safe handling;
Wherein, described first strengthen safe handling include following at least one: encrypt, upset and obscure.
24. detection devices according to claim 22, it is characterised in that also include:
Safe handling recovery module, patrols for resolving described security verification at described use client resolver
Before Ji, described security verification is patrolled before sending described security verification logic according to described server
Volume carry out presets the second reinforcement safe handling, reduces described security verification logic;
Wherein, described second strengthen safe handling include following at least one: encrypt, upset and obscure.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610266594.XA CN105743643A (en) | 2016-04-26 | 2016-04-26 | Communication security detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610266594.XA CN105743643A (en) | 2016-04-26 | 2016-04-26 | Communication security detection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105743643A true CN105743643A (en) | 2016-07-06 |
Family
ID=56285649
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610266594.XA Pending CN105743643A (en) | 2016-04-26 | 2016-04-26 | Communication security detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105743643A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109714298A (en) * | 2017-10-25 | 2019-05-03 | 腾讯科技(深圳)有限公司 | Verification method, device and storage medium |
| CN110971572A (en) * | 2018-09-29 | 2020-04-07 | 北京华为数字技术有限公司 | Authentication method, server and client |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050268326A1 (en) * | 2004-05-04 | 2005-12-01 | Microsoft Corporation | Checking the security of web services configurations |
| CN1909447A (en) * | 2005-08-03 | 2007-02-07 | 盛趣信息技术(上海)有限公司 | Method for network data communication by using dynamic encryption algorithm |
| CN101162996A (en) * | 2007-11-16 | 2008-04-16 | 李巩令 | Multiple dynamic cipher device authorization identifying system and identifying method thereof |
| CN101783801A (en) * | 2010-01-29 | 2010-07-21 | 福建星网锐捷网络有限公司 | Software protection method based on network, client side and server |
| CN102594817A (en) * | 2012-02-15 | 2012-07-18 | 李晶 | Password agent method, user terminal equipment and password agent server |
| CN103139163A (en) * | 2011-11-29 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Data access method, server and terminal |
| CN103248495A (en) * | 2012-02-10 | 2013-08-14 | 中国移动通信集团公司 | In-app paying method, server, client side and system |
| CN103384249A (en) * | 2013-07-08 | 2013-11-06 | 北京星网锐捷网络技术有限公司 | Network access authentication method, device and system and authentication server |
| CN103973695A (en) * | 2014-05-16 | 2014-08-06 | 浪潮电子信息产业股份有限公司 | Signature algorithm for server validation |
| CN104917752A (en) * | 2015-05-04 | 2015-09-16 | 北京奇艺世纪科技有限公司 | Abnormality detection method and abnormality detection system based on communication |
-
2016
- 2016-04-26 CN CN201610266594.XA patent/CN105743643A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050268326A1 (en) * | 2004-05-04 | 2005-12-01 | Microsoft Corporation | Checking the security of web services configurations |
| CN1909447A (en) * | 2005-08-03 | 2007-02-07 | 盛趣信息技术(上海)有限公司 | Method for network data communication by using dynamic encryption algorithm |
| CN101162996A (en) * | 2007-11-16 | 2008-04-16 | 李巩令 | Multiple dynamic cipher device authorization identifying system and identifying method thereof |
| CN101783801A (en) * | 2010-01-29 | 2010-07-21 | 福建星网锐捷网络有限公司 | Software protection method based on network, client side and server |
| CN103139163A (en) * | 2011-11-29 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Data access method, server and terminal |
| CN103248495A (en) * | 2012-02-10 | 2013-08-14 | 中国移动通信集团公司 | In-app paying method, server, client side and system |
| CN102594817A (en) * | 2012-02-15 | 2012-07-18 | 李晶 | Password agent method, user terminal equipment and password agent server |
| CN103384249A (en) * | 2013-07-08 | 2013-11-06 | 北京星网锐捷网络技术有限公司 | Network access authentication method, device and system and authentication server |
| CN103973695A (en) * | 2014-05-16 | 2014-08-06 | 浪潮电子信息产业股份有限公司 | Signature algorithm for server validation |
| CN104917752A (en) * | 2015-05-04 | 2015-09-16 | 北京奇艺世纪科技有限公司 | Abnormality detection method and abnormality detection system based on communication |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109714298A (en) * | 2017-10-25 | 2019-05-03 | 腾讯科技(深圳)有限公司 | Verification method, device and storage medium |
| CN109714298B (en) * | 2017-10-25 | 2020-08-11 | 腾讯科技(深圳)有限公司 | Verification method, verification device and storage medium |
| CN110971572A (en) * | 2018-09-29 | 2020-04-07 | 北京华为数字技术有限公司 | Authentication method, server and client |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105554037B (en) | Authentication processing method and service platform | |
| CN104767613B (en) | Signature verification method, apparatus and system | |
| CN104283841B (en) | The method, apparatus and system of service access control are carried out to third-party application | |
| CN109660502A (en) | Detection method, device, equipment and the storage medium of abnormal behaviour | |
| KR102214247B1 (en) | Method and apparatus for service implementation | |
| CN104426847A (en) | Method, system and server for securely accessing and verifying an Internet service | |
| CN108696490A (en) | The recognition methods of account permission and device | |
| CN104320375B (en) | A kind of method and apparatus for preventing from illegally registering | |
| CN110688643A (en) | Processing method for platform identity identification and authority authentication | |
| CN103516511A (en) | Method and device for detecting encryption algorithm and secret key | |
| CN105991590A (en) | Method and system for verifying user identity, client, and server | |
| CN109448271A (en) | A kind of no card withdrawal method, computer readable storage medium and server | |
| CN108965222A (en) | Identity identifying method, system and computer readable storage medium | |
| CN109688186A (en) | Data interactive method, device, equipment and readable storage medium storing program for executing | |
| CN106031084A (en) | Personal identification and anti-theft system and method using disposable random key | |
| CN104219196A (en) | Service locking method, service unlocking method, device and system | |
| CN109344611A (en) | Access control method, terminal device and the medium of application | |
| CN105992204A (en) | Access authentication method of applications of mobile intelligent terminal and device | |
| CN104935548B (en) | Auth method, apparatus and system based on intelligent equipment of tatooing | |
| CN105978717A (en) | Network account recognition method and device | |
| CN109547426A (en) | Service response method and server | |
| CN108234441B (en) | Method, apparatus, electronic device and storage medium for determining forged access request | |
| CN106878336A (en) | A kind of data interactive method and device | |
| KR101675416B1 (en) | System and method for realtime detection of abnormal financial transaction | |
| CN109426961B (en) | Card binding risk control method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160706 |
|
| RJ01 | Rejection of invention patent application after publication |