CN106209804A - A kind of method and device strengthening wap protocol safety - Google Patents
A kind of method and device strengthening wap protocol safety Download PDFInfo
- Publication number
- CN106209804A CN106209804A CN201610514522.2A CN201610514522A CN106209804A CN 106209804 A CN106209804 A CN 106209804A CN 201610514522 A CN201610514522 A CN 201610514522A CN 106209804 A CN106209804 A CN 106209804A
- Authority
- CN
- China
- Prior art keywords
- client
- information
- management terminal
- authentication information
- wap protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0884—Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of method and device strengthening wap protocol safety, the method includes: receive the connection request that client sends, and sets up the connection with client;Receive the authentication information that client sends, and authentication information is sent to management terminal set in advance;Receive the feedback information of management terminal feedback, if feedback information is to determine the information that client is legal, then primarily determines that and allow client to realize the access to network based on wap protocol;Wherein, wap protocol is a kind of network communication protocol.Pass through technique scheme, after the connection realized with client receiving the authentication information that client sends, by manager, authentication information is authenticated, after only manager confirms that the client that authentication information is corresponding is legitimate client, just primarily determine that and allow client to realize the access for network by wap protocol;It is achieved in the mutual authentication to client, thus considerably increases the effectiveness of the safety ensureing wap protocol.
Description
Technical field
The present invention relates to field of computer technology, more particularly, it relates to a kind of method strengthening wap protocol safety and dress
Put.
Background technology
Along with the development of information technology, improving constantly of the level of informatization, information security increasingly receives significant attention, special
It not the safety of communications protocol.
Wherein, communication protocol includes WAP (Wireless Application Protocol, Wireless Application Protocol)
Agreement, for ensureing that the method for the safety of wap protocol usually needs the client utilizing wap protocol to access network in prior art
Holding and send password to the server corresponding with wap protocol, server judges whether this password is legal password, if it is, permit
Permitted this client and accessed network by this server by utilizing wap protocol.But, after illegitimate client obtains password, it is also possible to
Utilize this password to realize based on wap protocol and access network, now, it is impossible to ensure the safety of wap protocol by the way, the most right
Poor in the guarantee effectiveness of wap protocol safety.
In sum, for ensureing that the method for wap protocol safety exists the problem that effectiveness is poor in prior art.
Summary of the invention
It is an object of the invention to provide a kind of method and device strengthening wap protocol safety, to solve prior art is used
In the problem that the effectiveness of the method existence ensureing wap protocol safety is poor.
To achieve these goals, the present invention provides following technical scheme:
A kind of method strengthening wap protocol safety, including:
Receive the connection request that client sends, set up the connection with described client;
Receive the authentication information that described client sends, and described authentication information is sent to management set in advance eventually
End;
Receive the feedback information of described management terminal feedback, if described feedback information is to determine that described client is legal
Information, then primarily determine that and allow described client to realize the access to network based on described wap protocol;Wherein, described wap protocol
For a kind of network communication protocol.
Preferably, described authentication information is sent extremely management terminal set in advance, including:
Described authentication information to mobile terminal set in advance or is incited somebody to action with the form transmission of note by SMS platform
Described authentication information is sent to mailbox terminal set in advance with the form of mail by mailbox server.
Preferably, described authentication information is sent after management terminal set in advance, also includes:
If receiving the feedback information that described management terminal sends in preset time period, then according to described feedback information
Judge that described client is the most legal, otherwise, it is determined that described client is illegal.
Preferably, also include:
If described feedback information is for determining the illegal information of described client, or is being sent by described authentication information
Described feedback information, then alert is not received in preset time period after management terminal set in advance.
Preferably, preset management terminal to include:
Receive the management terminal profile request of external world's input, and the terminal letter that will carry in the request of described management terminal profile
The terminal that breath is corresponding is defined as managing terminal.
A kind of device strengthening wap protocol safety, including:
Link block, for receiving the connection request that client sends, sets up the connection with described client;
Transport module, for receiving the authentication information that described client sends, and sends described authentication information in advance
The management terminal set;
Authentication module, for receiving the feedback information of described management terminal feedback, if described feedback information is for determining
State the information that client is legal, then primarily determine that and allow described client to realize the access to network based on described wap protocol;Its
In, described wap protocol is a kind of network communication protocol.
Preferably, described transport module includes:
Transmitting element, for sending described authentication information to shifting set in advance with the form of note by SMS platform
Move terminal or described authentication information is sent to mailbox terminal set in advance with the form of mail by mailbox server.
Preferably, also include:
Respond module, for sending described authentication information after management terminal set in advance, if when default
Between receive the feedback information that described management terminal sends in section, then control described authentication module and judge according to described feedback information
Described client is the most legal, otherwise, it is determined that described client is illegal.
Preferably, also include:
Alarm module, if for described feedback information for determining the illegal information of described client, or by institute
State in authentication information sends the preset time period after management terminal set in advance and do not receive described feedback information, then send out
Go out warning message.
Preferably, also include:
Management terminal profile module, for receiving the management terminal profile request of extraneous input, and by described management terminal
Set terminal corresponding to the end message carried in request to be defined as managing terminal.
A kind of method and device strengthening wap protocol safety that the present invention provides, wherein, the method includes: receive client
The connection request that end sends, sets up the connection with described client;Receive the authentication information that described client sends, and by described
Authentication information sends to management terminal set in advance;Receive the feedback information of described management terminal feedback, if described feedback
Information is to determine the information that described client is legal, then primarily determine that the described client of permission realizes based on described wap protocol right
The access of network;Wherein, described wap protocol is a kind of network communication protocol.The above-mentioned technology provided by the embodiment of the present invention
Scheme, after the connection realized with client receiving the authentication information that client sends, is entered authentication information by manager
After row certification, only manager confirm that the client that authentication information is corresponding is legitimate client, just primarily determine that permission client
Hold and realize the access for network by wap protocol;Realize different to the certification of client from prior art just with password
, the application realizes the mutual authentication to client by above-mentioned steps, thus, as long as illegitimate client sends certification letter
Breath, manager just can determine the illegal identity of illegitimate client by authentication information, and it is right to forbid that it is realized by wap protocol
In the access of network, thus considerably increase the effectiveness of the safety ensureing wap protocol.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
In having technology to describe, the required accompanying drawing used is briefly described, it should be apparent that, the accompanying drawing in describing below is only this
Inventive embodiment, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to according to
The accompanying drawing provided obtains other accompanying drawing.
The flow chart of a kind of method strengthening wap protocol safety that Fig. 1 provides for the embodiment of the present invention;
The structural representation of a kind of device strengthening wap protocol safety that Fig. 2 provides for the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Describe, it is clear that described embodiment is only a part of embodiment of the present invention rather than whole embodiments wholely.Based on
Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under not making creative work premise
Embodiment, broadly falls into the scope of protection of the invention.
Refer to Fig. 1, it illustrates the flow process of a kind of method strengthening wap protocol safety that the embodiment of the present invention provides
Figure, may comprise steps of:
S11: receive the connection request that client sends, sets up the connection with client.
It should be noted that a kind of the enhancing in the method that wap protocol is safe that the embodiment of the present invention provides does not writes subject exactly
The subject that performs of step can be all to strengthen the device that wap protocol is safe.It is further to note that built by above-mentioned steps
The vertical connection with client, after sending authentication information in client, it is possible to be properly received authentication information.
Specifically, wap protocol is a global network communication protocol, and it makes mobile Internet have one to lead to
Row standard, its target be the abundant information of Internet and the business of advanced person are incorporated into the wireless terminals such as mobile phone it
In.
S12: receive the authentication information that client sends, and authentication information is sent to management terminal set in advance.
When client needs realize the access for network based on wap protocol, it can send authentication information, logical with request
Cross certification, and access network based on wap protocol after by certification.And authentication information can include the user that client is corresponding
Name, password and the information of description, description information includes the description to client, can be determined according to actual needs, such as client
The physical address etc. of end.And it is corresponding with manager to manage terminal, thus, manager can know the certification letter that client sends
Breath.
S13: receive the feedback information of management terminal feedback, if feedback information is to determine the information that client is legal, then
Primarily determine that and allow client to realize the access to network based on wap protocol;Wherein, wap protocol is a kind of network communication protocol.
The authentication information that manager receives according to management terminal, it is judged that whether the client that authentication information is corresponding is legal
Client, and will determine that result is carried in feedback information transmission.After this device receives feedback information, if feedback information is
Determine the information that client is legal, then primarily determine that permission client accesses network by wap protocol, otherwise, it is determined that client
End is for illegal, and forbids that it accesses network by wap protocol.
The technique scheme provided by the embodiment of the present invention, is being realized and the connection of client receive client
After the authentication information sent, manager being authenticated authentication information, only manager confirms the client that authentication information is corresponding
After end is for legitimate client, just primarily determines that and allow client to realize the access for network by wap protocol;With existing skill
Art realizes, unlike the certification to client, realizing the people to client by above-mentioned steps in the application just with password
Work certification, thus, as long as illegitimate client sends authentication information, manager just can determine illegitimate client by authentication information
Illegal identity, and forbid that it passes through wap protocol and realizes for the access of network, thus considerably increase and ensure wap protocol
The effectiveness of safety.
A kind of method strengthening wap protocol safety that the embodiment of the present invention provides, sends authentication information to presetting
Management terminal, may include that
Authentication information is sent to mobile terminal set in advance or by certification with the form of note by SMS platform
Information is sent to mailbox terminal set in advance with the form of mail by mailbox server.
Specifically, by SMS platform, authentication information can be sent the mobile end to manager with the form of note
End, it is also possible to authentication information is sent the mailbox etc. to manager with the form of mail by mailbox server, it is also possible to according to
It is actually needed and carries out other settings, all within protection scope of the present invention.
A kind of method strengthening wap protocol safety that the embodiment of the present invention provides, sends authentication information to presetting
Management terminal after, it is also possible to including:
If receiving the feedback information that management terminal sends in preset time period, then judge client according to feedback information
It is the most legal, otherwise to hold, it is determined that client is illegal.
It should be noted that due to the embodiment of the present invention provide method in the mistake that authentication information is carried out mutual authentication
Cheng Zhong, may by network, communicate and operation etc. is many affects, therefore, response time can not be too fast, accordingly, it would be desirable to set
Putting preset time period, this time period can be configured according to actual needs, such as 5 minutes etc., and then ensures the suitable of said method
Profit realizes.
A kind of method strengthening wap protocol safety that the embodiment of the present invention provides, it is also possible to including:
If feedback information is for determining the illegal information of client, or authentication information is being sent to set in advance
Feedback information is not received, then alert in preset time period after management terminal.
Wherein, warning message can be buzzing or alarm lamp etc., thus, notifies Administrator Client with intuitive way
Illegal, it is simple to manager carries out the operations such as shielding to client, further ensures the safety of wap protocol.
A kind of method strengthening wap protocol safety that the embodiment of the present invention provides, presets management terminal and may include that
Receive the management terminal profile request of external world's input, and the end message pair that will carry in management terminal profile request
The terminal answered is defined as managing terminal.
It should be noted that the setting of management terminal can be determined according to actual needs, and can input at any time
Management terminal profile information, to set management terminal at any time.Specifically, after setting management terminal, terminal will can be managed
End message carry out storing and being persisted to local hard drive, with according to end message to management terminal send authentication information.As
By SMS platform, with the form of note, authentication information is sent the mobile terminal to manager, then end message can be mobile
The number etc. of terminal, sends mailbox to manager, then terminal letter by authentication information with the form of mail by mailbox server
Breath can be the title etc. of mailbox.Furthermore, it is desirable to ensure that safety intensifier is normal with the communication of management terminal, on ensureing
State the smooth realization of method.
Corresponding with said method embodiment, the embodiment of the present invention additionally provides a kind of device strengthening wap protocol safety,
As in figure 2 it is shown, may include that
Link block 11, for receiving the connection request that client sends, sets up the connection with client;
Transport module 12, for receiving the authentication information that client sends, and sends authentication information to set in advance
Management terminal;
Authentication module 13, for receiving the feedback information of management terminal feedback, if feedback information is for determining that client is closed
The information of method, then primarily determine that and allow client to realize the access to network based on wap protocol;Wherein, wap protocol is a kind of net
Network communication protocol.
It should be noted that the said apparatus that the embodiment of the present invention provides may be mounted in operating system.
A kind of device strengthening wap protocol safety that the embodiment of the present invention provides, transport module includes:
Transmitting element, for sending the most set in advance move eventually by SMS platform with the form of note by authentication information
Hold or authentication information is sent to mailbox terminal set in advance with the form of mail by mailbox server.
A kind of device strengthening wap protocol safety that the embodiment of the present invention provides, it is also possible to including:
Respond module, for sending authentication information after management terminal set in advance, if in preset time period
Inside receive the feedback information that management terminal sends, then control authentication module and judge that client is the most legal according to feedback information,
Otherwise, it is determined that client is illegal.
A kind of enhancing wap protocol safety device that the embodiment of the present invention provides, it is also possible to including:
Alarm module, if for feedback information for determining the illegal information of client, or is sending out authentication information
Feedback information is not received, then alert in preset time period after delivering to management terminal set in advance.
A kind of device strengthening wap protocol safety that the embodiment of the present invention provides, it is also possible to including:
Management terminal profile module, for receiving the management terminal profile request of extraneous input, and will manage terminal profile
The terminal that the end message that carries in request is corresponding is defined as managing terminal.
In a kind of device strengthening wap protocol safety that the embodiment of the present invention provides, the explanation of relevant portion refers to this
In a kind of method strengthening wap protocol safety that bright embodiment provides, the detailed description of corresponding part, does not repeats them here.
Described above to the disclosed embodiments, makes those skilled in the art be capable of or uses the present invention.To this
The multiple amendment of a little embodiments will be apparent from for a person skilled in the art, and generic principles defined herein can
With without departing from the spirit or scope of the present invention, realize in other embodiments.Therefore, the present invention will not be limited
It is formed on the embodiments shown herein, and is to fit to consistent with principles disclosed herein and features of novelty the widest
Scope.
Claims (10)
1. the method strengthening wap protocol safety, it is characterised in that including:
Receive the connection request that client sends, set up the connection with described client;
Receive the authentication information that described client sends, and described authentication information is sent to management terminal set in advance;
Receive the feedback information of described management terminal feedback, if described feedback information is to determine the letter that described client is legal
Breath, then primarily determine that and allow described client to realize the access to network based on described wap protocol;Wherein, described wap protocol is
A kind of network communication protocol.
Method the most according to claim 1, it is characterised in that described authentication information is sent to management set in advance eventually
End, including:
Described authentication information is sent to mobile terminal set in advance or by described with the form of note by SMS platform
Authentication information is sent to mailbox terminal set in advance with the form of mail by mailbox server.
Method the most according to claim 2, it is characterised in that described authentication information is sent to management set in advance eventually
After end, also include:
If receiving the feedback information that described management terminal sends in preset time period, then judge according to described feedback information
Described client is the most legal, otherwise, it is determined that described client is illegal.
Method the most according to claim 3, it is characterised in that also include:
If described feedback information is for determining the illegal information of described client, or described authentication information is being sent in advance
Described feedback information, then alert is not received in preset time period after the management terminal first set.
Method the most according to claim 4, it is characterised in that preset management terminal and include:
Receive the management terminal profile request of external world's input, and the end message pair that will carry in the request of described management terminal profile
The terminal answered is defined as managing terminal.
6. the device strengthening wap protocol safety, it is characterised in that including:
Link block, for receiving the connection request that client sends, sets up the connection with described client;
Transport module, for receiving the authentication information that described client sends, and sends described authentication information to presetting
Management terminal;
Authentication module, for receiving the feedback information of described management terminal feedback, if described feedback information is for determining described visitor
The information that family end is legal, then primarily determine that and allow described client to realize the access to network based on described wap protocol;Wherein,
Described wap protocol is a kind of network communication protocol.
Device the most according to claim 6, it is characterised in that described transport module includes:
Transmitting element, for sending the most set in advance move eventually by SMS platform with the form of note by described authentication information
Hold or described authentication information is sent to mailbox terminal set in advance with the form of mail by mailbox server.
Device the most according to claim 7, it is characterised in that also include:
Respond module, for sending described authentication information after management terminal set in advance, if in preset time period
Inside receive the feedback information that described management terminal sends, then control described authentication module and judge according to described feedback information described
Client is the most legal, otherwise, it is determined that described client is illegal.
Device the most according to claim 8, it is characterised in that also include:
Alarm module, if for described feedback information for determining the illegal information of described client, or is recognizing described
Card information does not receives described feedback information in sending the preset time period after management terminal set in advance, then send report
Alarming information.
Device the most according to claim 9, it is characterised in that also include:
Management terminal profile module, for receiving the management terminal profile request of extraneous input, and by described management terminal profile
The terminal that the end message that carries in request is corresponding is defined as managing terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610514522.2A CN106209804A (en) | 2016-07-01 | 2016-07-01 | A kind of method and device strengthening wap protocol safety |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610514522.2A CN106209804A (en) | 2016-07-01 | 2016-07-01 | A kind of method and device strengthening wap protocol safety |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106209804A true CN106209804A (en) | 2016-12-07 |
Family
ID=57464322
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610514522.2A Pending CN106209804A (en) | 2016-07-01 | 2016-07-01 | A kind of method and device strengthening wap protocol safety |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106209804A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109922473A (en) * | 2019-02-25 | 2019-06-21 | 迈普通信技术股份有限公司 | A kind of authorization and authentication method, certificate server and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004145858A (en) * | 2002-08-28 | 2004-05-20 | Canon Inc | Server device |
| CN101242404A (en) * | 2007-02-08 | 2008-08-13 | 联想(北京)有限公司 | A validation method and system based on heterogeneous network |
| US20110131630A1 (en) * | 2009-12-01 | 2011-06-02 | Electronics And Telecommunications Research Institute | Service access method and device, service authentication device and terminal based on temporary authentication |
| CN103916366A (en) * | 2012-12-31 | 2014-07-09 | 中国移动通信集团公司 | Login method, maintenance terminal, data management service equipment and login system |
| CN105721439A (en) * | 2016-01-20 | 2016-06-29 | 浪潮(北京)电子信息产业有限公司 | Method of improving safety performance of FTP server |
-
2016
- 2016-07-01 CN CN201610514522.2A patent/CN106209804A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004145858A (en) * | 2002-08-28 | 2004-05-20 | Canon Inc | Server device |
| CN101242404A (en) * | 2007-02-08 | 2008-08-13 | 联想(北京)有限公司 | A validation method and system based on heterogeneous network |
| US20110131630A1 (en) * | 2009-12-01 | 2011-06-02 | Electronics And Telecommunications Research Institute | Service access method and device, service authentication device and terminal based on temporary authentication |
| CN103916366A (en) * | 2012-12-31 | 2014-07-09 | 中国移动通信集团公司 | Login method, maintenance terminal, data management service equipment and login system |
| CN105721439A (en) * | 2016-01-20 | 2016-06-29 | 浪潮(北京)电子信息产业有限公司 | Method of improving safety performance of FTP server |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109922473A (en) * | 2019-02-25 | 2019-06-21 | 迈普通信技术股份有限公司 | A kind of authorization and authentication method, certificate server and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101359324B1 (en) | System for enforcing security policies on mobile communications devices | |
| CN102835137B (en) | Promote the certification of access terminal identity | |
| KR102424834B1 (en) | Method for managing of beacon device, and apparatus thereof | |
| US8644840B2 (en) | Enhanced manageability in wireless data communication systems | |
| CN101521886B (en) | Method and device for authenticating terminal and telecommunication smart card | |
| CN105246073B (en) | The access authentication method and server of wireless network | |
| CN108173822A (en) | Intelligent door lock management-control method, intelligent door lock and computer readable storage medium | |
| CN106850209A (en) | A kind of identity identifying method and device | |
| KR101341256B1 (en) | Apparatus and method for strengthening security connection of network | |
| CN103886661B (en) | Access control management method and system | |
| KR20160114620A (en) | Methods, devices and systems for dynamic network access administration | |
| CN105321240A (en) | Control method and device of intelligent door lock and intelligent door control system | |
| CN109618344B (en) | Safe connection method and device of wireless monitoring equipment | |
| CN103944737A (en) | User identity authentication method, third-party authentication platform and operator authentication platform | |
| CN104767713B (en) | Account binding method, server and system | |
| CN105577662B (en) | Terminal environments method of controlling security and server | |
| CN106060072B (en) | Authentication method and device | |
| CN104202338A (en) | Secure access method applicable to enterprise-level mobile applications | |
| CN106911661A (en) | A kind of short-message verification method, device, client, server and system | |
| CN104270250A (en) | WiFi Internet surfing connecting authentication method and system based on asymmetric full-process encryption | |
| CN105721439A (en) | Method of improving safety performance of FTP server | |
| US20210243188A1 (en) | Methods and apparatus for authenticating devices | |
| CN107113613A (en) | Server, mobile terminal, real-name network authentication system and method | |
| CN106791627A (en) | Network Video Surveillance and security alarm integrated system and its secure access method for authenticating | |
| CN107770194A (en) | A kind of customer identity registration, authentication method and car networking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161207 |
|
| RJ01 | Rejection of invention patent application after publication |