CN106357629B - Intelligent terminal identity authentication and single sign-on system and method based on digital certificate - Google Patents
Intelligent terminal identity authentication and single sign-on system and method based on digital certificate Download PDFInfo
- Publication number
- CN106357629B CN106357629B CN201610785572.4A CN201610785572A CN106357629B CN 106357629 B CN106357629 B CN 106357629B CN 201610785572 A CN201610785572 A CN 201610785572A CN 106357629 B CN106357629 B CN 106357629B
- Authority
- CN
- China
- Prior art keywords
- server
- resource
- single sign
- user
- application program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
An intelligent terminal identity authentication and single sign-on system and method based on digital certificate, the system includes intelligent terminal, intelligent card, terminal application program, identity authentication server, resource authorization server, resource server and single sign-on server; the method comprises the following steps: building a server; installing a terminal application program for the intelligent terminal; authenticating the identity of the intelligent terminal; obtaining an authorized resource list; and accessing the business process through single sign-on. According to the invention, the identity authentication is completed by reading the digital certificate of the intelligent card through the intelligent terminal, and random number signatures are added during the identity authentication and the bill exchange to prevent replay attack; the authorized resources which can be accessed by the user are displayed in a friendly way through the APP resource portal, and the single sign-on is realized more conveniently based on the APP portal rather than the browser redirection form during the single sign-on.
Description
Technical Field
The invention belongs to the field of information technology and application, and can be used for realizing the intelligent terminal single sign-on of an application system, namely, the intelligent terminal can access all mutually trusted application systems only by logging in a single sign-on server.
Background
User identity authentication means that the user identity is confirmed by a certain means, that is, the user who claims to be a certain identity at present is confirmed to be the claimed user. Identity authentication is the first door of security and is a precondition that various security measures can play a role. The most common authentication methods are account and password authentication methods. With the introduction of various information systems by enterprises and institutions, users and administrators need to maintain accounts and passwords of multiple information systems, which affects daily work efficiency. Users want to have access to the information systems of an enterprise at one time, so resource single sign-on technology comes up. Single sign-on is a unified authentication and authorization mechanism, which means that the same user accessing protected resources in different applications of the same server only needs to log on once, i.e. after passing security verification in one application, when accessing protected resources in other applications, the user does not need to log on again for verification.
At present, the use of intelligent terminals is quite popular, and the use of smart phones and tablet computers is in the way of thousands of households. And the matching degree of the intelligent terminal and the intelligent card is quite high, and almost all the intelligent terminals can be connected with the intelligent card. The intelligent terminal is also convenient to use for mobile office work and management.
However, the existing intelligent terminal does not have the functions of identity authentication and single sign-on, so how to use the intelligent card to realize identity authentication on the intelligent terminal is realized, so that the identity authentication is safer; how to show authorized resources that can be accessed by a user is well suitable for the characteristic that a mobile phone screen is small, and the authorized resources of the user can be shown more conveniently and more friendly; how to obtain the resource list to realize single sign-on the intelligent terminal becomes a technical problem to be solved urgently by technical personnel in the field.
The present invention has been made in view of the above problems.
Disclosure of Invention
In view of the above, the present invention is directed to a system and method for authenticating an identity and a single sign-on of an intelligent terminal based on a digital certificate, which solve the above problems.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
an intelligent terminal identity authentication and single sign-on system based on digital certificates comprises an intelligent terminal, an intelligent card, a terminal application program, an identity authentication server, a resource authorization server, a resource server and a single sign-on server, wherein the terminal application program in the intelligent terminal performs identity authentication with the identity authentication server through the intelligent card, after the identity authentication is passed, the terminal application program accesses the single sign-on server by carrying bill information returned after the authentication, after the login is successful, the single sign-on server returns a bill of the user authorization resource, the terminal application program accesses the resource authorization server by carrying the bill information of the authorization resource returned after the login, the resource authorization server returns an authorization resource list to the terminal application program after the bill interaction with the single sign-on server, after a certain resource in the resource list is authorized, the terminal application program and the single sign-on server and the resource server perform bill interaction, and then the corresponding resource is presented to the intelligent terminal through the terminal application program.
The intelligent terminal is an Android or IOS mobile phone, the intelligent card is a Bluetooth or audio type intelligent password key or an intelligent SD card, and the terminal application program is an Android/IOS APP.
A method for realizing intelligent terminal identity authentication and single sign-on based on digital certificates comprises the following steps:
firstly, building a server: the server comprises an authentication server, a resource authorization server and a single sign-on server;
secondly, installing a terminal application program for the intelligent terminal;
thirdly, authenticating the identity of the intelligent terminal;
fourthly, obtaining an authorized resource list;
and fifthly, accessing the business process through single sign-on.
The authentication server is provided with an interface of identity authentication service, so that the authentication server can realize the functions of making and issuing certificates for an administrator;
the resource authorization server is integrated with the authentication server, so that the resource authorization server can be accessed to obtain a resource list through the return information of the authentication server, and an administrator can be ensured to authorize and operate the resource;
the single sign-on server realizes private SSO bill service and private SSO bill information, and ensures that the issuing and the exchange of the bills can be realized.
The terminal application program comprises an authentication part application program which ensures that the digital certificate can be read by connecting the intelligent card through the application program and can access an authentication server to carry out signature authentication; the method also comprises an application program which ensures that the authorized resource server can be accessed and displays an authorized resource list to the user passing the verification; the method also comprises an application program which ensures that the single sign-on server can be accessed through the resource list application program, the bill is obtained, the exchange of the bill is realized, and the single sign-on is finally realized.
The intelligent terminal identity authentication method comprises the following specific steps: the administrator makes a certificate through the authentication server and introduces the certificate into the user intelligent card, and registers and creates the user; the user is connected with the smart card through an APP on the smart terminal to read the certificate, an authentication request is sent to the authentication server, the authentication server returns the random number, the APP signs the random number and the user name abstract and then sends the random number and the user name abstract to the authentication server to be verified, and the authentication server returns a verification result to determine whether the identity authentication is successful.
The specific steps for obtaining the resource list are as follows: the user accesses the authorized resource server by using the authorization information of the user acquired from the gateway server; and the authorized resource server returns the authorized resource list of the user through the user name, and the APP displays the result.
The specific process of accessing the service by single sign-on is as follows: when a user accesses a certain resource through a resource list displayed by an APP portal, the APP portal carries authentication information of the user to apply a single sign-on bill of the resource to a single sign-on server by clicking the resource list; after the single sign-on server authenticates the information of the user, the bill of the authorized resource is returned; the APP portal calls third-party resource access software to carry the bill to access the authorized resource; the resource exchanges the bill and the single sign-on service to obtain an authorized resource account corresponding to the user, and then the resource is successfully accessed.
Compared with the prior art, the intelligent terminal identity authentication and single sign-on system and method based on the digital certificate have the following advantages:
1. safety: the identity authentication is completed by reading the digital certificate of the intelligent card through the intelligent terminal, and random number signatures are added during the identity authentication and the bill exchange to prevent replay attack. After the certificate identity authentication based on the APP portal, authorized resources are displayed, and the safety is further ensured.
2. Convenience: the authorized resources which can be accessed by the user are displayed in a friendly way through the APP resource portal, and the single sign-on is realized more conveniently based on the APP portal rather than the browser redirection form during the single sign-on.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate an embodiment of the invention and, together with the description, serve to explain the invention and not to limit the invention. In the drawings:
FIG. 1 is an overall framework diagram of the present invention (illustrating the specific hierarchy of identity authentication and single sign-on techniques based on digital certificates of an intelligent terminal, i.e., a user can access a resource list (portal) and an authentication server through an application program and an intelligent card on the intelligent terminal and can access specific services after identity authentication and single sign-on);
FIG. 2 is a general flowchart of the present invention (describing a complete process of identity authentication and single sign-on resource access by a user connecting a smart card to an intelligent terminal, accessing an authentication server and a resource server through an application program to obtain a resource list (portal), accessing the single sign-on server through the resource list (portal) to obtain a ticket of a specific authorized resource, and then redeeming the ticket from the single sign-on server by the resource to realize the access of the user to the resource);
FIG. 3 is a flow chart of the identity authentication of the present invention (a user first requests authentication by accessing an authentication server through an application on an intelligent terminal, the authentication server returns a random number, the application accesses the authentication server by reading a digital certificate in an intelligent card and signing the information of the random number with the digital certificate, the authentication server returns the authorization information of the user after the information is verified successfully, and the APP on the intelligent terminal stores the authorization information);
fig. 4 is a flowchart of an authorized resource list according to the present invention (after the user passes identity authentication, the user's authorization information returned by the authentication server is obtained, the application program carries the authorization information to the single sign-on server to obtain a ticket for accessing the authorized resource list (portal), the single sign-on server returns the ticket, then the intelligent terminal APP carries the ticket to access the resource server, the resource server redeems the ticket to the single sign-on server, and then returns the authorized resource list (portal) to the APP);
fig. 5 is a flowchart for implementing single sign-on (after the APP acquires the authorized resource list, the user clicks a specific resource, the application program accesses the single sign-on server, the single sign-on server returns the ticket of the authorized resource, the application program accesses the resource with the ticket, the resource redeems the ticket from the single sign-on server to obtain the authorized information of the user, and then the user can operate the resource, thus implementing single sign-on).
Detailed Description
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
The basic idea of the invention is: the intelligent terminal completes the functions of identity authentication, resource authorization and the like through the digital certificate in the intelligent card, and finally single sign-on is realized. And realizing identity authentication based on the digital certificate authentication technology of the intelligent terminal and the intelligent card. The method for acquiring the bill and redeeming the bill through the authorized resource list realizes single sign-on. The method comprises the steps of realizing identity authentication based On a smart card, obtaining a resource list (resource portal) by a smart terminal, obtaining a bill, a private SSO (Single Sign On) bill service and private SSO bill information by accessing a Single Sign On server through the resource list.
The specific implementation steps are as follows: see fig. 2.
Building a server:
a. and deploying an authentication server, designing an interface of identity authentication service, and ensuring that the network authentication server can realize the function of making a certificate for a common user by an administrator.
b. And deploying the resource server, integrating the resource server with the authentication server, and accessing the resource server to acquire a resource list (resource portal) through the return information of the authentication server. And ensuring that the administrator can authorize and operate the resource.
c. A Single Sign-On server is deployed to realize private SSO (Single Sign On) bill service and private SSO bill information. Ensuring that the issuing and the exchanging of the bill can be realized.
Installing an intelligent terminal APP:
identity authentication part of APP: the method ensures that the digital certificate can be read and the server data can be signed (added) through the APP connection smart card, and the signature authentication can be carried out by accessing the authentication server.
Acquisition resource list (resource portal) of app application: and ensuring that the resource server can be accessed, and showing an authorized resource list to the user passing the identity authentication (replacement).
Single sign-on part of app application: the single sign-on server can be accessed through the resource portal, the bill is acquired, and the bill exchange is realized. And finally realizing single sign-on.
Verifying the overall function of the system:
a. the identity authentication function comprises the following steps: the administrator makes a certificate through the authentication server and imports the certificate into the user smart card, and registers and creates the user. The user reads the certificate through the APP connection smart card on the smart terminal, initiates an authentication request to the authentication server, the authentication server returns the random number, the APP signs the random number and the user name abstract and then sends the random number and the user name abstract to the authentication server for verification, and the authentication server returns a verification result.
b. The acquire resource list function: the user accesses the resource server by using the authorization information of the user acquired from the gateway server; the resource server returns an authorized resource list (resource portal) of the user through the user name, and the APP displays the result.
c. Single sign-on function: the user can access the resource through the resource portal, the APP can access the single sign-on server to obtain the bill and carry the bill to access the resource, exchange of the bill is achieved, and finally single sign-on is achieved.
Compared with the prior art, the invention has the following innovation points:
innovation of authorized resource display mode: based on a smaller screen of the intelligent terminal, the intelligent terminal is designed into an APP portal form, authorized resources are displayed to a user more friendly, and the user can realize single sign-on of the authorized resources through the portal.
Innovation of single sign-on implementation: based on the APP portal instead of the browser, the single sign-on server is accessed, and the redirection mode of the browser is simulated, so that the single sign-on of identity authentication and authorized resources is realized.
The invention relates to an intelligent terminal identity authentication and single sign-on method based on a digital certificate, which needs the following components for realizing the method: intelligent terminal (such as Android/IOS cell-phone), smart card (such as bluetooth formula/intelligent password key of audio frequency formula/intelligent SD card), terminal application (Android/IOS APP), authentication service, resource authorization service, single sign on service, characterized by: the method comprises the steps of intelligent terminal identity authentication based on an intelligent card certificate, intelligent terminal APP portal display authorization resources and single sign-on based on an intelligent terminal APP portal, and the authenticated user can access the authorization resources through the single sign-on of the intelligent terminal APP.
The intelligent terminal identity authentication based on the intelligent card certificate, namely the intelligent terminal shows the identity and the corresponding private key signature through the public key certificate of the intelligent card to verify the identity, so as to realize the identity authentication of the intelligent terminal user, mainly comprises the following two processes:
a. user management of an administrator: creating and managing a user based on the user's smart card credentials;
b. and (3) identity authentication of the user: the user uses the intelligent terminal to submit a request authentication based on the intelligent card certificate and uses the private key to sign the random number returned by the authentication server, the response/challenge mode can prevent possible replay attack, and finally, the authentication result returned by the identity authentication service is obtained and cached.
The method comprises the following steps that an intelligent terminal APP portal displays authorized resources, namely the intelligent terminal uses a bill provided by a single sign-on service to access resource authorization service, and authorized resource information is displayed at the intelligent terminal APP portal, and mainly comprises the following processes:
a. resource management of an administrator: registering resource service, managing resource account, and authorizing the resource account for the user;
b. and (3) APP portal display of user authorized resources: the user accesses the single sign-on service by virtue of the authentication information returned by the identity authentication service, acquires and submits an access bill of the resource authorization service, the resource authorization service exchanges the bill with the single sign-on server, returns the authorized resource information of the user after the identity of the user is verified, and displays the authorized resource information through an APP portal of the intelligent terminal.
Based on the single sign-on of intelligent terminal APP portal, specific realization flow is: when a user accesses a certain resource through a resource list displayed by an APP portal, the APP portal carries authentication information of the user to apply for a single sign-on bill of the resource to a single sign-on service by clicking the resource list; after the single sign-on service authenticates the information of the user, the bill of the authorized resource is returned; the APP portal calls third-party resource access software (such as a browser) to carry the ticket to access the authorized resource; the resource exchanges the bill and the single sign-on service to obtain an authorized resource account corresponding to the user, and then the resource is successfully accessed; because the acquisition of the bill and the redemption of the bill are carried out in the background and are invisible to the user, login verification is not needed when the resource is accessed every time, and single-point login is realized.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (6)
1. The utility model provides an intelligent terminal authentication and single sign-on system based on digital certificate which characterized in that: comprises an intelligent terminal, an intelligent card, a terminal application program, an identity authentication server, a resource authorization server, a resource server and a single sign-on server,
the terminal application program inside the intelligent terminal performs identity authentication with the identity authentication server through the intelligent card, and specifically includes:
the administrator makes a certificate through the authentication server and introduces the certificate into the user intelligent card, and registers and creates the user;
a user reads a certificate through an APP connection smart card on a smart terminal, initiates an authentication request to an authentication server, and the authentication server returns a random number;
the APP signs the random number and the user abstract and then sends the random number and the user abstract to an authentication server for verification, and the authentication server returns a verification result;
after the identity authentication is passed, the terminal application program accesses the single sign-on server by carrying the returned bill information after the authentication, after the login is successful, the single sign-on server returns the authorized resource bill of the user, the terminal application program accesses the resource authorization server by carrying the returned authorized resource bill information after the login, and the resource authorization server returns an authorized resource list to the terminal application program after bill interaction with the single sign-on server is carried out; after a user clicks a certain resource in the authorized resource list, a terminal application program and a single sign-on server perform bill interaction with the resource server, and then the corresponding resource is presented to the intelligent terminal through the terminal application program;
the specific process of accessing the service by single sign-on is as follows: when a user accesses a certain resource through an authorized resource list displayed by a terminal application program, the terminal application program carries authentication information of the user to apply a single sign-on bill of the resource to a single sign-on server by clicking the authorized resource list; after the single sign-on server authenticates the information of the user, the bill of the authorized resource is returned; the terminal application program calls third-party resource access software to carry the bill to access the resource authorization server; and the resource authorization server exchanges the bill and the single sign-on server to obtain an authorized resource account corresponding to the user, so that the resource is successfully accessed.
2. The intelligent terminal identity authentication and single sign-on system based on the digital certificate as claimed in claim 1, characterized in that: the intelligent terminal is an Android or IOS mobile phone, the intelligent card is a Bluetooth or audio type intelligent password key or an intelligent SD card, and the terminal application program is an Android/IOS APP.
3. The method for realizing the intelligent terminal identity authentication and the single sign-on based on the digital certificate as claimed in claim 1 or 2 is characterized in that: the method comprises the following steps:
firstly, building a server: the server comprises an identity authentication server, a resource authorization server and a single sign-on server;
secondly, installing a terminal application program for the intelligent terminal;
thirdly, authenticating the identity of the intelligent terminal;
the intelligent terminal identity authentication method comprises the following specific steps: an administrator makes a certificate through the identity authentication server and introduces the certificate into the user intelligent card, and registers and creates a user; a user is connected with an intelligent card through a terminal application program on an intelligent terminal to read a certificate, an authentication request is initiated to an identity authentication server, the identity authentication server returns a random number, the terminal application program signs the random number and a user name abstract and then sends the random number and the user name abstract to the identity authentication server for authentication, and the identity authentication server returns an authentication result to determine whether identity authentication is successful or not;
fourthly, obtaining an authorized resource list;
fifthly, accessing the business process through single sign-on;
the specific process of accessing the service by single sign-on is as follows: when a user accesses a certain resource through an authorized resource list displayed by a terminal application program, the terminal application program carries authentication information of the user to apply a single sign-on bill of the resource to a single sign-on server by clicking the authorized resource list; after the single sign-on server authenticates the information of the user, the bill of the authorized resource is returned; the terminal application program calls third-party resource access software to carry the bill to access the resource authorization server; and the resource authorization server exchanges the bill and the single sign-on server to obtain an authorized resource account corresponding to the user, so that the resource is successfully accessed.
4. The method for realizing intelligent terminal identity authentication and single sign-on based on digital certificate as claimed in claim 3, wherein: the identity authentication server is provided with an interface of identity authentication service, so that the identity authentication server can realize the function of making a certificate for a common user by an administrator;
the resource authorization server is integrated with the identity authentication server, so that the resource authorization server can be accessed to obtain an authorized resource list through the returned information of the identity authentication server, and an administrator can be ensured to authorize and operate the resource;
the single sign-on server realizes private SSO bill service and private SSO bill information, and ensures that the issuing and the exchange of the bills can be realized.
5. The intelligent terminal identity authentication and single sign-on method based on the digital certificate as claimed in claim 3, characterized in that: the terminal application program comprises an authentication part application program which can ensure that the terminal application program can be connected with the intelligent card through the application program to read the digital certificate and sign the server data, and can access the identity authentication server to perform signature authentication; the method also comprises an application program which ensures that the resource authorization server can be accessed and displays an authorized resource list to a user passing the verification; the method also comprises an application program which ensures that the single sign-on server can be accessed through the authorized resource list application program, the bill is obtained, the bill exchange is realized, and the single sign-on is finally realized.
6. The intelligent terminal identity authentication and single sign-on method based on the digital certificate as claimed in claim 3, characterized in that: the specific steps for obtaining the authorized resource list are as follows: the user accesses the resource authorization server by using the authorization information of the user acquired from the gateway server; and the resource authorization server returns the authorized resource list of the user through the user name, and the terminal application program displays the result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610785572.4A CN106357629B (en) | 2016-08-31 | 2016-08-31 | Intelligent terminal identity authentication and single sign-on system and method based on digital certificate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610785572.4A CN106357629B (en) | 2016-08-31 | 2016-08-31 | Intelligent terminal identity authentication and single sign-on system and method based on digital certificate |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106357629A CN106357629A (en) | 2017-01-25 |
| CN106357629B true CN106357629B (en) | 2021-10-26 |
Family
ID=57857770
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610785572.4A Active CN106357629B (en) | 2016-08-31 | 2016-08-31 | Intelligent terminal identity authentication and single sign-on system and method based on digital certificate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106357629B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107749855A (en) * | 2017-10-30 | 2018-03-02 | 武汉烽火信息集成技术有限公司 | Client-based single-sign-on identity identifying method and system |
| CN107749854B (en) * | 2017-10-30 | 2019-12-27 | 武汉烽火信息集成技术有限公司 | Single sign-on method and system based on client |
| CN109787940B (en) * | 2017-11-14 | 2021-10-29 | 北京神州泰岳信息安全技术有限公司 | User data processing method and device based on robot customer service |
| CN107948204B (en) * | 2017-12-29 | 2020-10-30 | 咪咕文化科技有限公司 | One-key login method and system, related equipment and computer readable storage medium |
| CN110602023A (en) * | 2018-06-12 | 2019-12-20 | 中国移动通信有限公司研究院 | Personal information safety control method, device and computer readable storage medium |
| CN108769056B (en) * | 2018-06-15 | 2021-03-23 | 中国人民解放军战略支援部队信息工程大学 | Single sign-on method, device and system |
| CN109203736B (en) * | 2018-09-30 | 2020-11-20 | 山东知味行网络科技有限公司 | Electronic seal and system and method for carrying out identity recognition by using electronic seal |
| CN112291188B (en) * | 2019-09-23 | 2023-02-10 | 中建材信息技术股份有限公司 | Registration verification method and system, registration verification server and cloud server |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101207482A (en) * | 2007-12-13 | 2008-06-25 | 深圳市戴文科技有限公司 | System and method for implementation of single login |
| CN102006299A (en) * | 2010-11-29 | 2011-04-06 | 西安交通大学 | Trustworthy internet-oriented entity ID (Identity)-based ID authentication method and system |
| CN103701823A (en) * | 2013-12-31 | 2014-04-02 | 曙光云计算技术有限公司 | Single-point logging in method and device |
| CN104168111A (en) * | 2014-01-02 | 2014-11-26 | 北京中油瑞飞信息技术有限责任公司 | Method for realizing unified identity authentication of mobile applications based on portable security module |
| CN105141580A (en) * | 2015-07-27 | 2015-12-09 | 天津灵创智恒软件技术有限公司 | Resource access control method based on AD domain |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW201306610A (en) * | 2011-06-28 | 2013-02-01 | Interdigital Patent Holdings | Automated negotiation and selection of authentication protocols |
| US8769651B2 (en) * | 2012-09-19 | 2014-07-01 | Secureauth Corporation | Mobile multifactor single-sign-on authentication |
| JP6166596B2 (en) * | 2013-06-21 | 2017-07-19 | キヤノン株式会社 | Authorization server system, control method therefor, and program |
-
2016
- 2016-08-31 CN CN201610785572.4A patent/CN106357629B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101207482A (en) * | 2007-12-13 | 2008-06-25 | 深圳市戴文科技有限公司 | System and method for implementation of single login |
| CN102006299A (en) * | 2010-11-29 | 2011-04-06 | 西安交通大学 | Trustworthy internet-oriented entity ID (Identity)-based ID authentication method and system |
| CN103701823A (en) * | 2013-12-31 | 2014-04-02 | 曙光云计算技术有限公司 | Single-point logging in method and device |
| CN104168111A (en) * | 2014-01-02 | 2014-11-26 | 北京中油瑞飞信息技术有限责任公司 | Method for realizing unified identity authentication of mobile applications based on portable security module |
| CN105141580A (en) * | 2015-07-27 | 2015-12-09 | 天津灵创智恒软件技术有限公司 | Resource access control method based on AD domain |
Non-Patent Citations (2)
| Title |
|---|
| 刘秉凯.基于PKI的统一身份认证服务系统的设计与实现.《中国优秀硕士学位论文全文数据库 信息科技辑》.2014,7-48、82-85. * |
| 基于PKI的统一身份认证服务系统的设计与实现;刘秉凯;《中国优秀硕士学位论文全文数据库 信息科技辑》;20140215;第7-48、82-85页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106357629A (en) | 2017-01-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106357629B (en) | Intelligent terminal identity authentication and single sign-on system and method based on digital certificate | |
| JP6689828B2 (en) | System and method for integrating authentication services within a network architecture | |
| CN109981561A (en) | Monomer architecture system moves to the user authen method of micro services framework | |
| US10944574B2 (en) | Method for providing virtual asset service based on decentralized identifier and virtual asset service providing server using them | |
| US8869253B2 (en) | Electronic system for securing electronic services | |
| CN108804906B (en) | System and method for application login | |
| CN104378210B (en) | Across the identity identifying method of trust domain | |
| US8847729B2 (en) | Just in time visitor authentication and visitor access media issuance for a physical site | |
| KR101214839B1 (en) | Authentication method and authentication system | |
| TW201824052A (en) | Authentication device-based electronic identity card authentication service system | |
| CN103560888B (en) | Digital certificate-based unified authentication login method for integrating multiple application systems | |
| CN106911627B (en) | A kind of true identity method of controlling security and its system based on eID | |
| CN101841525A (en) | Secure access method, system and client | |
| WO2009094949A1 (en) | Creditable remote service method and system | |
| CN104159225A (en) | Wireless network based real-name registration system management method and system | |
| WO2014110877A1 (en) | Mobile terminal device and user authentication method based on pki technology | |
| CN109067785A (en) | Cluster authentication method, device | |
| CN104601594B (en) | The identification authentication system and method for OTP token equipment based on two dimensional code | |
| CN110247758A (en) | The method, apparatus and code management device of Password Management | |
| CN103986734A (en) | Authentication management method and authentication management system applicable to high-security service system | |
| WO2017076202A1 (en) | Smart card, mobile terminal, and method for using smart card to implement network identity authentication | |
| CN104584479A (en) | Method and system using a Cyber ID to provide secure transactions | |
| CN110321682A (en) | A kind of unified identity authentication method and device based on UAF and IBC | |
| TWI357752B (en) | Network user id verification system and method | |
| KR101294805B1 (en) | 2-channel authentication method and system based on authentication application |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |