CN106712933A - Identity authentication method and device based on mobile Internet terminal - Google Patents

Identity authentication method and device based on mobile Internet terminal Download PDF

Info

Publication number
CN106712933A
CN106712933A CN201611021727.3A CN201611021727A CN106712933A CN 106712933 A CN106712933 A CN 106712933A CN 201611021727 A CN201611021727 A CN 201611021727A CN 106712933 A CN106712933 A CN 106712933A
Authority
CN
China
Prior art keywords
user account
password
encrypted word
server
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611021727.3A
Other languages
Chinese (zh)
Inventor
阚志刚
陈彪
王卫民
卢佐华
彭建芬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
YANGPUWEIYE TECHNOLOGY Ltd
Original Assignee
YANGPUWEIYE TECHNOLOGY Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by YANGPUWEIYE TECHNOLOGY Ltd filed Critical YANGPUWEIYE TECHNOLOGY Ltd
Priority to CN201611021727.3A priority Critical patent/CN106712933A/en
Publication of CN106712933A publication Critical patent/CN106712933A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses an identity authentication method and device based on a mobile Internet terminal. The method comprises the steps of receiving a user account and a password input by a user at the mobile Internet terminal; generating an encryption word based on the password and an inherent terminal identifier of the mobile Internet terminal; sending the user account and encryption word to a server, thereby comparing the encryption word with the encryption words which are stored by the server and are associated with the user account; and receiving an authentication result of the server, wherein if the encryption word sent to the server is consistent with one of the encryption words which are stored by the server and are associated with the user account, the authentication result of the server is success. According to the method and the device, the identity of the user can be authenticated, and whether to access the special mobile Internet terminal or not can be authenticated.

Description

Identity identifying method and device based on mobile Internet terminal
Technical field
The disclosure relates generally to field of computer technology, and in particular to filed of network information security, more particularly to a kind of base In the identity identifying method and device of mobile Internet terminal.
Background technology
In current internet, when perhaps being serviced in user's access website, website needs to verify the identity of user.
Authenticating user identification of the prior art, often requires user input user account and password, then website clothes The password of the user account that business device prestores the password of input and server is compared, by checking if consistent.
With the development of internet, increasing web site contents or service request are only in some specific mobile interchanges Could be accessed on network termination.User haves no right to access these websites in the terminal beyond these specific mobile Internet terminals Inside perhaps service.Existing method for authenticating user identity can not meet the demand verified to these mobile Internet terminals.
The content of the invention
In view of drawbacks described above of the prior art or deficiency, expect that offer is a kind of and are not only able to test the identity of user Card, additionally it is possible to whether being conducted interviews on specific mobile Internet terminal the identity identifying method verified.
In a first aspect, the embodiment of the present application provides a kind of identity identifying method based on mobile Internet terminal, it is described Method includes:Receive user account and password that user is input into mobile Internet terminal;Based on password and the mobile interchange The intrinsic terminal iidentification of network termination, generates encrypted word;Send the user account and encrypted word to server, so as to server Each encrypted word associated by the user account for prestoring is compared;And authentication reception server result, if wherein sent Encrypted word to server is consistent with one of each encrypted word associated by the user account that server prestores, then server authentication Result is to pass through.
Second aspect, the embodiment of the present application additionally provides a kind of identity identifying method based on mobile Internet terminal, institute The method of stating includes:User account and encrypted word from mobile Internet terminal are received, wherein the encrypted word is based on account What password and the intrinsic terminal iidentification of the mobile Internet terminal were generated;By the user of the encrypted word of reception and the reception for prestoring Each encrypted word associated by account is compared;And if associated by the user account of the encrypted word and the reception for prestoring that receive One of each encrypted word it is consistent, then send the server authentication result that certification passes through to mobile Internet terminal.
The third aspect, the embodiment of the present application additionally provides a kind of identification authentication system based on mobile Internet terminal, institute Stating device includes:User account and password receiving unit, are configured to receive the user that user is input into mobile Internet terminal Account and password;Encrypted word generation unit, is configured to based on password and the intrinsic terminal iidentification of the mobile Internet terminal, Generation encrypted word;User account and encrypted word transmitting element, are configured to send the user account and encrypted word to server, So that each encrypted word associated by the user account that is prestored with server is compared;And server authentication result receives single Unit, is configured to authentication reception server result, if wherein being sent to the use that the encrypted word of server and server prestore One of each encrypted word associated by the account of family is consistent, then server authentication result is to pass through.
Fourth aspect, the embodiment of the present application additionally provides a kind of identification authentication system based on mobile Internet terminal, institute Stating device includes:User account and encrypted word receiving unit, are configured to receive the user account from mobile Internet terminal And encrypted word, wherein the encrypted word is based on the intrinsic terminal iidentification generation of account password and the mobile Internet terminal 's;Comparing unit, being configured to each encrypted word associated by the user account by the encrypted word of reception and the reception for prestoring is carried out Compare;And server authentication result transmitting element, if for the user account institute of the encrypted word for receiving and the reception for prestoring One of each encrypted word of association is consistent, then send the server authentication result that certification passes through to mobile Internet terminal.
5th aspect, the embodiment of the present application additionally provides a kind of equipment, including processor, memory and display;It is described Memory is included can be by the instruction of the computing device to cause the computing device:User is received at mobile Internet end Hold the user account and password of input;Based on password and the intrinsic terminal iidentification of the mobile Internet terminal, encrypted word is generated; The user account and encrypted word to server are sent, so as to each encrypted word associated by the user account that is prestored with server Compare;And authentication reception server result, if wherein be sent to the encrypted word of server and server prestores should One of each encrypted word associated by user account is consistent, then server authentication result is to pass through.
6th aspect, the embodiment of the present application additionally provides a kind of equipment, including processor, memory and display;It is described Memory is included can be by the instruction of the computing device to cause the computing device:Receive and come from mobile Internet terminal User account and encrypted word, wherein the encrypted word is based on account password and the intrinsic terminal of the mobile Internet terminal Mark generation;Each encrypted word associated by the user account of the encrypted word of reception and the reception for prestoring is compared;And If the encrypted word for receiving is consistent with one of each encrypted word associated by the user account of the reception for prestoring, to mobile Internet Terminal sends the server authentication result that certification passes through.
The embodiment of the present invention is verified according only to the password of user input, but based on password and mobile Internet The intrinsic terminal iidentification of terminal, generates encrypted word, is verified according to encrypted word.Because encrypted word is based on password and terminal mark Know generation, both contain subscriber identity information, and containing the information of the mobile Internet terminal where user's access website, play Not only checking user identity, also checking user whether the effect that is conducted interviews on specific mobile Internet terminal.
Brief description of the drawings
By the detailed description made to non-limiting example made with reference to the following drawings of reading, the application other Feature, objects and advantages will become more apparent upon:
Fig. 1 is shown in which that the exemplary system architecture of the embodiment of the present application can be applied;
Fig. 2 shows the authentication based on mobile Internet terminal according to the application one embodiment in client-side The exemplary process diagram of method;
Fig. 3 shows and recognized according to the identity based on mobile Internet terminal of the application another embodiment in client-side The exemplary process diagram of card method;
Fig. 4 shows the authentication based on mobile Internet terminal according to the application one embodiment in server side The exemplary process diagram of method;
Fig. 5 shows and recognized according to the identity based on mobile Internet terminal of the application another embodiment in server side The exemplary process diagram of card method;
Fig. 6 shows the authentication based on mobile Internet terminal according to the application one embodiment in client-side The exemplary block diagram of device;
Fig. 7 shows and recognized according to the identity based on mobile Internet terminal of the application another embodiment in client-side The exemplary block diagram of card method;
Fig. 8 shows the authentication based on mobile Internet terminal according to the application one embodiment in server side The exemplary block diagram of method;
Fig. 9 shows and recognized according to the identity based on mobile Internet terminal of the application another embodiment in server side The exemplary block diagram of card method;And
Figure 10 shows the structural representation of the computer system for being suitable to the server for realizing the application one embodiment Figure.
Figure 11 shows that the structure of the computer system for being suitable to the server for realizing the application another embodiment is shown It is intended to.
Specific embodiment
The application is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched The specific embodiment stated is used only for explaining related invention, rather than the restriction to the invention.It also should be noted that, in order to It is easy to description, the part related to invention is illustrate only in accompanying drawing.
It should be noted that in the case where not conflicting, the feature in embodiment and embodiment in the application can phase Mutually combination.Describe the application in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
Fig. 1 is refer to, it illustrates the exemplary system architecture 100 that can apply the embodiment of the present application.
As shown in figure 1, system architecture 100 can include terminal device 101,102, network 103 and server 104,105, 106 and 107.Network 103 is used in terminal device 101,102 and server 104, communication link is provided between 105,106,107 Medium.Network 103 can include various connection types, such as wired, wireless communication link or fiber optic cables etc..
User 110 can be interacted by network 103 with using terminal equipment 101,102 with server 104,105,106,107, To access various services, for example, browse webpage, downloading data etc..Various clients can be installed on terminal device 101,102 Using can for example access the application of uniform resource position mark URL cloud service, including but not limited to browser, safety applications etc..
Terminal device 101,102 can be various electronic equipments, including but not limited to PC, smart mobile phone, intelligence TV, panel computer, personal digital assistant, E-book reader etc..
Server 104,105,106,107 can be to provide the server of various services.Server can be in response to user Service request and service is provided.It is appreciated that a server can provide one or more service, same service also may be used To be provided by multiple servers.In embodiments herein, involved server can be included but is not limited to, and reptile is adjusted Degree server, dynamic crawler server, web page server, detection service device, image recognition server, semantic analysis server Deng.
It should be understood that the number of the terminal device, network and server in Fig. 1 is only schematical.According to realizing need Will, can have any number of terminal device, network and server.
The method that the embodiment of the present application is described below in conjunction with flow chart.
With reference to Fig. 2, it illustrates the authentication side based on mobile Internet terminal according to the application one embodiment The exemplary process diagram of method.Method shown in Fig. 2 can be in Fig. 1 terminal device client executing.
As shown in Fig. 2 in step 210, receiving user account and password that user is input into mobile Internet terminal.
, when the client of mobile Internet terminal accesses webpage, webpage can display reminding user input user account for user With the input frame of password.With in these input frames be input into user account and password, and confirm submit to, then client have received use User account and password that family is input into mobile Internet terminal.The user account and password are that user submits to when website is registered User account and password.After website is registered, the user account and password of submission are stored in server to user.
Then, in a step 220, based on password and the intrinsic terminal iidentification of the mobile Internet terminal, generation encryption Word.
Here, terminal iidentification can be exemplarily mobile device world identification code (IMEI), mobile device identification code (MEID), integrated circuit card identification code (ICCID) etc. can identify the information of terminal.
Algorithm based on the intrinsic terminal iidentification generation encrypted word of password and the mobile Internet terminal can use mesh General-purpose algorithm of the previous existence into encrypted word.
Then, in step 230, the user account and encrypted word to server are sent, to be prestored with server Each encrypted word associated by the user account is compared.
In one embodiment, each encrypted word associated by described user account for prestoring is respectively according to pre-input What the password associated with the user account and each terminal iidentification associated with the user account were generated.
For example, in user's registration, shown for being input into user account, password and desiring access to one of webpage to user Or the input frame of the terminal iidentification of multiple mobile Internet terminals (for example, the mobile phone of user, laptop computer, PDA etc.).Wish to visit Ask the terminal iidentification of one or more mobile Internet terminals of webpage i.e. as each terminal iidentification associated with the user account. User input frame fill in user account, password respectively and desire access to webpage one or more mobile Internet terminals end End mark.Additionally, it is desirable that the terminal iidentification for accessing one or more mobile Internet terminals of webpage can not also be defeated by user Enter, but specified by server.
Then, server is for the password associated with the user account and each with what the user account was associated that is input into Terminal iidentification generates one or more encrypted words respectively.For example, the terminal associated with the user account has three, it is respectively user Mobile phone, laptop computer, PDA.So, the terminal iidentification based on the password associated with the user account and the mobile phone of user, One encrypted word of generation;Terminal iidentification based on the password associated with the user account and the laptop computer of user, generation one Individual encrypted word.Terminal iidentification based on the password associated with the user account and the PDA of user, generates an encrypted word.
In one embodiment, based on user input the intrinsic terminal iidentification life of password and the mobile Internet terminal Each encrypted word associated by the user account that prestored with generation into encrypted word uses same algorithm.So, server exists When the encrypted word that client sends is compared with each encrypted word associated by the user account for prestoring, just with consistent Contrast basis.
After client sends the user account and encrypted word to server, server is by itself and the user's account for prestoring Each encrypted word associated by number is compared.For example, during the terminal associated with user account above has an example of three, by visitor The user account that family end sends and the terminal mark based on the password associated with the user account and the mobile phone of user for prestoring Know the encrypted word of generation, the terminal iidentification based on the password associated with the user account and the laptop computer of user to generate Encrypted word, the encrypted word of the terminal iidentification generation based on the password associated with the user account and the PDA of user are distinguished Compare.
In step S240, authentication reception server result, if wherein being sent to the encrypted word and server of server One of each encrypted word associated by the user account for prestoring is consistent, then server authentication result is to pass through.
For example, during the terminal associated with user account above has an example of three, if the encryption that client sends Encrypted word, base that word is generated with the terminal iidentification based on the password associated with the user account and the mobile phone of user for prestoring In the password and the laptop computer of user associated with the user account terminal iidentification generate encrypted word, based on the use Any one in the encrypted word of the terminal iidentification generation of the password of family account relating and the PDA of user is consistent, then explanation is used Mobile Internet terminal used by the current accessed webpage of family fills in the mobile Internet terminal specified when being user's registration, certification is led to Cross.
In one embodiment, if be sent to associated by the user account that the encrypted word of server and server prestore Each encrypted word it is all inconsistent, then server authentication result for failure.
For example, during the terminal associated with user account above has an example of three, if the encryption that client sends Encrypted word, base that word is generated with the terminal iidentification based on the password associated with the user account and the mobile phone of user for prestoring In the password and the laptop computer of user associated with the user account terminal iidentification generate encrypted word, based on the use The encrypted word of the terminal iidentification generation of the password of family account relating and the PDA of user is all inconsistent, then illustrate that user currently visits The mobile Internet terminal specified, authentification failure are filled in when asking that the mobile Internet terminal used by webpage is not user's registration.
In the case of authentification failure, information warning can be sent to client, otherwise represent the user of the access webpage It is or that disabled user, user conduct interviews on illegal mobile Internet terminal.Or, can be with this visit of user Information (including access time, user account, encrypted word etc.) is added to default alert list, so as to user as desired by Alert list traces the illegal login of the terminal of unauthorized.
As shown in figure 3, in another embodiment of the present invention, methods described includes step 212 also after step 210: The password for judging user input is account password or occasional password, wherein, it is the feelings of account password in the password of user input Under condition, step 220 is performed.
Under normal circumstances, account password is the password filled in when user as described above registers.Occasional password can be by User's (for example forgetting to be used during account password) or other users are used.When other users are logged in using occasional password, User can be by any-mode, such as by phone, short message, mailbox, instant messaging etc. by pre-set occasional password Inform above-mentioned other users.
When implementing, the input frame of account password and occasional password can be respectively provided with the login interface of webpage. It is to be input into password in which input frame according to user, it can be determined that the password of user input is account password or interim mouth Order.Or, the input frame of user account and password is set in the login interface of webpage, while setting password authentication and interim checking Two function options.According to the function options that user selects in login interface, the password for judging user input is account mouthful Order or occasional password.
In this embodiment, methods described also includes step 214:If the password of user input is occasional password, to clothes Business device sends the user account and occasional password.
The effect for sending occasional password to server is the checking for allowing server to carry out occasional password.For example, user forgets Account password, selects to obtain the function button of occasional password on login page.At this moment server sends interim to user mobile phone Password.User checks occasional password on mobile phone, and occasional password is filled on login page.Then client is sent out to server Send the user account and occasional password.If server judges the occasional password for receiving with it to user mobile phone transmission Occasional password is consistent, then by checking.
In this embodiment, methods described also includes step 216:In the occasional password in server side by checking In the case of, account password corresponding with user account is received from server, it is based on reception that encrypted word is generated wherein in step 220 Account password and terminal iidentification carry out.
In this embodiment, by step 212,214,216, realize and (for example forget account using occasional password in user Number password) in the case of, still can effectively complete the checking to user identity and mobile Internet terminal identity.
With reference to Fig. 4, it illustrates the authentication side based on mobile Internet terminal according to the application one embodiment The exemplary process diagram of method.Method shown in Fig. 4 can be in Fig. 1 server perform.
As shown in figure 4, in step 410, receiving user account and encrypted word from mobile Internet terminal, wherein institute It is based on the intrinsic terminal iidentification generation of account password and the mobile Internet terminal to state encrypted word.
, when the client of mobile Internet terminal accesses webpage, webpage can display reminding user input user account for user With the input frame of password.With in these input frames be input into user account and password, and confirm submit to, then client have received use User account and password that family is input into mobile Internet terminal.The user account and password are that user submits to when website is registered User account and password.After website is registered, the user account and password of submission are stored in server to user.
Terminal iidentification can be exemplarily mobile device the world identification code (IMEI), mobile device identification code (MEID), Integrated circuit card identification code (ICCID) etc. can identify the information of terminal.
Algorithm based on the intrinsic terminal iidentification generation encrypted word of password and the mobile Internet terminal can use mesh General-purpose algorithm of the previous existence into encrypted word.
Then, at step 420, by each encrypted word associated by the user account of the encrypted word of reception and the reception for prestoring Compare.
In one embodiment, each encrypted word associated by the user account of the reception for prestoring is respectively according to pre- defeated What the account password associated with the user account for entering and each terminal iidentification associated with the user account were generated.
For example, in user's registration, shown for being input into user account, password and desiring access to one of webpage to user Or the input frame of the terminal iidentification of multiple mobile Internet terminals (for example, the mobile phone of user, laptop computer, PDA etc.).Wish to visit Ask the terminal iidentification of one or more mobile Internet terminals of webpage i.e. as each terminal iidentification associated with the user account. User input frame fill in user account, password respectively and desire access to webpage one or more mobile Internet terminals end End mark.Additionally, it is desirable that the terminal iidentification for accessing one or more mobile Internet terminals of webpage can not also be defeated by user Enter, but specified by server.
Then, server is for the password associated with the user account and each with what the user account was associated that is input into Terminal iidentification generates one or more encrypted words respectively.For example, the terminal associated with the user account has three, it is respectively user Mobile phone, laptop computer, PDA.So, the terminal iidentification based on the password associated with the user account and the mobile phone of user, One encrypted word of generation;Terminal iidentification based on the password associated with the user account and the laptop computer of user, generation one Individual encrypted word.Terminal iidentification based on the password associated with the user account and the PDA of user, generates an encrypted word.
In one embodiment, each encrypted word associated by the user account of the reception for prestoring is to be based on and generation institute State reception encrypted word it is same algorithm generation.So, server is in the encrypted word for sending client and the use for prestoring When each encrypted word associated by the account of family is compared, just with consistent contrast basis.
The terminal associated with user account above has in the example of three, by the encrypted word of reception and the reception for prestoring Each encrypted word associated by user account is compared can so be carried out:By the encrypted word of reception with prestore based on the use The password of family account relating and the mobile phone of user terminal iidentification generation encrypted word, based on what is associated with the user account The encrypted word of the terminal iidentification generation of the laptop computer of password and user, based on the password associated with the user account and The encrypted word of the terminal iidentification generation of the PDA of user is compared respectively.
Then, in step 430, if each encryption associated by the user account of the encrypted word and the reception for prestoring that receive One of word is consistent, then send the server authentication result that certification passes through to mobile Internet terminal.
For example, during the terminal associated with user account above has an example of three, if the encrypted word for receiving with prestore Based on the password associated with the user account and the mobile phone of user terminal iidentification generation encrypted word, based on the use The password of family account relating and the laptop computer of user terminal iidentification generation encrypted word, based on the user account close Any one in the encrypted word of the terminal iidentification generation of the password of connection and the PDA of user is consistent, then illustrate that user currently visits The mobile Internet terminal specified is filled in when asking that the mobile Internet terminal used by webpage is user's registration, certification passes through.
In one embodiment, as shown in figure 5, methods described also includes step 440:If being sent to the encryption of server Each encrypted word associated by the user account that word and server prestore is all inconsistent, then server authentication result is failure.
For example, during the terminal associated with user account above has an example of three, if the encrypted word for receiving with prestore Based on the password associated with the user account and the mobile phone of user terminal iidentification generation encrypted word, based on the use The password of family account relating and the laptop computer of user terminal iidentification generation encrypted word, based on the user account close The encrypted word of the terminal iidentification generation of the password of connection and the PDA of user is all inconsistent, then illustrate user's current accessed webpage institute Mobile Internet terminal fills in the mobile Internet terminal specified, authentification failure when not being user's registration.
In the case of authentification failure, information warning can be sent to client, otherwise represent the user of the access webpage It is or that disabled user, user conduct interviews on illegal mobile Internet terminal.Or, can be with this visit of user Information (including access time, user account, encrypted word etc.) is added to default alert list, so as to user as desired by Alert list traces the illegal login of the terminal of unauthorized.
As shown in figure 5, in another embodiment of the present invention, methods described also includes step before step 410 402-406。
In step 402, user account and occasional password from mobile Internet terminal are received.
Under normal circumstances, account password is the password filled in when user as described above registers.Occasional password can be by User's (for example forgetting to be used during account password) or other users are used.When other users are logged in using occasional password, User can be by any-mode, such as by phone, short message, mailbox, instant messaging etc. by pre-set occasional password Inform above-mentioned other users.
When implementing, the input frame of account password and occasional password can be respectively provided with the login interface of webpage. It is to be input into password in which input frame according to user, it can be determined that the password of user input is account password or interim mouth Order.Or, the input frame of user account and password is set in the login interface of webpage, while setting password authentication and interim checking Two function options.According to the function options that user selects in login interface, the password for judging user input is account mouthful Order or occasional password.
In step 404, user account and occasional password are verified.
For example, user forgets account password, select to obtain the function button of occasional password on login page.At this moment service Device sends occasional password to user mobile phone.User checks occasional password on mobile phone, and occasional password is filled on login page. Then client sends the user account and occasional password to server.If server judges the occasional password for receiving It is consistent to the occasional password that user mobile phone sends with it, then by checking.
In a step 406, if the verification passes, account mouthful corresponding with user account is sent to mobile Internet terminal Order.
In this embodiment, by step 402,404,406, realize and (for example forget account using occasional password in user Number password) in the case of, still can effectively complete the checking to user identity and mobile Internet terminal identity.
It should be noted that although the operation of the inventive method is described with particular order in the accompanying drawings, this is not required that Or imply that these must be performed according to the particular order operates, or the operation having to carry out shown in whole could realize the phase The result of prestige.Conversely, the step of describing in flow chart can change execution sequence.Additionally or alternatively, it is convenient to omit some Multiple steps are merged into a step and performed, and/or a step is decomposed into execution of multiple steps by step.
With further reference to Fig. 6, it illustrates according to the application one embodiment in client based on mobile Internet The exemplary block diagram of the identification authentication system 600 of terminal.Described device 600 includes:User account and password receiving unit 610, it is configured to receive user account and password that user is input into mobile Internet terminal;Encrypted word generation unit 620, matches somebody with somebody Put for based on password and the intrinsic terminal iidentification of the mobile Internet terminal, generating encrypted word;User account and encrypted word Transmitting element 630, is configured to send the user account and encrypted word to server, so as to the user prestored with server Each encrypted word associated by account is compared;And server authentication result receiving unit 640, it is configured to the reception server Authentication result, if wherein each encrypted word being sent to associated by the user account that the encrypted word of server and server prestore One of it is consistent, then server authentication result is to pass through.
Alternatively, if each encryption being sent to associated by the user account that the encrypted word of server and server prestore Word is all inconsistent, then server authentication result is failure.
Alternatively, as shown in fig. 7, described device 600 also includes:
Judging unit 612, is configured in reception user after the user account and password that mobile Internet terminal is input into, The password for judging user input is account password or occasional password, wherein, password of the encrypted word generation unit in user input In the case of being account password, the encrypted word is generated.
Alternatively, as shown in fig. 7, described device 600 also includes:
User account and occasional password transmitting element 614, if the password for being configured to user input is occasional password, to Server sends the user account and occasional password;
Account password receiving unit 616, is configured in the case where the occasional password passes through checking in server side, Account password corresponding with user account is received from server, wherein the step of generation encrypted word is based on the account for receiving What password and terminal iidentification were carried out.
Alternatively, each encrypted word associated by described user account for prestoring is respectively according to pre-input and the user What the password of account relating and each terminal iidentification associated with the user account were generated.
Alternatively, the encrypted word generation unit is configured to based on each associated by the user account prestored with generation The same algorithm generation encrypted word of encrypted word.
With further reference to Fig. 8, it illustrates according to the application one embodiment in server based on mobile Internet The exemplary block diagram of the identification authentication system 800 of terminal.Described device 800 includes:User account and encrypted word receive single Unit 810, is configured to receive user account and encrypted word from mobile Internet terminal, wherein the encrypted word is based on account Number password and the intrinsic terminal iidentification generation of the mobile Internet terminal;Comparing unit 820, was configured to adding for receiving Each encrypted word associated by the user account of close word and the reception for prestoring is compared;And server authentication result transmitting element 830, if the encrypted word for receiving is consistent with one of each encrypted word associated by the user account of the reception for prestoring, to shifting Dynamic internet terminal sends the server authentication result that certification passes through.
Alternatively, server authentication result transmitting element 830 is further configured to:
If each encrypted word associated by the encrypted word for receiving and the user account of the reception for prestoring is all inconsistent, to shifting Dynamic internet terminal sends the server authentication result of authentification failure.
Alternatively, as shown in figure 9, described device 800 also includes:
User account and occasional password receiving unit 802, are configured to receiving the user from mobile Internet terminal User account and occasional password from mobile Internet terminal are received before account and encrypted word;
Authentication unit 804, is configured to verify user account and occasional password;
Account password transmitting element 806, is configured to if the verification passes, be sent and user's account to mobile Internet terminal Number corresponding account password.
Alternatively, each encrypted word associated by the user account of the reception for prestoring be respectively according to pre-input and this What the account password of user account association and each terminal iidentification associated with the user account were generated.
Alternatively, each encrypted word associated by the user account of the reception for prestoring based on generate the reception The same algorithm generation of encrypted word.
It should be appreciated that all subelements in Fig. 6-9 in identification authentication system 600 or 800 and the side with reference to Fig. 2-Fig. 5 descriptions Each step in method is corresponding.Thus, the operation and feature above with respect to method description is equally applicable to identification authentication system 600 or 800 and the unit that wherein includes, will not be repeated here.
Below with reference to Figure 10, it illustrates the computer system 1000 for being suitable to the client for realizing the embodiment of the present application Structural representation.
As shown in Figure 10, computer system 1000 includes CPU (CPU) 1001, and it can be according to storage only Read the program in memory (ROM) 1002 or be loaded into random access storage device (RAM) 1003 from storage part 1008 Program and perform various appropriate actions and treatment.In RAM 1003, the system that is also stored with 1000 operates required various journeys Sequence and data.CPU 1001, ROM 1002 and RAM 1003 are connected with each other by bus 1004.Input/output (I/O) interface 1005 are also connected to bus 1004.
I/O interfaces 1005 are connected to lower component:Including the importation 1006 of keyboard, mouse etc.;Including such as negative electrode The output par, c 1007 of ray tube (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage part including hard disk etc. 1008;And the communications portion 1009 of the NIC including LAN card, modem etc..Communications portion 1009 is passed through Communication process is performed by the network of such as internet.Driver 1010 is also according to needing to be connected to I/O interfaces 1005.It is detachable to be situated between Matter 1011, such as disk, CD, magneto-optic disk, semiconductor memory etc., as needed on driver 1010, so as to Storage part 1008 is mounted into as needed in the computer program for reading from it.
Especially, in accordance with an embodiment of the present disclosure, the process above with reference to Fig. 2-Fig. 3 descriptions may be implemented as computer Software program.For example, embodiment of the disclosure includes a kind of computer program product, it includes being tangibly embodied in machine readable Computer program on medium, program code of the computer program comprising the method for performing Fig. 2-Fig. 3.Such In embodiment, the computer program can be downloaded and installed by communications portion 1009 from network, and/or be situated between from detachable Matter 1011 is mounted.
Below with reference to Figure 11, it illustrates the computer system 1100 for being suitable to the client for realizing the embodiment of the present application Structural representation.
As shown in figure 11, computer system 1100 includes CPU (CPU) 1101, and it can be according to storage only Read the program in memory (ROM) 1102 or be loaded into random access storage device (RAM) 1103 from storage part 1108 Program and perform various appropriate actions and treatment.In RAM 1103, the system that is also stored with 1100 operates required various journeys Sequence and data.CPU 1101, ROM 1102 and RAM 1103 are connected with each other by bus 1104.Input/output (I/O) interface 1105 are also connected to bus 1104.
I/O interfaces 1105 are connected to lower component:Including the importation 1106 of keyboard, mouse etc.;Including such as negative electrode The output par, c 1107 of ray tube (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage part including hard disk etc. 1108;And the communications portion 1109 of the NIC including LAN card, modem etc..Communications portion 1109 is passed through Communication process is performed by the network of such as internet.Driver 1110 is also according to needing to be connected to I/O interfaces 1105.It is detachable to be situated between Matter 1111, such as disk, CD, magneto-optic disk, semiconductor memory etc., as needed on driver 1110, so as to Storage part 1108 is mounted into as needed in the computer program for reading from it.
Especially, in accordance with an embodiment of the present disclosure, the process above with reference to Fig. 4-Fig. 5 descriptions may be implemented as computer Software program.For example, embodiment of the disclosure includes a kind of computer program product, it includes being tangibly embodied in machine readable Computer program on medium, program code of the computer program comprising the method for performing Fig. 4-Fig. 5.Such In embodiment, the computer program can be downloaded and installed by communications portion 1109 from network, and/or be situated between from detachable Matter 1111 is mounted.
Flow chart and block diagram in accompanying drawing, it is illustrated that according to the system of various embodiments of the invention, method and computer journey The architectural framework in the cards of sequence product, function and operation.At this point, each square frame in flow chart or block diagram can generation One part for module, program segment or code of table a, part for the module, program segment or code includes one or more Executable instruction for realizing the logic function of regulation.It should also be noted that in some realizations as replacement, institute in square frame The function of mark can also occur with different from the order marked in accompanying drawing.For example, two square frame reality for succeedingly representing On can perform substantially in parallel, they can also be performed in the opposite order sometimes, and this is depending on involved function.Also It is noted that the combination of the square frame in each square frame and block diagram and/or flow chart in block diagram and/or flow chart, Ke Yiyong Perform the function of regulation or the special hardware based system of operation to realize, or can be referred to computer with specialized hardware The combination of order is realized.
Being described in unit involved in the embodiment of the present application or module can be realized by way of software, it is also possible to Realized by way of hardware.Described unit or module can also be set within a processor.These units or module Title does not constitute the restriction to the unit or module in itself under certain conditions.
As on the other hand, present invention also provides a kind of computer-readable recording medium, the computer-readable storage medium Matter can be the computer-readable recording medium included in device described in above-described embodiment;Can also be individualism, not It is fitted into the computer-readable recording medium in equipment.Computer-readable recording medium storage has one or more than one journey Sequence, described program is used for performing the formula input method for being described in the application by one or more than one processor.
Above description is only the preferred embodiment and the explanation to institute's application technology principle of the application.People in the art Member is it should be appreciated that involved invention scope in the application, however it is not limited to the technology of the particular combination of above-mentioned technical characteristic Scheme, while should also cover in the case where the inventive concept is not departed from, is carried out by above-mentioned technical characteristic or its equivalent feature Other technical schemes for being combined and being formed.Such as features described above has similar work(with (but not limited to) disclosed herein The technical scheme that the technical characteristic of energy is replaced mutually and formed.

Claims (24)

1. a kind of identity identifying method based on mobile Internet terminal, it is characterised in that methods described includes:
Receive user account and password that user is input into mobile Internet terminal;
Based on password and the intrinsic terminal iidentification of the mobile Internet terminal, encrypted word is generated;
Send the user account and encrypted word to server, so as to associated by the user account that is prestored with server respectively plus Close word is compared;And
Authentication reception server result, if wherein being sent to the user account institute that the encrypted word of server and server prestore One of each encrypted word of association is consistent, then server authentication result is to pass through.
2. method according to claim 1, it is characterised in that if being sent to the encrypted word of server and server prestores The user account associated by each encrypted word it is all inconsistent, then server authentication result for failure.
3. method according to claim 1, it is characterised in that methods described also includes:User is being received in mobile interchange After the user account and password of network termination input, the password for judging user input is account password or occasional password, wherein, In the case that the password of user input is account password, perform it is described generation encrypted word the step of.
4. method according to claim 3, it is characterised in that methods described also includes:
If the password of user input is occasional password, the user account and occasional password are sent to server;
In the case where the occasional password passes through checking in server side, account corresponding with user account is received from server Password, wherein the step of generation encrypted word is carried out based on the account password and terminal iidentification for receiving.
5. method according to claim 1, it is characterised in that each encrypted word associated by described user account for prestoring It is the password associated with the user account respectively according to pre-input and each terminal iidentification generation associated with the user account 's.
6. method according to claim 5, it is characterised in that be based on being prestored with generation the step of the generation encrypted word The user account associated by each encrypted word same algorithm carry out.
7. a kind of identity identifying method based on mobile Internet terminal, it is characterised in that methods described includes:
User account and encrypted word from mobile Internet terminal are received, wherein the encrypted word is based on account password and institute State the intrinsic terminal iidentification generation of mobile Internet terminal;
Each encrypted word associated by the user account of the encrypted word of reception and the reception for prestoring is compared;And
If the encrypted word for receiving is consistent with one of each encrypted word associated by the user account of the reception for prestoring, to mobile mutual Networked terminals send the server authentication result that certification passes through.
8. method according to claim 7, it is characterised in that methods described also includes:
If each encrypted word associated by the encrypted word for receiving and the user account of the reception for prestoring is all inconsistent, to mobile mutual Networked terminals send the server authentication result of authentification failure.
9. method according to claim 7, it is characterised in that receive user account from mobile Internet terminal and Before encrypted word, methods described also includes:
Receive user account and occasional password from mobile Internet terminal;
User account and occasional password are verified;
If the verification passes, account password corresponding with user account is sent to mobile Internet terminal.
10. method according to claim 7, it is characterised in that each associated by the user account of the reception for prestoring Encrypted word is the account password associated with the user account and each end associated with the user account respectively according to pre-input End mark generation.
11. methods according to claim 10, it is characterised in that each associated by the user account of the reception for prestoring Encrypted word is generated based on the algorithm same with the encrypted word for generating the reception.
12. a kind of identification authentication systems based on mobile Internet terminal, it is characterised in that described device includes:
User account and password receiving unit, are configured to receive user account and mouth that user is input into mobile Internet terminal Order;
Encrypted word generation unit, is configured to based on password and the intrinsic terminal iidentification of the mobile Internet terminal, and generation adds Close word;
User account and encrypted word transmitting element, are configured to send the user account and encrypted word to server, so as to Each encrypted word associated by the user account that server prestores is compared;And
Server authentication result receiving unit, is configured to authentication reception server result, if wherein being sent to server Encrypted word is consistent with one of each encrypted word associated by the user account that server prestores, then server authentication result is logical Cross.
13. devices according to claim 12, it is characterised in that if the encrypted word for being sent to server is pre- with server Each encrypted word associated by the user account deposited is all inconsistent, then server authentication result is failure.
14. devices according to claim 12, it is characterised in that described device also includes:
Judging unit, is configured to receiving user after the user account and password that mobile Internet terminal is input into, and judges to use The password of family input is account password or occasional password, wherein, encrypted word generation unit is account in the password of user input In the case of password, the encrypted word is generated.
15. devices according to claim 14, it is characterised in that described device also includes:
User account and occasional password transmitting element, if the password for being configured to user input is occasional password, to server Send the user account and occasional password;
Account password receiving unit, is configured in the case where the occasional password passes through checking in server side, from service Device receives corresponding with user account account password, wherein the step of generation encrypted word be based on the account password for receiving with What terminal iidentification was carried out.
16. devices according to claim 12, it is characterised in that each encryption associated by described user account for prestoring Word is the password associated with the user account and each terminal iidentification life associated with the user account respectively according to pre-input Into.
17. devices according to claim 16, it is characterised in that the encrypted word generation unit is configured to be based on and life The same algorithm generation encrypted word of each encrypted word associated by the user account for prestoring.
18. a kind of identification authentication systems based on mobile Internet terminal, it is characterised in that described device includes:
User account and encrypted word receiving unit, are configured to receive the user account from mobile Internet terminal and encryption Word, wherein the encrypted word is based on the intrinsic terminal iidentification generation of account password and the mobile Internet terminal;
Comparing unit, being configured to each encrypted word associated by the user account by the encrypted word of reception and the reception for prestoring is carried out Compare;And
Server authentication result transmitting element, if for receive encrypted word and the reception for prestoring user account associated by One of each encrypted word is consistent, then send the server authentication result that certification passes through to mobile Internet terminal.
19. devices according to claim 18, it is characterised in that server authentication result transmitting element further configures use In:
If each encrypted word associated by the encrypted word for receiving and the user account of the reception for prestoring is all inconsistent, to mobile mutual Networked terminals send the server authentication result of authentification failure.
20. devices according to claim 18, it is characterised in that described device also includes:
User account and occasional password receiving unit, are configured in the user account received from mobile Internet terminal and add User account and occasional password from mobile Internet terminal are received before close word;
Authentication unit, is configured to verify user account and occasional password;
Account password transmitting element, is configured to if the verification passes, send corresponding with user account to mobile Internet terminal Account password.
21. devices according to claim 17, it is characterised in that each associated by the user account of the reception for prestoring Encrypted word is the account password associated with the user account and each end associated with the user account respectively according to pre-input End mark generation.
22. devices according to claim 21, it is characterised in that each associated by the user account of the reception for prestoring Encrypted word is generated based on the algorithm same with the encrypted word for generating the reception.
A kind of 23. equipment, including processor, memory and display;It is characterized in that:
The memory is included can be by the instruction of the computing device to cause the computing device:
Receive user account and password that user is input into mobile Internet terminal;
Based on password and the intrinsic terminal iidentification of the mobile Internet terminal, encrypted word is generated;
Send the user account and encrypted word to server, so as to associated by the user account that is prestored with server respectively plus Close word is compared;And
Authentication reception server result, if wherein being sent to the user account institute that the encrypted word of server and server prestore One of each encrypted word of association is consistent, then server authentication result is to pass through.
A kind of 24. equipment, including processor, memory and display;It is characterized in that:
The memory is included can be by the instruction of the computing device to cause the computing device:
User account and encrypted word from mobile Internet terminal are received, wherein the encrypted word is based on account password and institute State the intrinsic terminal iidentification generation of mobile Internet terminal;
Each encrypted word associated by the user account of the encrypted word of reception and the reception for prestoring is compared;And
If the encrypted word for receiving is consistent with one of each encrypted word associated by the user account of the reception for prestoring, to mobile mutual Networked terminals send the server authentication result that certification passes through.
CN201611021727.3A 2016-11-21 2016-11-21 Identity authentication method and device based on mobile Internet terminal Pending CN106712933A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611021727.3A CN106712933A (en) 2016-11-21 2016-11-21 Identity authentication method and device based on mobile Internet terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611021727.3A CN106712933A (en) 2016-11-21 2016-11-21 Identity authentication method and device based on mobile Internet terminal

Publications (1)

Publication Number Publication Date
CN106712933A true CN106712933A (en) 2017-05-24

Family

ID=58940983

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611021727.3A Pending CN106712933A (en) 2016-11-21 2016-11-21 Identity authentication method and device based on mobile Internet terminal

Country Status (1)

Country Link
CN (1) CN106712933A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110099091A (en) * 2018-01-27 2019-08-06 燕静勇 The system and method for remote service are provided
CN111340603A (en) * 2020-05-15 2020-06-26 支付宝(杭州)信息技术有限公司 Object processing method and device
CN112564908A (en) * 2021-02-18 2021-03-26 北京声智科技有限公司 Device registration method and device, electronic device, server and readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN201467167U (en) * 2009-08-07 2010-05-12 薛明 Password encoder and password protection system
CN102118743A (en) * 2011-03-02 2011-07-06 中兴通讯股份有限公司 Method and system for logging onto online bank with mobile phone, and bank server
CN103200160A (en) * 2012-01-10 2013-07-10 上海易狄欧电子科技有限公司 Method and system of digital copyright sharing among a plurality of user devices
CN104468108A (en) * 2013-09-18 2015-03-25 上海耕云供应链管理有限公司 User identity authentication system and user identity authentication method based on barcode
CN105530224A (en) * 2014-09-30 2016-04-27 中国电信股份有限公司 Method and device for terminal authentication
CN106034123A (en) * 2015-03-17 2016-10-19 中国移动通信集团湖北有限公司 Authentication method, application system server and client

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN201467167U (en) * 2009-08-07 2010-05-12 薛明 Password encoder and password protection system
CN102118743A (en) * 2011-03-02 2011-07-06 中兴通讯股份有限公司 Method and system for logging onto online bank with mobile phone, and bank server
CN103200160A (en) * 2012-01-10 2013-07-10 上海易狄欧电子科技有限公司 Method and system of digital copyright sharing among a plurality of user devices
CN104468108A (en) * 2013-09-18 2015-03-25 上海耕云供应链管理有限公司 User identity authentication system and user identity authentication method based on barcode
CN105530224A (en) * 2014-09-30 2016-04-27 中国电信股份有限公司 Method and device for terminal authentication
CN106034123A (en) * 2015-03-17 2016-10-19 中国移动通信集团湖北有限公司 Authentication method, application system server and client

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110099091A (en) * 2018-01-27 2019-08-06 燕静勇 The system and method for remote service are provided
CN111340603A (en) * 2020-05-15 2020-06-26 支付宝(杭州)信息技术有限公司 Object processing method and device
CN112564908A (en) * 2021-02-18 2021-03-26 北京声智科技有限公司 Device registration method and device, electronic device, server and readable storage medium
CN112564908B (en) * 2021-02-18 2021-08-24 北京声智科技有限公司 Device registration method and device, electronic device, server and readable storage medium

Similar Documents

Publication Publication Date Title
US8136145B2 (en) Network authentication for accessing social networking system information by a third party application
US9641513B2 (en) Methods and systems for controlling mobile terminal access to a third-party server
US8495720B2 (en) Method and system for providing multifactor authentication
US9300653B1 (en) Delivery of authentication information to a RESTful service using token validation scheme
US8910256B2 (en) Form filling with digital identities, and automatic password generation
CN107070945B (en) Identity login method and equipment
CN101911585B (en) Selective authorization based on authentication input attributes
US9059984B2 (en) Authenticating an auxiliary device from a portable electronic device
US10846432B2 (en) Secure data leak detection
US20080015986A1 (en) Systems, methods and computer program products for controlling online access to an account
US9003540B1 (en) Mitigating forgery for active content
US10601809B2 (en) System and method for providing a certificate by way of a browser extension
US20150254450A1 (en) Disposition engine for single sign on (sso) requests
EP1961185A1 (en) Method, apparatus and program products for custom authentication of a principal in a federation by an identity provider
CN103685139A (en) Authentication and authorization processing method and device
US11811750B2 (en) Mobile device enabled desktop tethered and tetherless authentication
WO2010149222A1 (en) Attribute management
JP2008242926A (en) Authentication system, authentication method and authentication program
CN108810896A (en) The connection authentication method and device of wireless access point
CN106712933A (en) Identity authentication method and device based on mobile Internet terminal
CA2844888A1 (en) System and method of extending a host website
JP2016115260A (en) Authority transfer system, authorization server used for authority transfer system, resource server, client, mediation device, authority transfer method and program
US20100250607A1 (en) Personal information management apparatus and personal information management method
US7836510B1 (en) Fine-grained attribute access control
Al-Sinani et al. Client-based cardspace-openid interoperation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 100083 Beijing, Haidian District Xueyuan Road 30 days building A 20 floor

Applicant after: Beijing Bang Bang Safety Technology Co. Ltd.

Address before: 100083 Beijing, Haidian District Xueyuan Road 30 days building A 20 floor

Applicant before: Yangpuweiye Technology Limited

CB02 Change of applicant information
RJ01 Rejection of invention patent application after publication

Application publication date: 20170524

RJ01 Rejection of invention patent application after publication