CN106850699A - A kind of mobile terminal login authentication method and system - Google Patents
A kind of mobile terminal login authentication method and system Download PDFInfo
- Publication number
- CN106850699A CN106850699A CN201710229518.6A CN201710229518A CN106850699A CN 106850699 A CN106850699 A CN 106850699A CN 201710229518 A CN201710229518 A CN 201710229518A CN 106850699 A CN106850699 A CN 106850699A
- Authority
- CN
- China
- Prior art keywords
- app
- mobile terminal
- token
- key
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Abstract
The invention provides a kind of mobile terminal login authentication method and system, for carrying out login authentication to the APP on mobile terminal, method includes:Receive the logging request of APP;The transaction token including user login information of mobile terminal storage is obtained according to the logging request and is sent to APP servers;Receive the dynamic key application request of the APP servers and safety verification is carried out to the APP servers and send token dynamic key to the APP servers by the safety verification;APP servers parse the transaction token and obtain user login information and send to APP completion login authentications the user login information according to the token dynamic key.Realize the unified identity authentication of mobile terminal.Key medium is used, by key encrypted and digitally signed technology, the token information in generation authentication procedures lifts the security of whole certification link, and improve convenience and experience effect that mobile terminal is used.
Description
Technical field
Concretely it is a kind of mobile terminal login authentication method and system the present invention relates to safe practice.
Background technology
With the high speed development of mobile Internet, mobile office turns into enterprise's future important development trend, and enterprises are moved
The APP applications of moved end also increase therewith.Due to lacking unified planning and management, the independent APP applications of these dispersions fail to
User brings experience well, and its login security and management regulation also bring challenge higher to enterprise, specific main body
It is now following some:
Because these APP applications each use independent ID authentication mechanism, cause user when logging in, be required to
Input username and password is verified.For a user, the certification of these APP all uses the corresponding user name of enterprises
And password, it is required for repeatedly inputting relatively complicated, ease for use deficiency every time.
Because these APP applications are using the authentication management module of each exploitation, there is login security requirement not
One phenomenon, while being also unfavorable for the unified planning and management of enterprises security.
Because the authentication module of these APP applications is safeguarded by different team respectively, the cost that subsequent upgrade is safeguarded
Height, the convenience of upgrading is not enough, it is impossible to effective to save business manpower cost.
In sum, the different complicated authentication treatment of many application software, on the one hand allows user to feel more inconvenience,
The development difficulty of software developer is also improved, maintenance cost, different application repeats identical authentication module and also occupies movement
The storage resource at end.
The content of the invention
For the APP applications on mobile terminal provide a kind of unified authentication login method, certification user profile is realized
It is shared, a kind of mobile terminal login authentication method is the embodiment of the invention provides, for being stepped on to the APP on mobile terminal
Record certification, method includes:
Receive the logging request of APP;
The transaction token including user login information of mobile terminal storage is obtained according to the logging request and is sent extremely
APP servers;
Receive the dynamic key application request of the APP servers and safety verification is carried out to the APP servers to logical
The APP servers for crossing the safety verification send token dynamic key;
APP servers parse the transaction token according to the token dynamic key and obtain user login information and by described in
User login information sends to APP and completes login authentication.
In the embodiment of the present invention, the logging request includes:APP application unique marks, the APP applications unique mark is
The key title of APP applications.
In the embodiment of the present invention, the user login information includes:User name, password, the login stored when logining successfully
Time, mobile device sequence number.
In the embodiment of the present invention, it is described according to the logging request obtain mobile terminal store including user login information
Transaction token and sending to APP servers include:
Judge whether mobile terminal stores the transaction token including user login information;
Determine the transaction token including user login information that is stored with the mobile terminal, the transaction token is sent
To APP servers.
In the embodiment of the present invention, it is described according to the logging request obtain mobile terminal store including user login information
Transaction token and sending to APP servers also include:
When determining there is no store transaction token in the mobile terminal, user name, the password of user input are verified;
This login corresponding dynamic key pair of generation correspondence when the user name of checking user input, password are correct;
Transaction token is generated according to dynamic key pair and user login information by token generating algorithm;
The transaction token is stored to mobile terminal internal memory.
In the embodiment of the present invention, the dynamic key application of the described reception APP servers is asked and the APP is taken
Business device carries out safety verification to be included to the APP servers transmission token dynamic key by the safety verification:
Obtain the APP application unique marks in the dynamic key application request of APP servers;
The public key of APP is determined according to the APP applications unique mark;
Dynamic key application request is decrypted using the public key of the APP for determining, decryption determines APP servers after passing through
By safety verification;
Token dynamic key is sent to the APP servers by the safety verification.
In the embodiment of the present invention, described method also includes:
APP applications on to mobile terminal are registered, and generate and store the key information of APP applications, the key
Information includes:Public key, private key, and key name is referred to as the unique mark of APP applications.
Meanwhile, the present invention also provides a kind of mobile terminal accession authorization system, for the APP's on mobile terminal device
Login authentication is carried out, including:Identification authentication system and authentication server;
Identification authentication system includes:
Logging request receiver module, the logging request for receiving APP;
Token acquisition module, includes the transaction token of user login information and sends extremely for being obtained according to logging request
APP servers;
Authentication server includes:
APP server authentication modules, the dynamic key application for receiving the APP servers is asked and to the APP
Server carries out safety verification;
Token key sending module, token dynamic key is sent to the APP servers by the safety verification;
APP servers parse the transaction token according to the token dynamic key and obtain user login information and by described in
User login information sends to APP and completes login authentication.
In the embodiment of the present invention, the token acquisition module includes:
Judging unit, for judging whether mobile terminal stores the transaction token including user login information;
Transmitting element, determines the transaction token including user login information that is stored with the mobile terminal, by the friendship
Easy token is sent to APP servers.
In the embodiment of the present invention, the token acquisition module also includes:
Password authentication unit, when determining not having store transaction token in the mobile terminal, for the use to user input
Name in an account book, password are verified;
Key is right for generating corresponding this login when verifying that the user name of user input, password are correct to generation unit
The dynamic key pair answered;
Token generation unit, for generating transaction according to dynamic key pair and user login information by token generating algorithm
Token, and the transaction token is stored to mobile terminal internal memory.
In the embodiment of the present invention, described APP server authentication modules include:
Mark acquiring unit, the APP applications during the dynamic key application for obtaining APP servers is asked uniquely are marked
Know;
Public key determining unit, the public key for determining APP according to the APP applications unique mark;
Decryption unit, is decrypted using the public key of the APP for determining to dynamic key application request, and decryption determines after passing through
APP servers pass through safety verification.
In the embodiment of the present invention, described identification authentication system also includes:
Registering modules, for being registered to the APP applications on mobile terminal, the key information of generation APP applications is described
Key information includes:Public key, private key, and key name is referred to as the unique mark of APP applications.
In the embodiment of the present invention, described authentication server of stating also includes:
Memory module, the key information of the APP applications for storing registration.
The present invention provides a kind of mobile terminal identity logs Verification System and method, and multiple APP applications are used in this programme
Unified identification authentication mode, realizes the shared of certification user profile, once logs in repeatedly effectively.In certification link, using close
Key encrypted and digitally signed technology generation on-fixed length, unique, anti-tamper token, and using anti-in ciphering process
The dynamic key of request is forged, further the security of lifting certification link.Meanwhile, in authentication server back-end data
Storehouse, by unified record logging request relevant information, realizes the control of multiple devices repeat logon.
It is that above and other objects, features and advantages of the invention can be become apparent, preferred embodiment cited below particularly,
And coordinate institute's accompanying drawings, it is described in detail below.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
The flow chart of the mobile terminal login authentication method that Fig. 1 is provided for the present invention;
Fig. 2 is a kind of structured flowchart of mobile terminal accession authorization system of the invention;
Fig. 3 is a kind of identity authorization system block architecture diagram of mobile terminal in the embodiment of the present invention;
Fig. 4 is authentication module structure chart in the embodiment of the present invention;
Fig. 5 is token management function structure chart in the embodiment of the present invention;
Fig. 6 is key management module structure in the embodiment of the present invention;
Fig. 7 is the flow chart of the identity identifying method embodiment of mobile terminal in one embodiment of the invention;
Fig. 8 is the flow chart of the identity identifying method embodiment of mobile terminal in one embodiment of the invention;
The flow chart of the identity identifying method embodiment of mobile terminal in Fig. 9 one embodiment of the invention;
The flow chart of the identity identifying method embodiment of mobile terminal in Figure 10 one embodiment of the invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.It is based on
Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under the premise of creative work is not made
Embodiment, belongs to the scope of protection of the invention.
A kind of mobile terminal login authentication method that the present invention is provided, recognizes for carrying out login to the APP on mobile terminal
Card, as shown in figure 1, be the flow chart of the mobile terminal login authentication method for providing of the invention, including:
Step S1001, receives the logging request of APP;
Step S1002, the order of the transaction including user login information that mobile terminal is stored is obtained according to the logging request
Board is simultaneously sent to APP servers;
Step S1003, receives the dynamic key application request of the APP servers and the APP servers is pacified
Full checking send token dynamic key to the APP servers by the safety verification;
Step S1004, APP server parses the transaction token and obtains User logs in letter according to the token dynamic key
Cease and send to APP the user login information and complete login authentication.
Meanwhile, the present invention also provides a kind of mobile terminal accession authorization system, its structured flowchart as shown in Fig. 2 for right
APP204's on mobile terminal device 203 carries out login authentication, including:Identification authentication system 201 and identity authentication service
Device 202;Wherein,
Described identification authentication system 201 includes:
Logging request receiver module, the logging request for receiving APP;
Token acquisition module, includes the transaction token of user login information and sends for being obtained according to the logging request
To APP servers;
The authentication server 202 includes:
APP server authentication modules, the dynamic key application for receiving the APP servers is asked and to the APP
Server carries out safety verification;
Token key sending module, token dynamic key is sent to the APP servers by the safety verification;
APP servers parse the transaction token according to the token dynamic key and obtain user login information and by described in
User login information sends to APP and completes login authentication.
Instant invention overcomes many APP application identities certification ease for use in existing mobile terminal, security and safeguard convenience etc. side
A kind of some problems in face, it is proposed that mobile terminal authentication system and method, realize the unified identity authentication of mobile terminal.Separately
Outward, key medium is used, by key encrypted and digitally signed technology, the token information in generation authentication procedures is lifted whole
The security of individual certification link, and improve convenience and experience effect that mobile terminal is used.With reference to specific implementation
Example is described in further detail to technical scheme.
Fig. 3 is a kind of identity authorization system Organization Chart of mobile terminal of the invention.As shown in figure 3, the identity of the present embodiment is recognized
Card system includes authentication APP using 1, authentication APP servers 2, authentication APP databases 3, mobile APP1 applications
4th, mobile APP1 servers 5, mobile APP1 databases 6, mobile APP2 are using 7, mobile APP2 servers 8, mobile APP2 data
Storehouse 9 and token (Token) 10.
In the present embodiment, authentication APP includes authentication module 11, token management module 12 and key using 1
Management module 13.Mobile APP1 includes login module 41, exits module 42, certification public module 43 and itself one using 4
A little Service Processing Modules 44.Mobile APP2 using 7 include login module 71, exit module 72, certification public module 73 and from
Some Service Processing Modules 74 of body.Mobile APP1 passes through login module 41 or exits module 42 to call authentication APP using 4
The certification public module 43 for logging in, exiting interface encapsulation using 1 standard for providing is authenticated request interaction.Mobile APP1 applications
7 application by login module 71 or exit module 72 call authentication APP using 1 provide standard log in, exit interface seal
The certification public module 73 of dress is authenticated request interaction.Token (Token) 10 in verification process is applied by authentication APP
1 is responsible for generation and safeguards.Mobile APP1 servers 5, mobile APP2 servers 8 are interacted by with authentication APP servers 2
To carry out server legitimacy bodily movement of practising Wushu verification, and authentication processing result is parsed by rear acquisition dynamic key in verification.
Fig. 4 be in the embodiment of the present invention in Fig. 3 authentication APP using 1 authentication module structure chart.Such as Fig. 4 institutes
Show, authentication module 11 includes:Login authentication module 111, exit management module 112, encrypting module 113 and deciphering module
114.Wherein:Login authentication module 111 provides mobile APP and applies unified login authentication interface, and it is received from mobile APP
Logging request, and make requests on parsing by calling deciphering module 114.Meanwhile, login authentication module 111 judge be in internal memory
It is no to there is token (Token) 10 information of login, for the login interface that the certification request without token provides standard, to user input
Username and password call encrypting module 113 to carry out dynamic encryption and submit to authentication APP servers 2 to be verified.It is right
In existing login token information, then call token parsing module 124 to read and parse token and generate request token and return
To the mobile APP applications of request.
In the embodiment of the present invention, exit management module 112 and exit interface there is provided mobile APP applications unification, its reception
Request is exited from mobile APP applications, and parsing is made requests on by calling deciphering module 114.Meanwhile, exit management module
112 will move out request submits to authentication APP servers 2, and authentication APP data are called by authentication APP servers 2
Storehouse 3, the former cleaning for logging in relevant information data is carried out using request treatment logic is exited.After processing successfully, management module is exited
112 first call token parsing module 124 to judge whether internal memory has token information, and module 123 is destroyed if any token is then recalled, complete
Result is will move out after being destroyed into token and returns to mobile APP applications.As without token information, then directly returned and exiting in internal memory
Result gives mobile APP applications.
Encrypting module 113 provides public encryption and endorsement method.Encryption method uses asymmetric-key encryption technology,
To be input into the source language message be encrypted using specified public key, such as certification request information encryption, request result plus
It is close etc., and export ciphertext.Endorsement method uses digital signature technology, the source language message is made a summary using HASH functions, then
It is encrypted with specified private key, signing messages is output as together with the source language message.When signature generation is added in original text simultaneously
Between and it is customized signature effective time (such as 20 seconds), for sign sign test when by verifying the ageing of signing messages, prevent
The playback of signing messages.Encrypting module 113 can individual packages into kit form, there is provided to mobile APP authentication interaction
Link is used.
Deciphering module 114 provides public decryption and sign test method.Decryption method uses non-right in the embodiment of the present invention
Claim Key Encryption Technology, to be input into the source language message be decrypted using specified private key, such as certification request information decryption, please
Decryption of result etc. is asked, and exports the original text after decryption.Sign test method uses digital signature technology, and recipient uses specified
The encrypted summary info of public key decryptions, then a summary info is produced with the original text that HASH function pairs are received, with decryption
Summary info contrast.If identical, illustrate that the information for receiving is complete, do not changed in transmitting procedure, now
The signature time to the source language message carries out validation verification again, if current time subtracts the signature generation time more than signature effectively
Time, then signing messages time-out failure, sign test failure;Otherwise sign test success.Deciphering module 114 can individual packages into component shape
Formula, there is provided used in the interactive session of authentication to mobile APP.
Fig. 5 is the token management modular structure block diagram that Fig. 3 authentications APP applies 1.As shown in figure 5, token management module
12 include:Token generation module 121, token update module 122, token destroy module 123 and token parsing module 124.Wherein,
By calling token generating algorithm, generation logs in token information to token generation module 121.Token generating algorithm is that token can be made
It is the key point of login authentication voucher, the fact that it reflects login authentication information.The data of token generation are participated in by initiating
The key element composition of logging request, it then follows following principle:First, uniqueness.Logging in factor combination can be by a logging request
Effectively distinguished with other logins.2nd, security.Logging in factor combination can realize the anti-counterfeiting of request data, anti-tamper.Cause
This, the request key element that will participate in token generation is divided into fundamental and key element two parts, and fundamental is applied to all stepping on
Record scene, being must key element;Key element is applied to verification and logs in scene, is dynamic key element.Token information is expressed as:
Token=S (f (M (b1,b2...bx,p),keyX.pub),key0.pri)
Wherein, Token is token information, shows as the character combination of on-fixed length;S is signature algorithm;F is calculated for encryption
Method;Key0.pri is the signature private key of authentication APP;KeyX.pub is dynamic encrypted public key;M is by essential information key element
The plaintext constituted with key message key element, bxIt is elemental user information element, p will for mobile device unique identification key message
Element.The life cycle of token depends on the process presence or absence that authentication APP is applied, restart when mobile device, process it is strong
After system terminates, token is then corresponding destroyed.
Token update module 122 realizes the renewal treatment of token, when the user of mobile APP applications needs to switch over use
When family operates, login authentication module 111 receives switching user's request and submits the update module that gives token to.Token update module passes through
Token is successively called to destroy module 123 and token generation module 121 to complete the renewal of internal memory token.
Token destroys module 123 and realizes destroying for token, works as when the user of mobile APP applications actively exit
During the operation of preceding account number, exit management module 112 and receive and actively exit and ask and submit the destruction module that gives token to, realize that internal memory makes
The destruction operation of board.
Token parsing module 124 provide token read and parsing public method, login authentication module 111 and exit pipe
Reason module 112 is realized reading and treatment the unified of token information in verification process by calling this module.
Fig. 6 is the key management module structured flowchart that Fig. 3 authentications APP applies 1.As shown in fig. 6, described key pipe
Reason module 13 includes:APP Registering modules 131, APP cancellation modules 132, APP information updating modules 133, key production module
134th, cipher key destruction module 135 and key updating module 136.Wherein:APP Registering modules 131 are provided and need to use Unified Identity
The registering functional of the mobile APP applications of certification, by recording the relevant information of APP, such as APP titles, APP developing departments, APP bears
The information such as duty people, and call key production module 134 to generate the key information of the APP, including public key and private key file, and key
Name is referred to as the unique mark of the APP.After succeeding in registration, the APP will get the public private key file of itself a pair (such as
Key1.pub, key1.pri) and authentication APP public key file (such as key0.pub), totally three key files.
APP cancellation modules 132 are provided and release mobile APP using the function using unified identity authentication, by calling this mould
Block removes the relevant information that the APP is registered in authentication APP, while calling cipher key destruction module 135 to destroy the close of the APP
Key information.
APP information updating modules 133 provide the renewal of mobile APP application log-on messages, such as update APP titles, APP dimensions
Shield department etc., while being updated by calling the key updating module 136 pairs APP key informations, and regenerates new public affairs
Private key file.
Key production module 134 realizes the generation treatment of key, by the key pair generator of RSA Algorithm (such as
KeyPairGenerator), the unique mark according to APP application registrations generates its corresponding cipher key pair information (such as KeyPair),
And the public key of generation is write as the file (such as key1.pub) of pub suffix, the private key private that will be produced with Base64 coded formats
Key protection password is encrypted by SHA, 3KeyTripleDES algorithm, and is write as the text of pri suffix with Base64 coded formats
Part (such as key1.pri).
Cipher key destruction module 135 realizes destroying for key, by receiving the de-registration request of APP cancellation modules 132,
The public private key file of the APP in authentication APP databases is deleted, while having added in removing authentication APP server memories
The key information of the APP for carrying.
Key updating module 136 realizes the renewal treatment of key, by the renewal for receiving APP information updating modules 133
Request, updates the public private key file of the APP in authentication APP databases, while in updating authentication APP server memories
The key information of the APP for having loaded.
Present invention also offers a kind of identity identifying method of mobile terminal, in order to this method is more clear understandable, below with
As a example by flow chart, the flow to the embodiment of the present invention is described in detail.
As shown in fig. 7, the idiographic flow to log in Mobile solution in one embodiment of the invention on the mobile apparatus.
Step S101:User accesses certain movement APP1 and applies 4 on the mobile apparatus, and the login module 41 of the application is by adjusting
With authentication APP using the certification public module 43 of the 1 standard login authentication interface encapsulation for providing, logging request is submitted to
Authentication APP applies 1 login authentication module 111, and solicited message is simultaneously including the unique mark of movement APP1 applications.
Step S102:Authentication APP, by calling token parsing module 124, is examined using 1 login authentication module 111
Measure and be not logged on the successful token of certification (Token) 10 in internal memory, then return to testing result to login authentication module 111, and
Unified login interface is represented by it.User this interface input username and password click on submit to after, login authentication module 111
Call the CIPHERING REQUEST information of encrypting module 113 and submit to authentication APP servers 2, solicited message includes the use after encryption
The unique mark of name in an account book, password, mobile device sequence number and the movement APP1 application.
Step S103:Authentication APP servers 2 call the decoding request information of deciphering module 114, by authentication
Whether the checking of APP databases 3 user name, password are correct, record the relevant information of this login after being verified, including log in
User name, time, mobile device sequence number, unique mark of mobile APP1 applications etc..Meanwhile, authentication APP databases 3 are given birth to
Into this corresponding dynamic key pair of access, such as public key (keyX.pub) and private key (keyX.pri) file of keyX, minute book
Secondary login and the corresponding relation of the dynamic key pair, and by user name inquire about user essential information (as address name, belonging to
Department etc.), finally by dynamic key to, user basic information, together with the successful result of this certification, by authentication
APP servers 2 return to authentication APP and apply 1.
Step S104:Authentication APP receives the successful result of certification using 1 login module 111, calls token
Generation module 121, to user basic information, mobile device sequence number, present system time, customized token time-out time with
And the public key (keyX.pub) and authentication APP of dynamic key are generated by token and calculated using 1 private key (such as key0.pri)
Method generates this authentication token (Token) 10.
Step S105:Be written to token (Token) 10 in its internal memory again using 1 by authentication APP, while by the token
Information encapsulation returns to mobile APP1 and applies 4 into the result (transaction token Token1) of this certification.
Step S106:Mobile APP1 receives authentication APP and is made using 1 transaction for returning using 4 login module 41
After board Token1, the mobile APP1 servers 5 that transaction token Token1 submits to backstage are parsed.
Step S107:After mobile APP1 servers 5 receive the analysis request of transaction token Token1, due to transaction token
Token1 has used dynamic key encryption, therefore needs to be decrypted to the application dynamic key of authentication APP servers 2.Meanwhile,
In order to ensure the legitimacy of mobile APP1 servers 5, therefore the private key file generated when needing to use its APP to register is (such as
Key1.pri) token request is encrypted, submitting to authentication APP servers 2 in the lump together with its APP marks moves
The legal identity certification of APP1 servers 5.
Step S108:The legal identity certification that authentication APP servers 2 receive the mobile submission of APP1 servers 5 please
After asking, the mobile APP1 obtained in request is identified and is called deciphering module 114, by its public key key1.pub to the friendship after encryption
Easy token Token1 is decrypted.After decryption passes through, then it is assumed that the identity of mobile APP1 servers 5 is legal, authentication APP clothes
Business device 2 returns to the dynamic key keyX.pri of transaction token Token1 to mobile APP1 servers 5.
Step S109:Mobile APP1 servers 5 receive the dynamic key of the return of authentication APP servers 2
After keyX.pri, the sign test and decryption method of certification public module 43 are called to former token, first use the public key of authentication APP
The sign test that key0.pub is signed, reuses dynamic key keyX.pri and is decrypted, so as to get this sign-on access
User basic information.Meanwhile, this is recorded by mobile APP1 databases 6 and logs in log information, and inquire about the login user
Relative role authority, mobile APP1 is returned to by mobile APP1 servers 5 and applies 4.
Step S110:Mobile APP1 contains user using what 4 login module 41 received that mobile APP1 servers 5 return
After the authentication success message of role-security, then this login authentication, and the user basic information displaying in request are completed
Main interface after correspondence login.
Fig. 8 is another embodiment flow chart of identity identifying method of the present invention, and the flow to the embodiment is detailed below
Explanation.
Step S201:User accesses certain movement APP2 and applies 7 on the mobile apparatus, and the login module of the application is by calling
Logging request is submitted to identity by authentication APP using the certification public module of the 1 standard login authentication interface encapsulation for providing
Certification APP applies 1 login authentication module 111, and solicited message is simultaneously including the unique mark of APP2 applications.
Step S202:Authentication APP, by calling token parsing module 124, is examined using 1 login authentication module 111
Measure the existing successful token of login authentication (Token) 10 in internal memory, then by token Information encapsulation into this certification treatment
As a result (transaction token Token2) returns to mobile APP2 and applies 7.
Step S203:Mobile APP2 receives authentication APP using 1 transaction token for returning using 7 login module
After Token2, the mobile APP2 servers 8 that transaction token Token2 submits to backstage are parsed.
Step S204:After mobile APP2 servers 8 receive the analysis request of transaction token Token2, due to transaction token
Token2 has used dynamic key encryption, therefore needs to be decrypted to the application dynamic key of authentication APP servers 2.Meanwhile,
In order to ensure the legitimacy of mobile APP2 servers 8, therefore the private key file generated when needing to use its APP to register is (such as
Key2.pri) token request is encrypted, submitting to authentication APP servers 2 in the lump together with its APP marks moves
The legal identity certification of APP2 servers 8.
Step S205:The legal identity certification that authentication APP servers 2 receive the mobile submission of APP2 servers 8 please
After asking, the mobile APP obtained in request is identified and is called deciphering module 114, by its public key key2.pub to the friendship after encryption
Easy token Token2 is decrypted.After decryption passes through, then it is assumed that the identity of mobile APP2 servers 8 is legal.Meanwhile, authentication
APP servers 2 call token parsing module 124 to parse transaction token Token2, obtain the login user letter of the token
Breath.
Step S206:Authentication APP servers 2 record the phase of this logging request by authentication APP databases 3
Pass information, including the unique mark of the user name, time, mobile device sequence number and the APP2 that log in etc., while being recognized by identity
Card APP servers 2 return to the dynamic key keyX.pri of former token to mobile APP2 servers 8.
Step S207:Mobile APP2 servers 8 receive the dynamic key of the return of authentication APP servers 2
After keyX.pri, the sign test and decryption method of certification public module are called to former token, first use the public key of authentication APP
The sign test that key0.pub is signed, reuses dynamic key keyX.pri and is decrypted, so as to get this sign-on access
User basic information.Meanwhile, this is recorded by mobile APP2 databases 9 and logs in log information, and inquire about the login user
Relative role authority, mobile APP2 is returned to by mobile APP2 servers 8 and applies 7.
Step S208:Mobile APP2 contains user angle using what 7 login module received that mobile APP2 servers 8 return
After the authentication success message of color authority, then this login authentication is completed, and user basic information displaying in request is right
Main interface after should logging in.
Fig. 9 is another embodiment flow chart of identity identifying method of the present invention, and the flow to the embodiment is detailed below
Explanation.
Step S301:User has logged in certain movement APP1 on mobile device and has applied 4, clicks on switching user function, should
Login module 41 is by calling authentication APP using the public mould of certification of the 1 standard login authentication interface encapsulation for providing
Block 43, will switch user's request and submits to the login authentication module 111 that authentication APP is using 1, and solicited message includes simultaneously should
The unique mark and switching user's operation mark of mobile APP1 applications.
Step S302:Authentication APP, by calling token parsing module 124, is examined using 1 login authentication module 111
The existing successful token of login authentication (Token) 10 in internal memory is measured, then returns to testing result to login authentication module 111,
And identified using the switching user's request given on 4 according to mobile APP1 by it and represent unified login interface.User is at this interface
Input username and password is clicked on after submitting to, and login authentication module 111 is called the CIPHERING REQUEST information of encrypting module 113 and submitted to
Authentication APP servers 2, solicited message includes the user name after encryption, password, switching user operation mark, mobile device
Sequence number and the unique mark of movement APP1 applications.
Step S303:Authentication APP servers 2 call the decoding request information of deciphering module 114, by authentication
Whether the checking of APP databases 3 user name, password are correct, according to switching user's operation mark after being verified, update this login
Relevant information, including user name, time, mobile device sequence number and unique mark of mobile APP1 applications for logging in etc..Together
When, authentication APP databases 3 regenerate this and access corresponding dynamic key pair, such as public key (keyY.pub) of keyY
With private key (keyY.pri) file, the corresponding relation of this login and the dynamic key pair is recorded, and use is inquired about by user name
The essential information (such as address name, affiliated function) at family, finally cuts dynamic key to, user basic information together with this
The successful result of user log-in authentication is changed, returning to authentication APP by authentication APP servers 2 applies 1.
Step S304:Authentication APP receives the successful result of certification using 1 login module 111, calls token
Generation module 121, to user basic information, mobile device sequence number, present system time, customized token time-out time with
And the public key (keyY.pub) and authentication APP of dynamic key are generated by token and calculated using 1 private key (such as key0.pri)
Method generates this authentication token (Token) 10.
Step S305:Be written to token (Token) 10 in its internal memory again using 1 by authentication APP, while by the token
Information encapsulation returns to mobile APP1 and applies 4 into the result (transaction token Token1) of this certification.
Step S306:Mobile APP1 receives authentication APP and is made using 1 transaction for returning using 4 login module 41
After board Token1, the mobile APP1 servers 5 that transaction token Token1 submits to backstage are parsed.Step S307:It is mobile
After APP1 servers 5 receive the analysis request of transaction token Token1, because transaction token Token1 has used dynamic key
Encryption, therefore need to be decrypted to the application dynamic key of authentication APP servers 2.Meanwhile, in order to ensure mobile APP1 services
The legitimacy of device 5, therefore the private key file (such as key1.pri) generated when needing to use its APP to register is added to token request
It is close, the legal identity that authentication APP servers 2 move APP1 servers 5 is submitted in the lump together with its APP marks recognizes
Card.
Step S308:The legal identity certification that authentication APP servers 2 receive the mobile submission of APP1 servers 5 please
After asking, the mobile APP obtained in request is identified and is called deciphering module 114, by its public key key1.pub to the friendship after encryption
Easy token Token1 is decrypted.After decryption passes through, then it is assumed that the identity of mobile APP1 servers 5 is legal, authentication APP clothes
Business device 2 returns to the dynamic key keyY.pri of transaction token Token1 to mobile APP1 servers 5.
Step S309:Mobile APP1 servers 5 receive the dynamic key of the return of authentication APP servers 2
After keyY.pri, the sign test method of certification public module 43 is called to former token, first use the public key of authentication APP
The sign test that key0.pub is signed, reuses dynamic key keyY.pri and is decrypted, so as to get this sign-on access
User basic information.Meanwhile, this is recorded by mobile APP1 databases 6 and logs in log information, and inquire about the login user
Relative role authority, mobile APP1 is returned to by mobile APP1 servers 5 and applies 4.
Step S310:Mobile APP1 contains user using what 4 login module 41 received that mobile APP1 servers 5 return
After the authentication success message of role-security, then the login authentication of this switching user, and the user's base in request are completed
Main interface after the displaying correspondence login of this information.
Figure 10 is another embodiment flow chart of identity identifying method of the present invention, and the flow to the embodiment is detailed below
Explanation.
Step S401:User has logged in certain movement APP2 on mobile device and has applied 7, and current account number is actively exited in click
Function, the module that exits of the application exits the certification that management interface is encapsulated by calling authentication APP using 1 standard for providing
Public module, exits active request and submits to authentication APP and exit management module 112 using 1, and solicited message wraps simultaneously
Include the unique mark of movement APP2 applications.Operate for common closing APP, without calling authentication APP to be moved back using 1
Go out management interface.
Step S402:Authentication APP exits management module 112 by calling token parsing module 124 using 1, examines
The existing successful token of login authentication (Token) 10 in internal memory is measured, then return testing result is exited management module 112,
And will move out request and submit to authentication APP servers 2, solicited message includes that mobile device sequence number and the APP2's is unique
Mark.
Step S403:Authentication APP servers 2 receive submission exit request after, by authentication APP data
Storehouse 3 empties the associated login information of the former record of the mobile device, including dynamic key information and corresponding with login user
Relation information, and record user and exit Operation Log, return to result.
Step S404:Authentication APP receives authentication APP servers 2 and returns using 1 management module 112 that exits
Return exit request result after, the token information in internal memory is destroyed by calling token to destroy module 123, and return
The result for backing out request applies 7 to mobile APP2.
Step S405:Mobile APP2 receives authentication APP and exits request using 1 and be processed into using 7 module that exits
After the result of work(, result is transmitted to mobile APP2 servers 8.
Step S406:Mobile APP2 servers 8 are received and exit successful result information, are remembered by mobile APP2 databases 9
Record this and exit log information, and return to this result for exiting and apply 7 to mobile APP2.
Step S407:Mobile APP2 using 7 receive that mobile APP2 servers 8 return exit result after, close
Mobile APP2 applications, complete this and exit operation.
The present invention provides a kind of mobile terminal authentication system and method, and multiple APP are applied and recognized using unified identity
Card mode, realizes the shared of certification user profile, once logs in repeatedly effectively.In certification link, using key encryption and numeral
Signature technology generation on-fixed length, unique, anti-tamper token, and moving that anti-counterfeiting is asked is used in ciphering process
State key, further lifts the security of certification link.Meanwhile, in authentication server background data base, remembered by unified
Record logging request relevant information, realizes the control of multiple devices repeat logon.
Invention overcomes many APP application identities certification of existing mobile terminal in ease for use, security and safeguards the side such as convenience
A kind of some problems in face, it is proposed that mobile terminal authentication system and method, realize the unified identity authentication of mobile terminal.Separately
Outward, key medium is used, by key encrypted and digitally signed technology, the token information in generation authentication procedures is lifted whole
The security of individual certification link, and improve convenience and experience effect that mobile terminal is used.
The invention provides a kind of identity identifying method of mobile terminal, improve the existing identity for being applied to mobile network and recognize
Card mode, token is generated with reference to digital-scrambling techniques, overcomes unsafe problem present in verification process, is mainly had as follows
Several respects effect and advantage:
1st, by the identity authorization system of present invention design, by the user profile and facility environment in login process with token
Form store, it is instant that checking is read in verification process, reduce the link that user repeatedly inputs username and password,
Lift the ease for use of user login operation.
2nd, by the identity authorization system of present invention design, realize the login authentication of enterprises standard and exit and connect
Mouthful, normalization and convenience that lifting subsequent upgrade is safeguarded save the input of human cost.
3rd, by the identity authorization system of present invention design, effectively prevent authentication information and be stolen and certificate server quilt
The problem of imitation., using certain key enciphering and deciphering algorithm and digital signature technology, can be protected according to certification request information each time
The authentication of the integrality, requesting party of identification card request message transmission, the denial generation prevented in transaction.
By the identity authorization system of present invention design, the characteristics of record to authentication information using background data base, realize
The problem of the certification link difference anti-repeat logon of mobile device, it is possible to counted in real time to user and device authentication situation
And analysis.
It should be understood by those skilled in the art that, embodiments of the invention can be provided as method, system or computer program
Product.Therefore, the present invention can be using the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware
Apply the form of example.And, the present invention can be used and wherein include the computer of computer usable program code at one or more
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) is produced
The form of product.
The present invention is the flow with reference to method according to embodiments of the present invention, equipment (system) and computer program product
Figure and/or block diagram are described.It should be understood that every first-class during flow chart and/or block diagram can be realized by computer program instructions
The combination of flow and/or square frame in journey and/or square frame and flow chart and/or block diagram.These computer programs can be provided
The processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that produced for reality by the instruction of computer or the computing device of other programmable data processing devices
The device of the function of being specified in present one flow of flow chart or multiple one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions may be alternatively stored in can guide computer or other programmable data processing devices with spy
In determining the computer-readable memory that mode works so that instruction of the storage in the computer-readable memory is produced and include finger
Make the manufacture of device, the command device realize in one flow of flow chart or multiple one square frame of flow and/or block diagram or
The function of being specified in multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that in meter
Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented treatment, so as in computer or
The instruction performed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in individual square frame or multiple square frames.
Apply specific embodiment in the present invention to be set forth principle of the invention and implementation method, above example
Explanation be only intended to help and understand the method for the present invention and its core concept;Simultaneously for those of ordinary skill in the art,
According to thought of the invention, will change in specific embodiments and applications, in sum, in this specification
Appearance should not be construed as limiting the invention.
Claims (15)
1. a kind of mobile terminal login authentication method, for carrying out login authentication to the APP on mobile terminal, it is characterised in that
Described method includes:
Receive the logging request of APP;
The transaction token including user login information of mobile terminal storage is obtained according to the logging request and is sent to APP clothes
Business device;
Receive the dynamic key application request of the APP servers and safety verification is carried out to by institute to the APP servers
The APP servers for stating safety verification send token dynamic key;
APP servers parse the transaction token and obtain user login information and by the user according to the token dynamic key
Log-on message sends to APP and completes login authentication.
2. mobile terminal login authentication method as claimed in claim 1, it is characterised in that the logging request includes:APP should
With unique mark, the APP applications unique mark is the key title of APP applications.
3. mobile terminal login authentication method as claimed in claim 2, it is characterised in that the user login information includes:
User name, password, login time, the mobile device sequence number stored when logining successfully.
4. mobile terminal login authentication method as claimed in claim 3, it is characterised in that described to be obtained according to the logging request
Taking the transaction token including user login information of mobile terminal storage and sending to APP servers includes:
Judge whether mobile terminal stores the transaction token including user login information;
Determine the transaction token including user login information that is stored with the mobile terminal, by the transaction token send to
APP servers.
5. mobile terminal login authentication method as claimed in claim 3, it is characterised in that described to be obtained according to the logging request
Taking the transaction token including user login information of mobile terminal storage and sending to APP servers also includes:
When determining there is no store transaction token in the mobile terminal, user name, the password of user input are verified;
This login corresponding dynamic key pair of generation correspondence when the user name of checking user input, password are correct;
Transaction token is generated according to dynamic key pair and user login information by token generating algorithm;
The transaction token is stored to mobile terminal internal memory.
6. the mobile terminal login authentication method as described in claim 1 or 5, it is characterised in that the described reception APP clothes
The dynamic key application request of business device simultaneously carries out safety verification to the APP servers to the APP clothes by the safety verification
Business device sends token dynamic key to be included:
Obtain the APP application unique marks in the dynamic key application request of APP servers;
The public key of APP is determined according to the APP applications unique mark;
Dynamic key application request is decrypted using the public key of the APP for determining, decryption determines that APP servers pass through after passing through
Safety verification;
Token dynamic key is sent to the APP servers by the safety verification.
7. mobile terminal login authentication method as claimed in claim 6, it is characterised in that described method also includes:
APP applications on to mobile terminal are registered, and generate and store the key information of APP applications, the key information
Including:Public key, private key, and key name is referred to as the unique mark of APP applications.
8. a kind of mobile terminal accession authorization system, for carrying out login authentication to the APP on mobile terminal, its feature exists
In described system includes:Identification authentication system and authentication server;Wherein,
Described identification authentication system includes:
Logging request receiver module, the logging request for receiving APP;
Token acquisition module, includes the transaction token of user login information and sends extremely for being obtained according to the logging request
APP servers;
The authentication server includes:
APP server authentication modules, the dynamic key application for receiving the APP servers is asked and the APP is serviced
Device carries out safety verification;
Token key sending module, token dynamic key is sent to the APP servers by the safety verification;
APP servers parse the transaction token and obtain user login information and by the user according to the token dynamic key
Log-on message sends to APP and completes login authentication.
9. mobile terminal accession authorization system as claimed in claim 8, it is characterised in that the logging request includes:APP should
With unique mark, the APP applications unique mark is the key title of APP applications.
10. mobile terminal accession authorization system as claimed in claim 9, it is characterised in that the user login information includes:
User name, password, login time, the mobile device sequence number stored when logining successfully.
11. mobile terminal accession authorization systems as claimed in claim 10, it is characterised in that the token acquisition module bag
Include:
Judging unit, for judging whether mobile terminal stores the transaction token including user login information;
Transmitting element, determines the transaction token including user login information that is stored with the mobile terminal, and the transaction is made
Board is sent to APP servers.
12. mobile terminal accession authorization systems as claimed in claim 10, it is characterised in that the token acquisition module is also wrapped
Include:
Password authentication unit, when determining there is no store transaction token in the mobile terminal, for the user name to user input,
Password is verified;
Key is corresponding for generating corresponding this login when verifying that the user name of user input, password are correct to generation unit
Dynamic key pair;
Token generation unit, for generating transaction order according to dynamic key pair and user login information by token generating algorithm
Board, and the transaction token is stored to mobile terminal internal memory.
The 13. mobile terminal accession authorization system as described in claim 8 or 12, it is characterised in that described APP servers are tested
Card module includes:
Mark acquiring unit, for the APP application unique marks in the dynamic key application request for obtaining APP servers;
Public key determining unit, the public key for determining APP according to the APP applications unique mark;
Decryption unit, is decrypted using the public key of the APP for determining to dynamic key application request, and decryption determines APP after passing through
Server passes through safety verification.
14. mobile terminal accession authorization systems as claimed in claim 13, it is characterised in that described identification authentication system is also
Including:
Registering modules, for being registered to the APP applications on mobile terminal, the key information of generation APP applications, the key
Information includes:Public key, private key, and key name is referred to as the unique mark of APP applications.
15. mobile terminal accession authorization systems as claimed in claim 14, it is characterised in that described states identity authentication service
Device also includes:
Memory module, the key information of the APP applications for storing registration.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710229518.6A CN106850699B (en) | 2017-04-10 | 2017-04-10 | A kind of mobile terminal login authentication method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710229518.6A CN106850699B (en) | 2017-04-10 | 2017-04-10 | A kind of mobile terminal login authentication method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106850699A true CN106850699A (en) | 2017-06-13 |
CN106850699B CN106850699B (en) | 2019-11-29 |
Family
ID=59148085
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710229518.6A Active CN106850699B (en) | 2017-04-10 | 2017-04-10 | A kind of mobile terminal login authentication method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106850699B (en) |
Cited By (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108200089A (en) * | 2018-02-07 | 2018-06-22 | 腾讯云计算(北京)有限责任公司 | Implementation method, device, system and the storage medium of information security |
CN108495309A (en) * | 2018-02-06 | 2018-09-04 | 咪咕文化科技有限公司 | Method, electronic equipment and the storage medium of information processing |
CN108809988A (en) * | 2018-06-14 | 2018-11-13 | 北京中电普华信息技术有限公司 | A kind of authentication method and system of request |
CN109286649A (en) * | 2017-07-19 | 2019-01-29 | 现代自动车株式会社 | Vehicular system and its control method |
CN109302422A (en) * | 2018-11-22 | 2019-02-01 | 北京顺丰同城科技有限公司 | A kind of method, mobile terminal, electronic equipment and storage medium logging in mobile application |
CN110035033A (en) * | 2018-01-11 | 2019-07-19 | 华为技术有限公司 | Cryptographic key distribution method, apparatus and system |
CN110032855A (en) * | 2019-02-28 | 2019-07-19 | 招银云创(深圳)信息技术有限公司 | Login method, device, computer equipment and the storage medium of application |
CN110234116A (en) * | 2019-06-24 | 2019-09-13 | 飞天诚信科技股份有限公司 | A kind of safety certifying method and system |
CN110362984A (en) * | 2019-06-28 | 2019-10-22 | 北京思源互联科技有限公司 | Method and device for operating service system by multiple devices |
CN110381021A (en) * | 2019-06-13 | 2019-10-25 | 视联动力信息技术股份有限公司 | A kind of method, apparatus, electronic equipment and the storage medium of anti-rogue attacks |
CN110417730A (en) * | 2019-06-17 | 2019-11-05 | 平安科技(深圳)有限公司 | The unified access method and relevant device of multiple utility program |
CN110460588A (en) * | 2018-05-31 | 2019-11-15 | 腾讯科技(深圳)有限公司 | Realize method, apparatus, the computer system and storage medium of Information Authentication |
CN110536118A (en) * | 2019-09-06 | 2019-12-03 | 腾讯科技(深圳)有限公司 | A kind of data capture method, device and computer storage medium |
CN110868301A (en) * | 2019-11-07 | 2020-03-06 | 浪潮软件股份有限公司 | Identity authentication system and method based on state cryptographic algorithm |
CN111143816A (en) * | 2018-11-05 | 2020-05-12 | 纬创资通股份有限公司 | Verification and authorization method and verification server |
CN111162908A (en) * | 2019-12-11 | 2020-05-15 | 深圳供电局有限公司 | Key solar power transmission line field operation method and system |
CN111176710A (en) * | 2019-12-30 | 2020-05-19 | 宁波视睿迪光电有限公司 | Operation method of terminal software management system and terminal software management system |
CN111212427A (en) * | 2020-01-14 | 2020-05-29 | 陈良准 | Application APP account login management system based on mobile terminal |
CN111241499A (en) * | 2020-01-07 | 2020-06-05 | 腾讯科技(深圳)有限公司 | Application program login method, device, terminal and storage medium |
CN111242248A (en) * | 2018-11-09 | 2020-06-05 | 中移(杭州)信息技术有限公司 | Personnel information monitoring method and device and computer storage medium |
CN111630811A (en) * | 2017-10-19 | 2020-09-04 | 奥特海威公司 | System and method for generating and registering secret key for multipoint authentication |
CN112003706A (en) * | 2020-08-24 | 2020-11-27 | 北京字节跳动网络技术有限公司 | Signature method and device, computer equipment and storage medium |
CN112016918A (en) * | 2019-05-30 | 2020-12-01 | 小米数字科技有限公司 | Signature writing method, signature verification device and storage medium |
CN112491787A (en) * | 2020-10-18 | 2021-03-12 | 苏州浪潮智能科技有限公司 | Method and equipment for safety management of user data |
CN112751800A (en) * | 2019-10-29 | 2021-05-04 | 杭州海康威视系统技术有限公司 | Authentication method and device |
CN113067827A (en) * | 2021-03-25 | 2021-07-02 | 中国工商银行股份有限公司 | System unification authentication method and device |
CN113452782A (en) * | 2021-06-28 | 2021-09-28 | 烽火通信科技股份有限公司 | Upgrading method and device under mesh networking |
CN113824691A (en) * | 2021-08-25 | 2021-12-21 | 浪潮软件股份有限公司 | Method for implementing silent login strategy applied by mobile terminal third party H5 |
CN113872983A (en) * | 2021-10-13 | 2021-12-31 | 苏州兆晶智能科技有限公司 | Block chain chip identity authentication system and authentication method thereof |
CN113868625A (en) * | 2021-09-29 | 2021-12-31 | 商派软件有限公司 | Identity authentication method and system |
CN113949566A (en) * | 2021-10-15 | 2022-01-18 | 工银科技有限公司 | Resource access method, device, electronic equipment and medium |
CN114244627A (en) * | 2022-01-04 | 2022-03-25 | 上海华申智能卡应用系统有限公司 | Authorization method and system |
CN114710281A (en) * | 2022-04-24 | 2022-07-05 | 中国工商银行股份有限公司 | Method and device for quitting Internet banking system |
CN114866247A (en) * | 2022-04-18 | 2022-08-05 | 杭州海康威视数字技术股份有限公司 | Communication method, device, system, terminal and server |
CN114900344A (en) * | 2022-04-26 | 2022-08-12 | 四川智能建造科技股份有限公司 | Identity authentication method, system, terminal and computer readable storage medium |
CN115174236A (en) * | 2022-07-08 | 2022-10-11 | 上海百家云科技有限公司 | Authentication method, authentication device, electronic equipment and storage medium |
CN115860037A (en) * | 2023-02-24 | 2023-03-28 | 中国(上海)宝玉石交易中心有限公司 | Anti-counterfeiting method, anti-counterfeiting system and anti-counterfeiting component for gemstones and jades |
US11836706B2 (en) * | 2012-04-16 | 2023-12-05 | Sticky.Io, Inc. | Systems and methods for facilitating a transaction using a virtual card on a mobile device |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103139163A (en) * | 2011-11-29 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Data access method, server and terminal |
CN104767731A (en) * | 2015-03-12 | 2015-07-08 | 江苏中天科技软件技术有限公司 | Identity authentication protection method of Restful mobile transaction system |
WO2015193105A1 (en) * | 2014-06-20 | 2015-12-23 | Gemalto Sa | Method to manage modification of encryption credentials |
CN105577691A (en) * | 2016-02-03 | 2016-05-11 | 飞天诚信科技股份有限公司 | Security access method and server |
CN105721502A (en) * | 2016-04-11 | 2016-06-29 | 上海上实龙创智慧能源科技股份有限公司 | Authorized access method for browser client and server |
US20160259936A1 (en) * | 2015-03-05 | 2016-09-08 | Ricoh Co., Ltd. | Broker-Based Authentication System Architecture and Design |
CN106161348A (en) * | 2015-03-30 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method of single-sign-on, system and terminal |
CN106209749A (en) * | 2015-05-08 | 2016-12-07 | 阿里巴巴集团控股有限公司 | Single-point logging method and the processing method and processing device of device, relevant device and application |
-
2017
- 2017-04-10 CN CN201710229518.6A patent/CN106850699B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103139163A (en) * | 2011-11-29 | 2013-06-05 | 阿里巴巴集团控股有限公司 | Data access method, server and terminal |
WO2015193105A1 (en) * | 2014-06-20 | 2015-12-23 | Gemalto Sa | Method to manage modification of encryption credentials |
US20160259936A1 (en) * | 2015-03-05 | 2016-09-08 | Ricoh Co., Ltd. | Broker-Based Authentication System Architecture and Design |
CN104767731A (en) * | 2015-03-12 | 2015-07-08 | 江苏中天科技软件技术有限公司 | Identity authentication protection method of Restful mobile transaction system |
CN106161348A (en) * | 2015-03-30 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method of single-sign-on, system and terminal |
CN106209749A (en) * | 2015-05-08 | 2016-12-07 | 阿里巴巴集团控股有限公司 | Single-point logging method and the processing method and processing device of device, relevant device and application |
CN105577691A (en) * | 2016-02-03 | 2016-05-11 | 飞天诚信科技股份有限公司 | Security access method and server |
CN105721502A (en) * | 2016-04-11 | 2016-06-29 | 上海上实龙创智慧能源科技股份有限公司 | Authorized access method for browser client and server |
Cited By (49)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11836706B2 (en) * | 2012-04-16 | 2023-12-05 | Sticky.Io, Inc. | Systems and methods for facilitating a transaction using a virtual card on a mobile device |
CN109286649A (en) * | 2017-07-19 | 2019-01-29 | 现代自动车株式会社 | Vehicular system and its control method |
CN111630811A (en) * | 2017-10-19 | 2020-09-04 | 奥特海威公司 | System and method for generating and registering secret key for multipoint authentication |
US11588626B2 (en) | 2018-01-11 | 2023-02-21 | Huawei Technologies Co., Ltd. | Key distribution method and system, and apparatus |
CN110035033A (en) * | 2018-01-11 | 2019-07-19 | 华为技术有限公司 | Cryptographic key distribution method, apparatus and system |
CN108495309A (en) * | 2018-02-06 | 2018-09-04 | 咪咕文化科技有限公司 | Method, electronic equipment and the storage medium of information processing |
CN108200089A (en) * | 2018-02-07 | 2018-06-22 | 腾讯云计算(北京)有限责任公司 | Implementation method, device, system and the storage medium of information security |
CN108200089B (en) * | 2018-02-07 | 2022-06-07 | 腾讯云计算(北京)有限责任公司 | Method, device and system for realizing information security and storage medium |
CN110460588B (en) * | 2018-05-31 | 2022-11-22 | 腾讯科技(深圳)有限公司 | Method, device, computer system and storage medium for realizing information verification |
CN110460588A (en) * | 2018-05-31 | 2019-11-15 | 腾讯科技(深圳)有限公司 | Realize method, apparatus, the computer system and storage medium of Information Authentication |
CN108809988A (en) * | 2018-06-14 | 2018-11-13 | 北京中电普华信息技术有限公司 | A kind of authentication method and system of request |
CN111143816A (en) * | 2018-11-05 | 2020-05-12 | 纬创资通股份有限公司 | Verification and authorization method and verification server |
CN111242248A (en) * | 2018-11-09 | 2020-06-05 | 中移(杭州)信息技术有限公司 | Personnel information monitoring method and device and computer storage medium |
CN111242248B (en) * | 2018-11-09 | 2023-07-21 | 中移(杭州)信息技术有限公司 | Personnel information monitoring method, device and computer storage medium |
CN109302422B (en) * | 2018-11-22 | 2022-02-25 | 北京顺丰同城科技有限公司 | Method for logging in mobile application, mobile terminal, electronic equipment, system and storage medium |
CN109302422A (en) * | 2018-11-22 | 2019-02-01 | 北京顺丰同城科技有限公司 | A kind of method, mobile terminal, electronic equipment and storage medium logging in mobile application |
CN110032855A (en) * | 2019-02-28 | 2019-07-19 | 招银云创(深圳)信息技术有限公司 | Login method, device, computer equipment and the storage medium of application |
CN112016918A (en) * | 2019-05-30 | 2020-12-01 | 小米数字科技有限公司 | Signature writing method, signature verification device and storage medium |
CN110381021A (en) * | 2019-06-13 | 2019-10-25 | 视联动力信息技术股份有限公司 | A kind of method, apparatus, electronic equipment and the storage medium of anti-rogue attacks |
CN110417730A (en) * | 2019-06-17 | 2019-11-05 | 平安科技(深圳)有限公司 | The unified access method and relevant device of multiple utility program |
CN110417730B (en) * | 2019-06-17 | 2022-07-19 | 平安科技(深圳)有限公司 | Unified access method of multiple application programs and related equipment |
CN110234116A (en) * | 2019-06-24 | 2019-09-13 | 飞天诚信科技股份有限公司 | A kind of safety certifying method and system |
CN110234116B (en) * | 2019-06-24 | 2021-11-02 | 飞天诚信科技股份有限公司 | Security authentication method and system |
CN110362984A (en) * | 2019-06-28 | 2019-10-22 | 北京思源互联科技有限公司 | Method and device for operating service system by multiple devices |
CN110536118A (en) * | 2019-09-06 | 2019-12-03 | 腾讯科技(深圳)有限公司 | A kind of data capture method, device and computer storage medium |
CN112751800B (en) * | 2019-10-29 | 2023-11-24 | 杭州海康威视系统技术有限公司 | Authentication method and device |
CN112751800A (en) * | 2019-10-29 | 2021-05-04 | 杭州海康威视系统技术有限公司 | Authentication method and device |
CN110868301A (en) * | 2019-11-07 | 2020-03-06 | 浪潮软件股份有限公司 | Identity authentication system and method based on state cryptographic algorithm |
CN111162908A (en) * | 2019-12-11 | 2020-05-15 | 深圳供电局有限公司 | Key solar power transmission line field operation method and system |
CN111176710A (en) * | 2019-12-30 | 2020-05-19 | 宁波视睿迪光电有限公司 | Operation method of terminal software management system and terminal software management system |
CN111176710B (en) * | 2019-12-30 | 2023-10-03 | 宁波视睿迪光电有限公司 | Operation method of terminal software management system and terminal software management system |
CN111241499A (en) * | 2020-01-07 | 2020-06-05 | 腾讯科技(深圳)有限公司 | Application program login method, device, terminal and storage medium |
CN111212427A (en) * | 2020-01-14 | 2020-05-29 | 陈良准 | Application APP account login management system based on mobile terminal |
CN112003706A (en) * | 2020-08-24 | 2020-11-27 | 北京字节跳动网络技术有限公司 | Signature method and device, computer equipment and storage medium |
CN112491787A (en) * | 2020-10-18 | 2021-03-12 | 苏州浪潮智能科技有限公司 | Method and equipment for safety management of user data |
CN112491787B (en) * | 2020-10-18 | 2022-12-27 | 苏州浪潮智能科技有限公司 | Method and equipment for safety management of user data |
CN113067827A (en) * | 2021-03-25 | 2021-07-02 | 中国工商银行股份有限公司 | System unification authentication method and device |
CN113452782A (en) * | 2021-06-28 | 2021-09-28 | 烽火通信科技股份有限公司 | Upgrading method and device under mesh networking |
CN113824691A (en) * | 2021-08-25 | 2021-12-21 | 浪潮软件股份有限公司 | Method for implementing silent login strategy applied by mobile terminal third party H5 |
CN113868625A (en) * | 2021-09-29 | 2021-12-31 | 商派软件有限公司 | Identity authentication method and system |
CN113872983A (en) * | 2021-10-13 | 2021-12-31 | 苏州兆晶智能科技有限公司 | Block chain chip identity authentication system and authentication method thereof |
CN113949566A (en) * | 2021-10-15 | 2022-01-18 | 工银科技有限公司 | Resource access method, device, electronic equipment and medium |
CN114244627B (en) * | 2022-01-04 | 2023-12-26 | 上海华申智能卡应用系统有限公司 | Authorization method and system |
CN114244627A (en) * | 2022-01-04 | 2022-03-25 | 上海华申智能卡应用系统有限公司 | Authorization method and system |
CN114866247A (en) * | 2022-04-18 | 2022-08-05 | 杭州海康威视数字技术股份有限公司 | Communication method, device, system, terminal and server |
CN114710281A (en) * | 2022-04-24 | 2022-07-05 | 中国工商银行股份有限公司 | Method and device for quitting Internet banking system |
CN114900344A (en) * | 2022-04-26 | 2022-08-12 | 四川智能建造科技股份有限公司 | Identity authentication method, system, terminal and computer readable storage medium |
CN115174236A (en) * | 2022-07-08 | 2022-10-11 | 上海百家云科技有限公司 | Authentication method, authentication device, electronic equipment and storage medium |
CN115860037A (en) * | 2023-02-24 | 2023-03-28 | 中国(上海)宝玉石交易中心有限公司 | Anti-counterfeiting method, anti-counterfeiting system and anti-counterfeiting component for gemstones and jades |
Also Published As
Publication number | Publication date |
---|---|
CN106850699B (en) | 2019-11-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106850699B (en) | A kind of mobile terminal login authentication method and system | |
CN106899570B (en) | The processing method of two dimensional code, apparatus and system | |
CN103795692B (en) | Open authorization method, system and certification authority server | |
CN101414909B (en) | System, method and mobile communication terminal for verifying network application user identification | |
CN105103488B (en) | By the policy Enforcement of associated data | |
CN103685138B (en) | The authentication method of the Android platform application software that mobile interchange is online and system | |
CN109347799B (en) | A kind of identity information management method and system based on block chain technology | |
CN103107996B (en) | Digital certificate download online method and system, digital certificate are provided platform | |
CN105554004B (en) | The Verification System and method of container service in a kind of mixing cloud computing environment | |
CN106304074B (en) | Auth method and system towards mobile subscriber | |
CN110324276A (en) | A kind of method, system, terminal and electronic equipment logging in application | |
CN112953970B (en) | Identity authentication method and identity authentication system | |
JP2018532301A (en) | User authentication method and apparatus | |
CN103036681B (en) | A kind of password safety keyboard device and system | |
CN110535648A (en) | Electronic certificate is generated and verified and key controlling method, device, system and medium | |
CN107294916A (en) | Single-point logging method, single-sign-on terminal and single-node login system | |
US20030135734A1 (en) | Secure mutual authentication system | |
CN110401629A (en) | A kind of method and relevant apparatus of activation authorization | |
CN105681340A (en) | Digital certificate use method and apparatus | |
CN109815659A (en) | Safety certifying method, device, electronic equipment and storage medium based on WEB project | |
CN110365684A (en) | Access control method, device and the electronic equipment of application cluster | |
CN113515756B (en) | High-credibility digital identity management method and system based on block chain | |
CN106936588A (en) | A kind of trustship method, the apparatus and system of hardware controls lock | |
CN113364597A (en) | Privacy information proving method and system based on block chain | |
CN113487321A (en) | Identity identification and verification method and system based on block chain wallet |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210107 Address after: 100140, 55, Fuxing Avenue, Xicheng District, Beijing Patentee after: INDUSTRIAL AND COMMERCIAL BANK OF CHINA Patentee after: ICBC Technology Co.,Ltd. Address before: 100140, 55, Fuxing Avenue, Xicheng District, Beijing Patentee before: INDUSTRIAL AND COMMERCIAL BANK OF CHINA |