CN106850699A - A kind of mobile terminal login authentication method and system - Google Patents

A kind of mobile terminal login authentication method and system Download PDF

Info

Publication number
CN106850699A
CN106850699A CN201710229518.6A CN201710229518A CN106850699A CN 106850699 A CN106850699 A CN 106850699A CN 201710229518 A CN201710229518 A CN 201710229518A CN 106850699 A CN106850699 A CN 106850699A
Authority
CN
China
Prior art keywords
app
mobile terminal
token
key
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710229518.6A
Other languages
Chinese (zh)
Other versions
CN106850699B (en
Inventor
陈玲
魏桂明
李俊浩
岑健明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
ICBC Technology Co Ltd
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN201710229518.6A priority Critical patent/CN106850699B/en
Publication of CN106850699A publication Critical patent/CN106850699A/en
Application granted granted Critical
Publication of CN106850699B publication Critical patent/CN106850699B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations

Abstract

The invention provides a kind of mobile terminal login authentication method and system, for carrying out login authentication to the APP on mobile terminal, method includes:Receive the logging request of APP;The transaction token including user login information of mobile terminal storage is obtained according to the logging request and is sent to APP servers;Receive the dynamic key application request of the APP servers and safety verification is carried out to the APP servers and send token dynamic key to the APP servers by the safety verification;APP servers parse the transaction token and obtain user login information and send to APP completion login authentications the user login information according to the token dynamic key.Realize the unified identity authentication of mobile terminal.Key medium is used, by key encrypted and digitally signed technology, the token information in generation authentication procedures lifts the security of whole certification link, and improve convenience and experience effect that mobile terminal is used.

Description

A kind of mobile terminal login authentication method and system
Technical field
Concretely it is a kind of mobile terminal login authentication method and system the present invention relates to safe practice.
Background technology
With the high speed development of mobile Internet, mobile office turns into enterprise's future important development trend, and enterprises are moved The APP applications of moved end also increase therewith.Due to lacking unified planning and management, the independent APP applications of these dispersions fail to User brings experience well, and its login security and management regulation also bring challenge higher to enterprise, specific main body It is now following some:
Because these APP applications each use independent ID authentication mechanism, cause user when logging in, be required to Input username and password is verified.For a user, the certification of these APP all uses the corresponding user name of enterprises And password, it is required for repeatedly inputting relatively complicated, ease for use deficiency every time.
Because these APP applications are using the authentication management module of each exploitation, there is login security requirement not One phenomenon, while being also unfavorable for the unified planning and management of enterprises security.
Because the authentication module of these APP applications is safeguarded by different team respectively, the cost that subsequent upgrade is safeguarded Height, the convenience of upgrading is not enough, it is impossible to effective to save business manpower cost.
In sum, the different complicated authentication treatment of many application software, on the one hand allows user to feel more inconvenience, The development difficulty of software developer is also improved, maintenance cost, different application repeats identical authentication module and also occupies movement The storage resource at end.
The content of the invention
For the APP applications on mobile terminal provide a kind of unified authentication login method, certification user profile is realized It is shared, a kind of mobile terminal login authentication method is the embodiment of the invention provides, for being stepped on to the APP on mobile terminal Record certification, method includes:
Receive the logging request of APP;
The transaction token including user login information of mobile terminal storage is obtained according to the logging request and is sent extremely APP servers;
Receive the dynamic key application request of the APP servers and safety verification is carried out to the APP servers to logical The APP servers for crossing the safety verification send token dynamic key;
APP servers parse the transaction token according to the token dynamic key and obtain user login information and by described in User login information sends to APP and completes login authentication.
In the embodiment of the present invention, the logging request includes:APP application unique marks, the APP applications unique mark is The key title of APP applications.
In the embodiment of the present invention, the user login information includes:User name, password, the login stored when logining successfully Time, mobile device sequence number.
In the embodiment of the present invention, it is described according to the logging request obtain mobile terminal store including user login information Transaction token and sending to APP servers include:
Judge whether mobile terminal stores the transaction token including user login information;
Determine the transaction token including user login information that is stored with the mobile terminal, the transaction token is sent To APP servers.
In the embodiment of the present invention, it is described according to the logging request obtain mobile terminal store including user login information Transaction token and sending to APP servers also include:
When determining there is no store transaction token in the mobile terminal, user name, the password of user input are verified;
This login corresponding dynamic key pair of generation correspondence when the user name of checking user input, password are correct;
Transaction token is generated according to dynamic key pair and user login information by token generating algorithm;
The transaction token is stored to mobile terminal internal memory.
In the embodiment of the present invention, the dynamic key application of the described reception APP servers is asked and the APP is taken Business device carries out safety verification to be included to the APP servers transmission token dynamic key by the safety verification:
Obtain the APP application unique marks in the dynamic key application request of APP servers;
The public key of APP is determined according to the APP applications unique mark;
Dynamic key application request is decrypted using the public key of the APP for determining, decryption determines APP servers after passing through By safety verification;
Token dynamic key is sent to the APP servers by the safety verification.
In the embodiment of the present invention, described method also includes:
APP applications on to mobile terminal are registered, and generate and store the key information of APP applications, the key Information includes:Public key, private key, and key name is referred to as the unique mark of APP applications.
Meanwhile, the present invention also provides a kind of mobile terminal accession authorization system, for the APP's on mobile terminal device Login authentication is carried out, including:Identification authentication system and authentication server;
Identification authentication system includes:
Logging request receiver module, the logging request for receiving APP;
Token acquisition module, includes the transaction token of user login information and sends extremely for being obtained according to logging request APP servers;
Authentication server includes:
APP server authentication modules, the dynamic key application for receiving the APP servers is asked and to the APP Server carries out safety verification;
Token key sending module, token dynamic key is sent to the APP servers by the safety verification;
APP servers parse the transaction token according to the token dynamic key and obtain user login information and by described in User login information sends to APP and completes login authentication.
In the embodiment of the present invention, the token acquisition module includes:
Judging unit, for judging whether mobile terminal stores the transaction token including user login information;
Transmitting element, determines the transaction token including user login information that is stored with the mobile terminal, by the friendship Easy token is sent to APP servers.
In the embodiment of the present invention, the token acquisition module also includes:
Password authentication unit, when determining not having store transaction token in the mobile terminal, for the use to user input Name in an account book, password are verified;
Key is right for generating corresponding this login when verifying that the user name of user input, password are correct to generation unit The dynamic key pair answered;
Token generation unit, for generating transaction according to dynamic key pair and user login information by token generating algorithm Token, and the transaction token is stored to mobile terminal internal memory.
In the embodiment of the present invention, described APP server authentication modules include:
Mark acquiring unit, the APP applications during the dynamic key application for obtaining APP servers is asked uniquely are marked Know;
Public key determining unit, the public key for determining APP according to the APP applications unique mark;
Decryption unit, is decrypted using the public key of the APP for determining to dynamic key application request, and decryption determines after passing through APP servers pass through safety verification.
In the embodiment of the present invention, described identification authentication system also includes:
Registering modules, for being registered to the APP applications on mobile terminal, the key information of generation APP applications is described Key information includes:Public key, private key, and key name is referred to as the unique mark of APP applications.
In the embodiment of the present invention, described authentication server of stating also includes:
Memory module, the key information of the APP applications for storing registration.
The present invention provides a kind of mobile terminal identity logs Verification System and method, and multiple APP applications are used in this programme Unified identification authentication mode, realizes the shared of certification user profile, once logs in repeatedly effectively.In certification link, using close Key encrypted and digitally signed technology generation on-fixed length, unique, anti-tamper token, and using anti-in ciphering process The dynamic key of request is forged, further the security of lifting certification link.Meanwhile, in authentication server back-end data Storehouse, by unified record logging request relevant information, realizes the control of multiple devices repeat logon.
It is that above and other objects, features and advantages of the invention can be become apparent, preferred embodiment cited below particularly, And coordinate institute's accompanying drawings, it is described in detail below.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are only this Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can be with Other accompanying drawings are obtained according to these accompanying drawings.
The flow chart of the mobile terminal login authentication method that Fig. 1 is provided for the present invention;
Fig. 2 is a kind of structured flowchart of mobile terminal accession authorization system of the invention;
Fig. 3 is a kind of identity authorization system block architecture diagram of mobile terminal in the embodiment of the present invention;
Fig. 4 is authentication module structure chart in the embodiment of the present invention;
Fig. 5 is token management function structure chart in the embodiment of the present invention;
Fig. 6 is key management module structure in the embodiment of the present invention;
Fig. 7 is the flow chart of the identity identifying method embodiment of mobile terminal in one embodiment of the invention;
Fig. 8 is the flow chart of the identity identifying method embodiment of mobile terminal in one embodiment of the invention;
The flow chart of the identity identifying method embodiment of mobile terminal in Fig. 9 one embodiment of the invention;
The flow chart of the identity identifying method embodiment of mobile terminal in Figure 10 one embodiment of the invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.It is based on Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under the premise of creative work is not made Embodiment, belongs to the scope of protection of the invention.
A kind of mobile terminal login authentication method that the present invention is provided, recognizes for carrying out login to the APP on mobile terminal Card, as shown in figure 1, be the flow chart of the mobile terminal login authentication method for providing of the invention, including:
Step S1001, receives the logging request of APP;
Step S1002, the order of the transaction including user login information that mobile terminal is stored is obtained according to the logging request Board is simultaneously sent to APP servers;
Step S1003, receives the dynamic key application request of the APP servers and the APP servers is pacified Full checking send token dynamic key to the APP servers by the safety verification;
Step S1004, APP server parses the transaction token and obtains User logs in letter according to the token dynamic key Cease and send to APP the user login information and complete login authentication.
Meanwhile, the present invention also provides a kind of mobile terminal accession authorization system, its structured flowchart as shown in Fig. 2 for right APP204's on mobile terminal device 203 carries out login authentication, including:Identification authentication system 201 and identity authentication service Device 202;Wherein,
Described identification authentication system 201 includes:
Logging request receiver module, the logging request for receiving APP;
Token acquisition module, includes the transaction token of user login information and sends for being obtained according to the logging request To APP servers;
The authentication server 202 includes:
APP server authentication modules, the dynamic key application for receiving the APP servers is asked and to the APP Server carries out safety verification;
Token key sending module, token dynamic key is sent to the APP servers by the safety verification;
APP servers parse the transaction token according to the token dynamic key and obtain user login information and by described in User login information sends to APP and completes login authentication.
Instant invention overcomes many APP application identities certification ease for use in existing mobile terminal, security and safeguard convenience etc. side A kind of some problems in face, it is proposed that mobile terminal authentication system and method, realize the unified identity authentication of mobile terminal.Separately Outward, key medium is used, by key encrypted and digitally signed technology, the token information in generation authentication procedures is lifted whole The security of individual certification link, and improve convenience and experience effect that mobile terminal is used.With reference to specific implementation Example is described in further detail to technical scheme.
Fig. 3 is a kind of identity authorization system Organization Chart of mobile terminal of the invention.As shown in figure 3, the identity of the present embodiment is recognized Card system includes authentication APP using 1, authentication APP servers 2, authentication APP databases 3, mobile APP1 applications 4th, mobile APP1 servers 5, mobile APP1 databases 6, mobile APP2 are using 7, mobile APP2 servers 8, mobile APP2 data Storehouse 9 and token (Token) 10.
In the present embodiment, authentication APP includes authentication module 11, token management module 12 and key using 1 Management module 13.Mobile APP1 includes login module 41, exits module 42, certification public module 43 and itself one using 4 A little Service Processing Modules 44.Mobile APP2 using 7 include login module 71, exit module 72, certification public module 73 and from Some Service Processing Modules 74 of body.Mobile APP1 passes through login module 41 or exits module 42 to call authentication APP using 4 The certification public module 43 for logging in, exiting interface encapsulation using 1 standard for providing is authenticated request interaction.Mobile APP1 applications 7 application by login module 71 or exit module 72 call authentication APP using 1 provide standard log in, exit interface seal The certification public module 73 of dress is authenticated request interaction.Token (Token) 10 in verification process is applied by authentication APP 1 is responsible for generation and safeguards.Mobile APP1 servers 5, mobile APP2 servers 8 are interacted by with authentication APP servers 2 To carry out server legitimacy bodily movement of practising Wushu verification, and authentication processing result is parsed by rear acquisition dynamic key in verification.
Fig. 4 be in the embodiment of the present invention in Fig. 3 authentication APP using 1 authentication module structure chart.Such as Fig. 4 institutes Show, authentication module 11 includes:Login authentication module 111, exit management module 112, encrypting module 113 and deciphering module 114.Wherein:Login authentication module 111 provides mobile APP and applies unified login authentication interface, and it is received from mobile APP Logging request, and make requests on parsing by calling deciphering module 114.Meanwhile, login authentication module 111 judge be in internal memory It is no to there is token (Token) 10 information of login, for the login interface that the certification request without token provides standard, to user input Username and password call encrypting module 113 to carry out dynamic encryption and submit to authentication APP servers 2 to be verified.It is right In existing login token information, then call token parsing module 124 to read and parse token and generate request token and return To the mobile APP applications of request.
In the embodiment of the present invention, exit management module 112 and exit interface there is provided mobile APP applications unification, its reception Request is exited from mobile APP applications, and parsing is made requests on by calling deciphering module 114.Meanwhile, exit management module 112 will move out request submits to authentication APP servers 2, and authentication APP data are called by authentication APP servers 2 Storehouse 3, the former cleaning for logging in relevant information data is carried out using request treatment logic is exited.After processing successfully, management module is exited 112 first call token parsing module 124 to judge whether internal memory has token information, and module 123 is destroyed if any token is then recalled, complete Result is will move out after being destroyed into token and returns to mobile APP applications.As without token information, then directly returned and exiting in internal memory Result gives mobile APP applications.
Encrypting module 113 provides public encryption and endorsement method.Encryption method uses asymmetric-key encryption technology, To be input into the source language message be encrypted using specified public key, such as certification request information encryption, request result plus It is close etc., and export ciphertext.Endorsement method uses digital signature technology, the source language message is made a summary using HASH functions, then It is encrypted with specified private key, signing messages is output as together with the source language message.When signature generation is added in original text simultaneously Between and it is customized signature effective time (such as 20 seconds), for sign sign test when by verifying the ageing of signing messages, prevent The playback of signing messages.Encrypting module 113 can individual packages into kit form, there is provided to mobile APP authentication interaction Link is used.
Deciphering module 114 provides public decryption and sign test method.Decryption method uses non-right in the embodiment of the present invention Claim Key Encryption Technology, to be input into the source language message be decrypted using specified private key, such as certification request information decryption, please Decryption of result etc. is asked, and exports the original text after decryption.Sign test method uses digital signature technology, and recipient uses specified The encrypted summary info of public key decryptions, then a summary info is produced with the original text that HASH function pairs are received, with decryption Summary info contrast.If identical, illustrate that the information for receiving is complete, do not changed in transmitting procedure, now The signature time to the source language message carries out validation verification again, if current time subtracts the signature generation time more than signature effectively Time, then signing messages time-out failure, sign test failure;Otherwise sign test success.Deciphering module 114 can individual packages into component shape Formula, there is provided used in the interactive session of authentication to mobile APP.
Fig. 5 is the token management modular structure block diagram that Fig. 3 authentications APP applies 1.As shown in figure 5, token management module 12 include:Token generation module 121, token update module 122, token destroy module 123 and token parsing module 124.Wherein, By calling token generating algorithm, generation logs in token information to token generation module 121.Token generating algorithm is that token can be made It is the key point of login authentication voucher, the fact that it reflects login authentication information.The data of token generation are participated in by initiating The key element composition of logging request, it then follows following principle:First, uniqueness.Logging in factor combination can be by a logging request Effectively distinguished with other logins.2nd, security.Logging in factor combination can realize the anti-counterfeiting of request data, anti-tamper.Cause This, the request key element that will participate in token generation is divided into fundamental and key element two parts, and fundamental is applied to all stepping on Record scene, being must key element;Key element is applied to verification and logs in scene, is dynamic key element.Token information is expressed as:
Token=S (f (M (b1,b2...bx,p),keyX.pub),key0.pri)
Wherein, Token is token information, shows as the character combination of on-fixed length;S is signature algorithm;F is calculated for encryption Method;Key0.pri is the signature private key of authentication APP;KeyX.pub is dynamic encrypted public key;M is by essential information key element The plaintext constituted with key message key element, bxIt is elemental user information element, p will for mobile device unique identification key message Element.The life cycle of token depends on the process presence or absence that authentication APP is applied, restart when mobile device, process it is strong After system terminates, token is then corresponding destroyed.
Token update module 122 realizes the renewal treatment of token, when the user of mobile APP applications needs to switch over use When family operates, login authentication module 111 receives switching user's request and submits the update module that gives token to.Token update module passes through Token is successively called to destroy module 123 and token generation module 121 to complete the renewal of internal memory token.
Token destroys module 123 and realizes destroying for token, works as when the user of mobile APP applications actively exit During the operation of preceding account number, exit management module 112 and receive and actively exit and ask and submit the destruction module that gives token to, realize that internal memory makes The destruction operation of board.
Token parsing module 124 provide token read and parsing public method, login authentication module 111 and exit pipe Reason module 112 is realized reading and treatment the unified of token information in verification process by calling this module.
Fig. 6 is the key management module structured flowchart that Fig. 3 authentications APP applies 1.As shown in fig. 6, described key pipe Reason module 13 includes:APP Registering modules 131, APP cancellation modules 132, APP information updating modules 133, key production module 134th, cipher key destruction module 135 and key updating module 136.Wherein:APP Registering modules 131 are provided and need to use Unified Identity The registering functional of the mobile APP applications of certification, by recording the relevant information of APP, such as APP titles, APP developing departments, APP bears The information such as duty people, and call key production module 134 to generate the key information of the APP, including public key and private key file, and key Name is referred to as the unique mark of the APP.After succeeding in registration, the APP will get the public private key file of itself a pair (such as Key1.pub, key1.pri) and authentication APP public key file (such as key0.pub), totally three key files.
APP cancellation modules 132 are provided and release mobile APP using the function using unified identity authentication, by calling this mould Block removes the relevant information that the APP is registered in authentication APP, while calling cipher key destruction module 135 to destroy the close of the APP Key information.
APP information updating modules 133 provide the renewal of mobile APP application log-on messages, such as update APP titles, APP dimensions Shield department etc., while being updated by calling the key updating module 136 pairs APP key informations, and regenerates new public affairs Private key file.
Key production module 134 realizes the generation treatment of key, by the key pair generator of RSA Algorithm (such as KeyPairGenerator), the unique mark according to APP application registrations generates its corresponding cipher key pair information (such as KeyPair), And the public key of generation is write as the file (such as key1.pub) of pub suffix, the private key private that will be produced with Base64 coded formats Key protection password is encrypted by SHA, 3KeyTripleDES algorithm, and is write as the text of pri suffix with Base64 coded formats Part (such as key1.pri).
Cipher key destruction module 135 realizes destroying for key, by receiving the de-registration request of APP cancellation modules 132, The public private key file of the APP in authentication APP databases is deleted, while having added in removing authentication APP server memories The key information of the APP for carrying.
Key updating module 136 realizes the renewal treatment of key, by the renewal for receiving APP information updating modules 133 Request, updates the public private key file of the APP in authentication APP databases, while in updating authentication APP server memories The key information of the APP for having loaded.
Present invention also offers a kind of identity identifying method of mobile terminal, in order to this method is more clear understandable, below with As a example by flow chart, the flow to the embodiment of the present invention is described in detail.
As shown in fig. 7, the idiographic flow to log in Mobile solution in one embodiment of the invention on the mobile apparatus.
Step S101:User accesses certain movement APP1 and applies 4 on the mobile apparatus, and the login module 41 of the application is by adjusting With authentication APP using the certification public module 43 of the 1 standard login authentication interface encapsulation for providing, logging request is submitted to Authentication APP applies 1 login authentication module 111, and solicited message is simultaneously including the unique mark of movement APP1 applications.
Step S102:Authentication APP, by calling token parsing module 124, is examined using 1 login authentication module 111 Measure and be not logged on the successful token of certification (Token) 10 in internal memory, then return to testing result to login authentication module 111, and Unified login interface is represented by it.User this interface input username and password click on submit to after, login authentication module 111 Call the CIPHERING REQUEST information of encrypting module 113 and submit to authentication APP servers 2, solicited message includes the use after encryption The unique mark of name in an account book, password, mobile device sequence number and the movement APP1 application.
Step S103:Authentication APP servers 2 call the decoding request information of deciphering module 114, by authentication Whether the checking of APP databases 3 user name, password are correct, record the relevant information of this login after being verified, including log in User name, time, mobile device sequence number, unique mark of mobile APP1 applications etc..Meanwhile, authentication APP databases 3 are given birth to Into this corresponding dynamic key pair of access, such as public key (keyX.pub) and private key (keyX.pri) file of keyX, minute book Secondary login and the corresponding relation of the dynamic key pair, and by user name inquire about user essential information (as address name, belonging to Department etc.), finally by dynamic key to, user basic information, together with the successful result of this certification, by authentication APP servers 2 return to authentication APP and apply 1.
Step S104:Authentication APP receives the successful result of certification using 1 login module 111, calls token Generation module 121, to user basic information, mobile device sequence number, present system time, customized token time-out time with And the public key (keyX.pub) and authentication APP of dynamic key are generated by token and calculated using 1 private key (such as key0.pri) Method generates this authentication token (Token) 10.
Step S105:Be written to token (Token) 10 in its internal memory again using 1 by authentication APP, while by the token Information encapsulation returns to mobile APP1 and applies 4 into the result (transaction token Token1) of this certification.
Step S106:Mobile APP1 receives authentication APP and is made using 1 transaction for returning using 4 login module 41 After board Token1, the mobile APP1 servers 5 that transaction token Token1 submits to backstage are parsed.
Step S107:After mobile APP1 servers 5 receive the analysis request of transaction token Token1, due to transaction token Token1 has used dynamic key encryption, therefore needs to be decrypted to the application dynamic key of authentication APP servers 2.Meanwhile, In order to ensure the legitimacy of mobile APP1 servers 5, therefore the private key file generated when needing to use its APP to register is (such as Key1.pri) token request is encrypted, submitting to authentication APP servers 2 in the lump together with its APP marks moves The legal identity certification of APP1 servers 5.
Step S108:The legal identity certification that authentication APP servers 2 receive the mobile submission of APP1 servers 5 please After asking, the mobile APP1 obtained in request is identified and is called deciphering module 114, by its public key key1.pub to the friendship after encryption Easy token Token1 is decrypted.After decryption passes through, then it is assumed that the identity of mobile APP1 servers 5 is legal, authentication APP clothes Business device 2 returns to the dynamic key keyX.pri of transaction token Token1 to mobile APP1 servers 5.
Step S109:Mobile APP1 servers 5 receive the dynamic key of the return of authentication APP servers 2 After keyX.pri, the sign test and decryption method of certification public module 43 are called to former token, first use the public key of authentication APP The sign test that key0.pub is signed, reuses dynamic key keyX.pri and is decrypted, so as to get this sign-on access User basic information.Meanwhile, this is recorded by mobile APP1 databases 6 and logs in log information, and inquire about the login user Relative role authority, mobile APP1 is returned to by mobile APP1 servers 5 and applies 4.
Step S110:Mobile APP1 contains user using what 4 login module 41 received that mobile APP1 servers 5 return After the authentication success message of role-security, then this login authentication, and the user basic information displaying in request are completed Main interface after correspondence login.
Fig. 8 is another embodiment flow chart of identity identifying method of the present invention, and the flow to the embodiment is detailed below Explanation.
Step S201:User accesses certain movement APP2 and applies 7 on the mobile apparatus, and the login module of the application is by calling Logging request is submitted to identity by authentication APP using the certification public module of the 1 standard login authentication interface encapsulation for providing Certification APP applies 1 login authentication module 111, and solicited message is simultaneously including the unique mark of APP2 applications.
Step S202:Authentication APP, by calling token parsing module 124, is examined using 1 login authentication module 111 Measure the existing successful token of login authentication (Token) 10 in internal memory, then by token Information encapsulation into this certification treatment As a result (transaction token Token2) returns to mobile APP2 and applies 7.
Step S203:Mobile APP2 receives authentication APP using 1 transaction token for returning using 7 login module After Token2, the mobile APP2 servers 8 that transaction token Token2 submits to backstage are parsed.
Step S204:After mobile APP2 servers 8 receive the analysis request of transaction token Token2, due to transaction token Token2 has used dynamic key encryption, therefore needs to be decrypted to the application dynamic key of authentication APP servers 2.Meanwhile, In order to ensure the legitimacy of mobile APP2 servers 8, therefore the private key file generated when needing to use its APP to register is (such as Key2.pri) token request is encrypted, submitting to authentication APP servers 2 in the lump together with its APP marks moves The legal identity certification of APP2 servers 8.
Step S205:The legal identity certification that authentication APP servers 2 receive the mobile submission of APP2 servers 8 please After asking, the mobile APP obtained in request is identified and is called deciphering module 114, by its public key key2.pub to the friendship after encryption Easy token Token2 is decrypted.After decryption passes through, then it is assumed that the identity of mobile APP2 servers 8 is legal.Meanwhile, authentication APP servers 2 call token parsing module 124 to parse transaction token Token2, obtain the login user letter of the token Breath.
Step S206:Authentication APP servers 2 record the phase of this logging request by authentication APP databases 3 Pass information, including the unique mark of the user name, time, mobile device sequence number and the APP2 that log in etc., while being recognized by identity Card APP servers 2 return to the dynamic key keyX.pri of former token to mobile APP2 servers 8.
Step S207:Mobile APP2 servers 8 receive the dynamic key of the return of authentication APP servers 2 After keyX.pri, the sign test and decryption method of certification public module are called to former token, first use the public key of authentication APP The sign test that key0.pub is signed, reuses dynamic key keyX.pri and is decrypted, so as to get this sign-on access User basic information.Meanwhile, this is recorded by mobile APP2 databases 9 and logs in log information, and inquire about the login user Relative role authority, mobile APP2 is returned to by mobile APP2 servers 8 and applies 7.
Step S208:Mobile APP2 contains user angle using what 7 login module received that mobile APP2 servers 8 return After the authentication success message of color authority, then this login authentication is completed, and user basic information displaying in request is right Main interface after should logging in.
Fig. 9 is another embodiment flow chart of identity identifying method of the present invention, and the flow to the embodiment is detailed below Explanation.
Step S301:User has logged in certain movement APP1 on mobile device and has applied 4, clicks on switching user function, should Login module 41 is by calling authentication APP using the public mould of certification of the 1 standard login authentication interface encapsulation for providing Block 43, will switch user's request and submits to the login authentication module 111 that authentication APP is using 1, and solicited message includes simultaneously should The unique mark and switching user's operation mark of mobile APP1 applications.
Step S302:Authentication APP, by calling token parsing module 124, is examined using 1 login authentication module 111 The existing successful token of login authentication (Token) 10 in internal memory is measured, then returns to testing result to login authentication module 111, And identified using the switching user's request given on 4 according to mobile APP1 by it and represent unified login interface.User is at this interface Input username and password is clicked on after submitting to, and login authentication module 111 is called the CIPHERING REQUEST information of encrypting module 113 and submitted to Authentication APP servers 2, solicited message includes the user name after encryption, password, switching user operation mark, mobile device Sequence number and the unique mark of movement APP1 applications.
Step S303:Authentication APP servers 2 call the decoding request information of deciphering module 114, by authentication Whether the checking of APP databases 3 user name, password are correct, according to switching user's operation mark after being verified, update this login Relevant information, including user name, time, mobile device sequence number and unique mark of mobile APP1 applications for logging in etc..Together When, authentication APP databases 3 regenerate this and access corresponding dynamic key pair, such as public key (keyY.pub) of keyY With private key (keyY.pri) file, the corresponding relation of this login and the dynamic key pair is recorded, and use is inquired about by user name The essential information (such as address name, affiliated function) at family, finally cuts dynamic key to, user basic information together with this The successful result of user log-in authentication is changed, returning to authentication APP by authentication APP servers 2 applies 1.
Step S304:Authentication APP receives the successful result of certification using 1 login module 111, calls token Generation module 121, to user basic information, mobile device sequence number, present system time, customized token time-out time with And the public key (keyY.pub) and authentication APP of dynamic key are generated by token and calculated using 1 private key (such as key0.pri) Method generates this authentication token (Token) 10.
Step S305:Be written to token (Token) 10 in its internal memory again using 1 by authentication APP, while by the token Information encapsulation returns to mobile APP1 and applies 4 into the result (transaction token Token1) of this certification.
Step S306:Mobile APP1 receives authentication APP and is made using 1 transaction for returning using 4 login module 41 After board Token1, the mobile APP1 servers 5 that transaction token Token1 submits to backstage are parsed.Step S307:It is mobile After APP1 servers 5 receive the analysis request of transaction token Token1, because transaction token Token1 has used dynamic key Encryption, therefore need to be decrypted to the application dynamic key of authentication APP servers 2.Meanwhile, in order to ensure mobile APP1 services The legitimacy of device 5, therefore the private key file (such as key1.pri) generated when needing to use its APP to register is added to token request It is close, the legal identity that authentication APP servers 2 move APP1 servers 5 is submitted in the lump together with its APP marks recognizes Card.
Step S308:The legal identity certification that authentication APP servers 2 receive the mobile submission of APP1 servers 5 please After asking, the mobile APP obtained in request is identified and is called deciphering module 114, by its public key key1.pub to the friendship after encryption Easy token Token1 is decrypted.After decryption passes through, then it is assumed that the identity of mobile APP1 servers 5 is legal, authentication APP clothes Business device 2 returns to the dynamic key keyY.pri of transaction token Token1 to mobile APP1 servers 5.
Step S309:Mobile APP1 servers 5 receive the dynamic key of the return of authentication APP servers 2 After keyY.pri, the sign test method of certification public module 43 is called to former token, first use the public key of authentication APP The sign test that key0.pub is signed, reuses dynamic key keyY.pri and is decrypted, so as to get this sign-on access User basic information.Meanwhile, this is recorded by mobile APP1 databases 6 and logs in log information, and inquire about the login user Relative role authority, mobile APP1 is returned to by mobile APP1 servers 5 and applies 4.
Step S310:Mobile APP1 contains user using what 4 login module 41 received that mobile APP1 servers 5 return After the authentication success message of role-security, then the login authentication of this switching user, and the user's base in request are completed Main interface after the displaying correspondence login of this information.
Figure 10 is another embodiment flow chart of identity identifying method of the present invention, and the flow to the embodiment is detailed below Explanation.
Step S401:User has logged in certain movement APP2 on mobile device and has applied 7, and current account number is actively exited in click Function, the module that exits of the application exits the certification that management interface is encapsulated by calling authentication APP using 1 standard for providing Public module, exits active request and submits to authentication APP and exit management module 112 using 1, and solicited message wraps simultaneously Include the unique mark of movement APP2 applications.Operate for common closing APP, without calling authentication APP to be moved back using 1 Go out management interface.
Step S402:Authentication APP exits management module 112 by calling token parsing module 124 using 1, examines The existing successful token of login authentication (Token) 10 in internal memory is measured, then return testing result is exited management module 112, And will move out request and submit to authentication APP servers 2, solicited message includes that mobile device sequence number and the APP2's is unique Mark.
Step S403:Authentication APP servers 2 receive submission exit request after, by authentication APP data Storehouse 3 empties the associated login information of the former record of the mobile device, including dynamic key information and corresponding with login user Relation information, and record user and exit Operation Log, return to result.
Step S404:Authentication APP receives authentication APP servers 2 and returns using 1 management module 112 that exits Return exit request result after, the token information in internal memory is destroyed by calling token to destroy module 123, and return The result for backing out request applies 7 to mobile APP2.
Step S405:Mobile APP2 receives authentication APP and exits request using 1 and be processed into using 7 module that exits After the result of work(, result is transmitted to mobile APP2 servers 8.
Step S406:Mobile APP2 servers 8 are received and exit successful result information, are remembered by mobile APP2 databases 9 Record this and exit log information, and return to this result for exiting and apply 7 to mobile APP2.
Step S407:Mobile APP2 using 7 receive that mobile APP2 servers 8 return exit result after, close Mobile APP2 applications, complete this and exit operation.
The present invention provides a kind of mobile terminal authentication system and method, and multiple APP are applied and recognized using unified identity Card mode, realizes the shared of certification user profile, once logs in repeatedly effectively.In certification link, using key encryption and numeral Signature technology generation on-fixed length, unique, anti-tamper token, and moving that anti-counterfeiting is asked is used in ciphering process State key, further lifts the security of certification link.Meanwhile, in authentication server background data base, remembered by unified Record logging request relevant information, realizes the control of multiple devices repeat logon.
Invention overcomes many APP application identities certification of existing mobile terminal in ease for use, security and safeguards the side such as convenience A kind of some problems in face, it is proposed that mobile terminal authentication system and method, realize the unified identity authentication of mobile terminal.Separately Outward, key medium is used, by key encrypted and digitally signed technology, the token information in generation authentication procedures is lifted whole The security of individual certification link, and improve convenience and experience effect that mobile terminal is used.
The invention provides a kind of identity identifying method of mobile terminal, improve the existing identity for being applied to mobile network and recognize Card mode, token is generated with reference to digital-scrambling techniques, overcomes unsafe problem present in verification process, is mainly had as follows Several respects effect and advantage:
1st, by the identity authorization system of present invention design, by the user profile and facility environment in login process with token Form store, it is instant that checking is read in verification process, reduce the link that user repeatedly inputs username and password, Lift the ease for use of user login operation.
2nd, by the identity authorization system of present invention design, realize the login authentication of enterprises standard and exit and connect Mouthful, normalization and convenience that lifting subsequent upgrade is safeguarded save the input of human cost.
3rd, by the identity authorization system of present invention design, effectively prevent authentication information and be stolen and certificate server quilt The problem of imitation., using certain key enciphering and deciphering algorithm and digital signature technology, can be protected according to certification request information each time The authentication of the integrality, requesting party of identification card request message transmission, the denial generation prevented in transaction.
By the identity authorization system of present invention design, the characteristics of record to authentication information using background data base, realize The problem of the certification link difference anti-repeat logon of mobile device, it is possible to counted in real time to user and device authentication situation And analysis.
It should be understood by those skilled in the art that, embodiments of the invention can be provided as method, system or computer program Product.Therefore, the present invention can be using the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware Apply the form of example.And, the present invention can be used and wherein include the computer of computer usable program code at one or more The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) is produced The form of product.
The present invention is the flow with reference to method according to embodiments of the present invention, equipment (system) and computer program product Figure and/or block diagram are described.It should be understood that every first-class during flow chart and/or block diagram can be realized by computer program instructions The combination of flow and/or square frame in journey and/or square frame and flow chart and/or block diagram.These computer programs can be provided The processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce A raw machine so that produced for reality by the instruction of computer or the computing device of other programmable data processing devices The device of the function of being specified in present one flow of flow chart or multiple one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions may be alternatively stored in can guide computer or other programmable data processing devices with spy In determining the computer-readable memory that mode works so that instruction of the storage in the computer-readable memory is produced and include finger Make the manufacture of device, the command device realize in one flow of flow chart or multiple one square frame of flow and/or block diagram or The function of being specified in multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that in meter Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented treatment, so as in computer or The instruction performed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one The step of function of being specified in individual square frame or multiple square frames.
Apply specific embodiment in the present invention to be set forth principle of the invention and implementation method, above example Explanation be only intended to help and understand the method for the present invention and its core concept;Simultaneously for those of ordinary skill in the art, According to thought of the invention, will change in specific embodiments and applications, in sum, in this specification Appearance should not be construed as limiting the invention.

Claims (15)

1. a kind of mobile terminal login authentication method, for carrying out login authentication to the APP on mobile terminal, it is characterised in that Described method includes:
Receive the logging request of APP;
The transaction token including user login information of mobile terminal storage is obtained according to the logging request and is sent to APP clothes Business device;
Receive the dynamic key application request of the APP servers and safety verification is carried out to by institute to the APP servers The APP servers for stating safety verification send token dynamic key;
APP servers parse the transaction token and obtain user login information and by the user according to the token dynamic key Log-on message sends to APP and completes login authentication.
2. mobile terminal login authentication method as claimed in claim 1, it is characterised in that the logging request includes:APP should With unique mark, the APP applications unique mark is the key title of APP applications.
3. mobile terminal login authentication method as claimed in claim 2, it is characterised in that the user login information includes: User name, password, login time, the mobile device sequence number stored when logining successfully.
4. mobile terminal login authentication method as claimed in claim 3, it is characterised in that described to be obtained according to the logging request Taking the transaction token including user login information of mobile terminal storage and sending to APP servers includes:
Judge whether mobile terminal stores the transaction token including user login information;
Determine the transaction token including user login information that is stored with the mobile terminal, by the transaction token send to APP servers.
5. mobile terminal login authentication method as claimed in claim 3, it is characterised in that described to be obtained according to the logging request Taking the transaction token including user login information of mobile terminal storage and sending to APP servers also includes:
When determining there is no store transaction token in the mobile terminal, user name, the password of user input are verified;
This login corresponding dynamic key pair of generation correspondence when the user name of checking user input, password are correct;
Transaction token is generated according to dynamic key pair and user login information by token generating algorithm;
The transaction token is stored to mobile terminal internal memory.
6. the mobile terminal login authentication method as described in claim 1 or 5, it is characterised in that the described reception APP clothes The dynamic key application request of business device simultaneously carries out safety verification to the APP servers to the APP clothes by the safety verification Business device sends token dynamic key to be included:
Obtain the APP application unique marks in the dynamic key application request of APP servers;
The public key of APP is determined according to the APP applications unique mark;
Dynamic key application request is decrypted using the public key of the APP for determining, decryption determines that APP servers pass through after passing through Safety verification;
Token dynamic key is sent to the APP servers by the safety verification.
7. mobile terminal login authentication method as claimed in claim 6, it is characterised in that described method also includes:
APP applications on to mobile terminal are registered, and generate and store the key information of APP applications, the key information Including:Public key, private key, and key name is referred to as the unique mark of APP applications.
8. a kind of mobile terminal accession authorization system, for carrying out login authentication to the APP on mobile terminal, its feature exists In described system includes:Identification authentication system and authentication server;Wherein,
Described identification authentication system includes:
Logging request receiver module, the logging request for receiving APP;
Token acquisition module, includes the transaction token of user login information and sends extremely for being obtained according to the logging request APP servers;
The authentication server includes:
APP server authentication modules, the dynamic key application for receiving the APP servers is asked and the APP is serviced Device carries out safety verification;
Token key sending module, token dynamic key is sent to the APP servers by the safety verification;
APP servers parse the transaction token and obtain user login information and by the user according to the token dynamic key Log-on message sends to APP and completes login authentication.
9. mobile terminal accession authorization system as claimed in claim 8, it is characterised in that the logging request includes:APP should With unique mark, the APP applications unique mark is the key title of APP applications.
10. mobile terminal accession authorization system as claimed in claim 9, it is characterised in that the user login information includes: User name, password, login time, the mobile device sequence number stored when logining successfully.
11. mobile terminal accession authorization systems as claimed in claim 10, it is characterised in that the token acquisition module bag Include:
Judging unit, for judging whether mobile terminal stores the transaction token including user login information;
Transmitting element, determines the transaction token including user login information that is stored with the mobile terminal, and the transaction is made Board is sent to APP servers.
12. mobile terminal accession authorization systems as claimed in claim 10, it is characterised in that the token acquisition module is also wrapped Include:
Password authentication unit, when determining there is no store transaction token in the mobile terminal, for the user name to user input, Password is verified;
Key is corresponding for generating corresponding this login when verifying that the user name of user input, password are correct to generation unit Dynamic key pair;
Token generation unit, for generating transaction order according to dynamic key pair and user login information by token generating algorithm Board, and the transaction token is stored to mobile terminal internal memory.
The 13. mobile terminal accession authorization system as described in claim 8 or 12, it is characterised in that described APP servers are tested Card module includes:
Mark acquiring unit, for the APP application unique marks in the dynamic key application request for obtaining APP servers;
Public key determining unit, the public key for determining APP according to the APP applications unique mark;
Decryption unit, is decrypted using the public key of the APP for determining to dynamic key application request, and decryption determines APP after passing through Server passes through safety verification.
14. mobile terminal accession authorization systems as claimed in claim 13, it is characterised in that described identification authentication system is also Including:
Registering modules, for being registered to the APP applications on mobile terminal, the key information of generation APP applications, the key Information includes:Public key, private key, and key name is referred to as the unique mark of APP applications.
15. mobile terminal accession authorization systems as claimed in claim 14, it is characterised in that described states identity authentication service Device also includes:
Memory module, the key information of the APP applications for storing registration.
CN201710229518.6A 2017-04-10 2017-04-10 A kind of mobile terminal login authentication method and system Active CN106850699B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710229518.6A CN106850699B (en) 2017-04-10 2017-04-10 A kind of mobile terminal login authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710229518.6A CN106850699B (en) 2017-04-10 2017-04-10 A kind of mobile terminal login authentication method and system

Publications (2)

Publication Number Publication Date
CN106850699A true CN106850699A (en) 2017-06-13
CN106850699B CN106850699B (en) 2019-11-29

Family

ID=59148085

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710229518.6A Active CN106850699B (en) 2017-04-10 2017-04-10 A kind of mobile terminal login authentication method and system

Country Status (1)

Country Link
CN (1) CN106850699B (en)

Cited By (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108200089A (en) * 2018-02-07 2018-06-22 腾讯云计算(北京)有限责任公司 Implementation method, device, system and the storage medium of information security
CN108495309A (en) * 2018-02-06 2018-09-04 咪咕文化科技有限公司 Method, electronic equipment and the storage medium of information processing
CN108809988A (en) * 2018-06-14 2018-11-13 北京中电普华信息技术有限公司 A kind of authentication method and system of request
CN109286649A (en) * 2017-07-19 2019-01-29 现代自动车株式会社 Vehicular system and its control method
CN109302422A (en) * 2018-11-22 2019-02-01 北京顺丰同城科技有限公司 A kind of method, mobile terminal, electronic equipment and storage medium logging in mobile application
CN110035033A (en) * 2018-01-11 2019-07-19 华为技术有限公司 Cryptographic key distribution method, apparatus and system
CN110032855A (en) * 2019-02-28 2019-07-19 招银云创(深圳)信息技术有限公司 Login method, device, computer equipment and the storage medium of application
CN110234116A (en) * 2019-06-24 2019-09-13 飞天诚信科技股份有限公司 A kind of safety certifying method and system
CN110362984A (en) * 2019-06-28 2019-10-22 北京思源互联科技有限公司 Method and device for operating service system by multiple devices
CN110381021A (en) * 2019-06-13 2019-10-25 视联动力信息技术股份有限公司 A kind of method, apparatus, electronic equipment and the storage medium of anti-rogue attacks
CN110417730A (en) * 2019-06-17 2019-11-05 平安科技(深圳)有限公司 The unified access method and relevant device of multiple utility program
CN110460588A (en) * 2018-05-31 2019-11-15 腾讯科技(深圳)有限公司 Realize method, apparatus, the computer system and storage medium of Information Authentication
CN110536118A (en) * 2019-09-06 2019-12-03 腾讯科技(深圳)有限公司 A kind of data capture method, device and computer storage medium
CN110868301A (en) * 2019-11-07 2020-03-06 浪潮软件股份有限公司 Identity authentication system and method based on state cryptographic algorithm
CN111143816A (en) * 2018-11-05 2020-05-12 纬创资通股份有限公司 Verification and authorization method and verification server
CN111162908A (en) * 2019-12-11 2020-05-15 深圳供电局有限公司 Key solar power transmission line field operation method and system
CN111176710A (en) * 2019-12-30 2020-05-19 宁波视睿迪光电有限公司 Operation method of terminal software management system and terminal software management system
CN111212427A (en) * 2020-01-14 2020-05-29 陈良准 Application APP account login management system based on mobile terminal
CN111241499A (en) * 2020-01-07 2020-06-05 腾讯科技(深圳)有限公司 Application program login method, device, terminal and storage medium
CN111242248A (en) * 2018-11-09 2020-06-05 中移(杭州)信息技术有限公司 Personnel information monitoring method and device and computer storage medium
CN111630811A (en) * 2017-10-19 2020-09-04 奥特海威公司 System and method for generating and registering secret key for multipoint authentication
CN112003706A (en) * 2020-08-24 2020-11-27 北京字节跳动网络技术有限公司 Signature method and device, computer equipment and storage medium
CN112016918A (en) * 2019-05-30 2020-12-01 小米数字科技有限公司 Signature writing method, signature verification device and storage medium
CN112491787A (en) * 2020-10-18 2021-03-12 苏州浪潮智能科技有限公司 Method and equipment for safety management of user data
CN112751800A (en) * 2019-10-29 2021-05-04 杭州海康威视系统技术有限公司 Authentication method and device
CN113067827A (en) * 2021-03-25 2021-07-02 中国工商银行股份有限公司 System unification authentication method and device
CN113452782A (en) * 2021-06-28 2021-09-28 烽火通信科技股份有限公司 Upgrading method and device under mesh networking
CN113824691A (en) * 2021-08-25 2021-12-21 浪潮软件股份有限公司 Method for implementing silent login strategy applied by mobile terminal third party H5
CN113872983A (en) * 2021-10-13 2021-12-31 苏州兆晶智能科技有限公司 Block chain chip identity authentication system and authentication method thereof
CN113868625A (en) * 2021-09-29 2021-12-31 商派软件有限公司 Identity authentication method and system
CN113949566A (en) * 2021-10-15 2022-01-18 工银科技有限公司 Resource access method, device, electronic equipment and medium
CN114244627A (en) * 2022-01-04 2022-03-25 上海华申智能卡应用系统有限公司 Authorization method and system
CN114710281A (en) * 2022-04-24 2022-07-05 中国工商银行股份有限公司 Method and device for quitting Internet banking system
CN114866247A (en) * 2022-04-18 2022-08-05 杭州海康威视数字技术股份有限公司 Communication method, device, system, terminal and server
CN114900344A (en) * 2022-04-26 2022-08-12 四川智能建造科技股份有限公司 Identity authentication method, system, terminal and computer readable storage medium
CN115174236A (en) * 2022-07-08 2022-10-11 上海百家云科技有限公司 Authentication method, authentication device, electronic equipment and storage medium
CN115860037A (en) * 2023-02-24 2023-03-28 中国(上海)宝玉石交易中心有限公司 Anti-counterfeiting method, anti-counterfeiting system and anti-counterfeiting component for gemstones and jades
US11836706B2 (en) * 2012-04-16 2023-12-05 Sticky.Io, Inc. Systems and methods for facilitating a transaction using a virtual card on a mobile device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103139163A (en) * 2011-11-29 2013-06-05 阿里巴巴集团控股有限公司 Data access method, server and terminal
CN104767731A (en) * 2015-03-12 2015-07-08 江苏中天科技软件技术有限公司 Identity authentication protection method of Restful mobile transaction system
WO2015193105A1 (en) * 2014-06-20 2015-12-23 Gemalto Sa Method to manage modification of encryption credentials
CN105577691A (en) * 2016-02-03 2016-05-11 飞天诚信科技股份有限公司 Security access method and server
CN105721502A (en) * 2016-04-11 2016-06-29 上海上实龙创智慧能源科技股份有限公司 Authorized access method for browser client and server
US20160259936A1 (en) * 2015-03-05 2016-09-08 Ricoh Co., Ltd. Broker-Based Authentication System Architecture and Design
CN106161348A (en) * 2015-03-30 2016-11-23 中兴通讯股份有限公司 A kind of method of single-sign-on, system and terminal
CN106209749A (en) * 2015-05-08 2016-12-07 阿里巴巴集团控股有限公司 Single-point logging method and the processing method and processing device of device, relevant device and application

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103139163A (en) * 2011-11-29 2013-06-05 阿里巴巴集团控股有限公司 Data access method, server and terminal
WO2015193105A1 (en) * 2014-06-20 2015-12-23 Gemalto Sa Method to manage modification of encryption credentials
US20160259936A1 (en) * 2015-03-05 2016-09-08 Ricoh Co., Ltd. Broker-Based Authentication System Architecture and Design
CN104767731A (en) * 2015-03-12 2015-07-08 江苏中天科技软件技术有限公司 Identity authentication protection method of Restful mobile transaction system
CN106161348A (en) * 2015-03-30 2016-11-23 中兴通讯股份有限公司 A kind of method of single-sign-on, system and terminal
CN106209749A (en) * 2015-05-08 2016-12-07 阿里巴巴集团控股有限公司 Single-point logging method and the processing method and processing device of device, relevant device and application
CN105577691A (en) * 2016-02-03 2016-05-11 飞天诚信科技股份有限公司 Security access method and server
CN105721502A (en) * 2016-04-11 2016-06-29 上海上实龙创智慧能源科技股份有限公司 Authorized access method for browser client and server

Cited By (49)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11836706B2 (en) * 2012-04-16 2023-12-05 Sticky.Io, Inc. Systems and methods for facilitating a transaction using a virtual card on a mobile device
CN109286649A (en) * 2017-07-19 2019-01-29 现代自动车株式会社 Vehicular system and its control method
CN111630811A (en) * 2017-10-19 2020-09-04 奥特海威公司 System and method for generating and registering secret key for multipoint authentication
US11588626B2 (en) 2018-01-11 2023-02-21 Huawei Technologies Co., Ltd. Key distribution method and system, and apparatus
CN110035033A (en) * 2018-01-11 2019-07-19 华为技术有限公司 Cryptographic key distribution method, apparatus and system
CN108495309A (en) * 2018-02-06 2018-09-04 咪咕文化科技有限公司 Method, electronic equipment and the storage medium of information processing
CN108200089A (en) * 2018-02-07 2018-06-22 腾讯云计算(北京)有限责任公司 Implementation method, device, system and the storage medium of information security
CN108200089B (en) * 2018-02-07 2022-06-07 腾讯云计算(北京)有限责任公司 Method, device and system for realizing information security and storage medium
CN110460588B (en) * 2018-05-31 2022-11-22 腾讯科技(深圳)有限公司 Method, device, computer system and storage medium for realizing information verification
CN110460588A (en) * 2018-05-31 2019-11-15 腾讯科技(深圳)有限公司 Realize method, apparatus, the computer system and storage medium of Information Authentication
CN108809988A (en) * 2018-06-14 2018-11-13 北京中电普华信息技术有限公司 A kind of authentication method and system of request
CN111143816A (en) * 2018-11-05 2020-05-12 纬创资通股份有限公司 Verification and authorization method and verification server
CN111242248A (en) * 2018-11-09 2020-06-05 中移(杭州)信息技术有限公司 Personnel information monitoring method and device and computer storage medium
CN111242248B (en) * 2018-11-09 2023-07-21 中移(杭州)信息技术有限公司 Personnel information monitoring method, device and computer storage medium
CN109302422B (en) * 2018-11-22 2022-02-25 北京顺丰同城科技有限公司 Method for logging in mobile application, mobile terminal, electronic equipment, system and storage medium
CN109302422A (en) * 2018-11-22 2019-02-01 北京顺丰同城科技有限公司 A kind of method, mobile terminal, electronic equipment and storage medium logging in mobile application
CN110032855A (en) * 2019-02-28 2019-07-19 招银云创(深圳)信息技术有限公司 Login method, device, computer equipment and the storage medium of application
CN112016918A (en) * 2019-05-30 2020-12-01 小米数字科技有限公司 Signature writing method, signature verification device and storage medium
CN110381021A (en) * 2019-06-13 2019-10-25 视联动力信息技术股份有限公司 A kind of method, apparatus, electronic equipment and the storage medium of anti-rogue attacks
CN110417730A (en) * 2019-06-17 2019-11-05 平安科技(深圳)有限公司 The unified access method and relevant device of multiple utility program
CN110417730B (en) * 2019-06-17 2022-07-19 平安科技(深圳)有限公司 Unified access method of multiple application programs and related equipment
CN110234116A (en) * 2019-06-24 2019-09-13 飞天诚信科技股份有限公司 A kind of safety certifying method and system
CN110234116B (en) * 2019-06-24 2021-11-02 飞天诚信科技股份有限公司 Security authentication method and system
CN110362984A (en) * 2019-06-28 2019-10-22 北京思源互联科技有限公司 Method and device for operating service system by multiple devices
CN110536118A (en) * 2019-09-06 2019-12-03 腾讯科技(深圳)有限公司 A kind of data capture method, device and computer storage medium
CN112751800B (en) * 2019-10-29 2023-11-24 杭州海康威视系统技术有限公司 Authentication method and device
CN112751800A (en) * 2019-10-29 2021-05-04 杭州海康威视系统技术有限公司 Authentication method and device
CN110868301A (en) * 2019-11-07 2020-03-06 浪潮软件股份有限公司 Identity authentication system and method based on state cryptographic algorithm
CN111162908A (en) * 2019-12-11 2020-05-15 深圳供电局有限公司 Key solar power transmission line field operation method and system
CN111176710A (en) * 2019-12-30 2020-05-19 宁波视睿迪光电有限公司 Operation method of terminal software management system and terminal software management system
CN111176710B (en) * 2019-12-30 2023-10-03 宁波视睿迪光电有限公司 Operation method of terminal software management system and terminal software management system
CN111241499A (en) * 2020-01-07 2020-06-05 腾讯科技(深圳)有限公司 Application program login method, device, terminal and storage medium
CN111212427A (en) * 2020-01-14 2020-05-29 陈良准 Application APP account login management system based on mobile terminal
CN112003706A (en) * 2020-08-24 2020-11-27 北京字节跳动网络技术有限公司 Signature method and device, computer equipment and storage medium
CN112491787A (en) * 2020-10-18 2021-03-12 苏州浪潮智能科技有限公司 Method and equipment for safety management of user data
CN112491787B (en) * 2020-10-18 2022-12-27 苏州浪潮智能科技有限公司 Method and equipment for safety management of user data
CN113067827A (en) * 2021-03-25 2021-07-02 中国工商银行股份有限公司 System unification authentication method and device
CN113452782A (en) * 2021-06-28 2021-09-28 烽火通信科技股份有限公司 Upgrading method and device under mesh networking
CN113824691A (en) * 2021-08-25 2021-12-21 浪潮软件股份有限公司 Method for implementing silent login strategy applied by mobile terminal third party H5
CN113868625A (en) * 2021-09-29 2021-12-31 商派软件有限公司 Identity authentication method and system
CN113872983A (en) * 2021-10-13 2021-12-31 苏州兆晶智能科技有限公司 Block chain chip identity authentication system and authentication method thereof
CN113949566A (en) * 2021-10-15 2022-01-18 工银科技有限公司 Resource access method, device, electronic equipment and medium
CN114244627B (en) * 2022-01-04 2023-12-26 上海华申智能卡应用系统有限公司 Authorization method and system
CN114244627A (en) * 2022-01-04 2022-03-25 上海华申智能卡应用系统有限公司 Authorization method and system
CN114866247A (en) * 2022-04-18 2022-08-05 杭州海康威视数字技术股份有限公司 Communication method, device, system, terminal and server
CN114710281A (en) * 2022-04-24 2022-07-05 中国工商银行股份有限公司 Method and device for quitting Internet banking system
CN114900344A (en) * 2022-04-26 2022-08-12 四川智能建造科技股份有限公司 Identity authentication method, system, terminal and computer readable storage medium
CN115174236A (en) * 2022-07-08 2022-10-11 上海百家云科技有限公司 Authentication method, authentication device, electronic equipment and storage medium
CN115860037A (en) * 2023-02-24 2023-03-28 中国(上海)宝玉石交易中心有限公司 Anti-counterfeiting method, anti-counterfeiting system and anti-counterfeiting component for gemstones and jades

Also Published As

Publication number Publication date
CN106850699B (en) 2019-11-29

Similar Documents

Publication Publication Date Title
CN106850699B (en) A kind of mobile terminal login authentication method and system
CN106899570B (en) The processing method of two dimensional code, apparatus and system
CN103795692B (en) Open authorization method, system and certification authority server
CN101414909B (en) System, method and mobile communication terminal for verifying network application user identification
CN105103488B (en) By the policy Enforcement of associated data
CN103685138B (en) The authentication method of the Android platform application software that mobile interchange is online and system
CN109347799B (en) A kind of identity information management method and system based on block chain technology
CN103107996B (en) Digital certificate download online method and system, digital certificate are provided platform
CN105554004B (en) The Verification System and method of container service in a kind of mixing cloud computing environment
CN106304074B (en) Auth method and system towards mobile subscriber
CN110324276A (en) A kind of method, system, terminal and electronic equipment logging in application
CN112953970B (en) Identity authentication method and identity authentication system
JP2018532301A (en) User authentication method and apparatus
CN103036681B (en) A kind of password safety keyboard device and system
CN110535648A (en) Electronic certificate is generated and verified and key controlling method, device, system and medium
CN107294916A (en) Single-point logging method, single-sign-on terminal and single-node login system
US20030135734A1 (en) Secure mutual authentication system
CN110401629A (en) A kind of method and relevant apparatus of activation authorization
CN105681340A (en) Digital certificate use method and apparatus
CN109815659A (en) Safety certifying method, device, electronic equipment and storage medium based on WEB project
CN110365684A (en) Access control method, device and the electronic equipment of application cluster
CN113515756B (en) High-credibility digital identity management method and system based on block chain
CN106936588A (en) A kind of trustship method, the apparatus and system of hardware controls lock
CN113364597A (en) Privacy information proving method and system based on block chain
CN113487321A (en) Identity identification and verification method and system based on block chain wallet

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20210107

Address after: 100140, 55, Fuxing Avenue, Xicheng District, Beijing

Patentee after: INDUSTRIAL AND COMMERCIAL BANK OF CHINA

Patentee after: ICBC Technology Co.,Ltd.

Address before: 100140, 55, Fuxing Avenue, Xicheng District, Beijing

Patentee before: INDUSTRIAL AND COMMERCIAL BANK OF CHINA