CN107241187A - A kind of service end data processing method verified for mobile terminal wizard-like - Google Patents
A kind of service end data processing method verified for mobile terminal wizard-like Download PDFInfo
- Publication number
- CN107241187A CN107241187A CN201710278683.0A CN201710278683A CN107241187A CN 107241187 A CN107241187 A CN 107241187A CN 201710278683 A CN201710278683 A CN 201710278683A CN 107241187 A CN107241187 A CN 107241187A
- Authority
- CN
- China
- Prior art keywords
- service end
- mobile terminal
- verified
- wizard
- data processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Abstract
The invention discloses a kind of service end data processing method verified for mobile terminal wizard-like, the process is:The business datum that service end is verified the need for being sent to mobile terminal carries out data verification;The service end is signed to the business datum being verified with service end private key, and returns to mobile terminal;Above-mentioned steps are completed in the mobile terminal guide step;The business datum of all steps for the assembling caching that the service end submits mobile terminal final step carries out sign test with public key, if whole sign tests pass through, the checking of the business datum submitted Jing Guo the service end.The service end data processing method that the present invention is verified for mobile terminal wizard-like, the characteristics of using data signature, reaches the effect verified again;Can simply and effectively it ensure under the wizard-like checking scene of mobile terminal, service end carries out the security of data processing.
Description
Technical field
Taken the present invention relates to data security arts in internet communication, more particularly to one kind when mobile terminal wizard-like is verified
Business end carries out safely and effectively data processing method.
Background technology
With the arrival in mobile Internet epoch, mobile end equipment is in explosive growth, and application of the people to mobile terminal is needed
Ask more and more, in the different software process of installation and operation, the scene of many wizard-like checkings occurs in mobile terminal.Such as
" card flow is tied up in registration ", " giving password flow for change ", " modification data process " etc., these scenes have a common ground:In guide
Formula verification process each step request in, be likely to presence service end checking needs, when all steps verify after the completion of, it is necessary to
Final step is completed to submit, and finishing service flow.
The scene of this wizard-like checking, the problem of some secure contexts being brought to system:Wizard-like verification process
Verification process only occurs for request step, does not occur practical business interaction;When submitting practical business interaction can occur for final step,
But for service end, final step and requests verification step above are separated, and the data safety in intermediate link is not
It can guarantee that.
For above-mentioned technological deficiency, in the prior art in the presence of two kinds of alternative solutions.Scheme one, service end note
The data firmly being had verified that in intermediate steps, when final step is submitted, by service end assemble before the data that had verified that, and
The data composition partial data source come up, finishing service processing are submitted with final step mobile terminal.The advantage of the program is:Clothes
The data that each step had verified that are remembered at business end, mobile terminal in final step without submitting again before authenticated data, then
The data having verified that are comparatively safe, and reason is that client is had no chance the data distorted have verified that again.But shortcoming is:(1)
Service end design is dumb, so can be right due to complete preceding Buffering Verifier data in final step, and in final step assembling
Mobile terminal wizard-like design produces very strong dependence, if the data structure of each step changes in the guide of mobile terminal,
Or the step of guide changes, service end is also required to the logic that changes;(2) because checking data buffer storage is in service end,
It is also contemplated that rollback modification problem of the client during guide;(3) after the completion of being verified due to client the step of above,
Final step may not necessarily be covered, submission business may be finally abandoned, therefore be also contemplated that the timeliness that service end verifies data buffer storage
Sex chromosome mosaicism.
Scheme two, the data of each step are remembered by mobile terminal, all steps before being assembled when final step is submitted
Data, constitute complete business datum and submit together, verified again by service end after submission, finishing service processing.This scheme
Advantage be:Service end is verified and final step processing separates logic, and service end is without data cached, independent of client
Wizard-like design.But shortcoming is:To ensure Information Security during last execution business, service end is needed to final step
The total data of submission is verified again, to ensure that data are not distorted after authenticated by client;But it is not all
Checking can verify again:Such as mobile phone identifying code is after being proved to be successful, and final step can not verify mobile phone identifying code again.
In view of the defect of above-mentioned safety problem and existing solution, the invention person is by prolonged research and in fact
Trample and obtain this creation finally.
The content of the invention
It is an object of the invention to provide a kind of service end data processing method verified for mobile terminal wizard-like, to solve
Certainly service end design is dumb in the prior art, the problem of repeated authentication.
To achieve these goals, the technical scheme is that:A kind of service end verified for mobile terminal wizard-like
Data processing method, comprises the following steps:
The business datum that service end is verified the need for being sent to mobile terminal carries out data verification;
The service end is signed to the business datum being verified with service end private key, and returns to mobile terminal;It is above-mentioned
Step is completed in the mobile terminal guide step;
The business datum of all steps for the assembling caching that the service end submits mobile terminal final step is entered with public key
Row sign test, if whole sign tests pass through, the checking of the business datum submitted by the logical service end.
Further, in the signature process of the service end, service end is signed using private key, and defines a pass
Keyword and signature value, are assembled into key-value pair, form is by key word:Keyword+signature value.
Further, the keyword, which is that service end is customized, can represent the expression formula of certain checking.
Further, the key-value pair of the service end formation is encrypted with the symmetric key of service end, forms encrypted word
Symbol string, the result and encrypted characters string are returned to according to preset format to mobile terminal.
Further, the mobile terminal is when final step is submitted, and assembles all step business datums of caching and each
The encrypted characters string that service end is returned is walked, service end is sent jointly to according to default form.
Further, the service end one by one decrypts the encrypted characters string that mobile terminal is submitted, and is reduced into after decryption default
Keyword+signature value form.
Further, the service end is searched final step mobile terminal and carried according to implication of the service end to keyword definition
Corresponding data in whole business datums of friendship, and corresponding data and signature value are carried out sign test comparison.
Further, the quantity of the key-value pair is at least one.
Compared with prior art the invention has the advantages that:The service that the present invention is verified for mobile terminal wizard-like
End data processing method, the characteristics of using data signature, reaches the effect verified again;Can simply and effectively ensure mobile terminal to
Under conduction checking scene, service end carries out the security of data processing.
On the one hand, the present invention uses data signature, only when mobile terminal final step is submitted, and completes one-time authentication, it is to avoid
Repeated authentication, saves program resource.
Another invention, data signature of the present invention can represent the expression formula of certain checking using service end is customized, check on
Key word and signature value are assembled into key-value pair, and coded format is easy, and service end has a larger design flexibility, data format it is steady
It is qualitative good.
Also, mobile terminal of the present invention submits the business datum for constituting complete, by servicing after submission together in final step
Verify that service end checking and final step separately handle logic, and service end is without data cached, independent of client again in end
Wizard-like design, with larger design flexibility.Service end is during guide, it would be desirable to which the data of checking are signed
Name, and the unified checking signature in final step, greatly save the program resource of server.
Brief description of the drawings
Fig. 1 is the schematic flow sheet for being directed to the service end data processing method that mobile terminal wizard-like is verified of the invention;
The schematic flow sheet of mobile terminal and service end both sides during Fig. 2 verifies for the mobile terminal wizard-like of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Whole description, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.
Refer to shown in Fig. 1, it is the service end data processing method verified for mobile terminal wizard-like of the invention
Schematic flow sheet;Comprise the steps:
Step a, the business datum that service end is verified the need for being sent to mobile terminal carries out data verification;
Step b, service end is signed to the business datum being verified with service end private key, and returns to mobile terminal;
Step c, the business datum public key of all steps for the assembling caching that service end submits mobile terminal final step
Sign test is carried out, if whole sign tests pass through, the business datum submitted passes through the checking of service end.
It can then trust by the above-mentioned steps c data verified, be not tampered with, without verifying again;Tested by above-mentioned
After card, then service end carries out the regular traffic processing of final step.
Specifically, above-mentioned steps b signature process is applied in the guide step of mobile terminal, in above-mentioned steps b, service
End is signed using private key, and defines a keyword, and keyword and signature value are assembled into key-value pair;Keyword is service
End is customized to represent the expression formula of certain checking;The form of the key-value pair ultimately formed is:The lattice of keyword+signature value
Formula.
Preferably, the security in order to preferably protect signed data, in above-mentioned steps b, above-mentioned key-value pair can be with
Increase key;Concrete operations are:Above-mentioned key-value pair data is encrypted with the symmetric key of service end, encrypted characters are formed
String, the result and encrypted characters string are returned to mobile terminal.
Specifically, after above-mentioned steps b, the result that mobile terminal is returned according to service end judges whether to enter next
Step, and cache the business datum in encrypted characters string and current procedures from service end.
Specifically, above-mentioned steps c occurs when the completion final step of mobile terminal guide needs to submit to service end, at this
During, if there is encryption situation, all step business datums of the mobile terminal assembling caching, and each step service end are returned
Encrypted characters string, send jointly to service end according to default form.
Accordingly, the service end one by one decrypts the encrypted characters string that mobile terminal is submitted, and is reduced into after decryption default
The form of key-value pair, the form of keyword+signature value.In the present embodiment, there is at least one guide step, each guide
Step may all need checking, and accordingly, there exist at least one key-value pair data, therefore, mobile terminal sends key-value pair to service end
Data value, sends every key-value pair data to service end according to default form, it is to avoid occur checking disorderly.
Specifically, in above-mentioned steps c, according to implication of the service end to keyword definition, final step movement is searched
Data corresponding in the whole business datums submitted are held, and corresponding data and signature value are carried out sign test comparison, if entirely
Portion's sign test passes through, according to the characteristics of data signature, can be concluded that checking of the submitted business datum Jing Guo service end, and
It is not tampered with, without verifying again.
Refer to shown in Fig. 2, mobile terminal and service end both sides are handled during it is verified for the mobile terminal wizard-like of the present invention
Schematic flow sheet, illustrates that the process is below as the sequencing of sequential:
Step S01, mobile terminal is sent to service end needs the business datum of checking in current procedures;Those skilled in the art
It is understood that the transformat of business datum be able to can also be encrypted for conventional coded format, this process.
Step C01, service end carries out data verification to the business datum of submission;
The data being verified are signed by step C02 with service end private key, and define a keyword, key
Word and signature value are assembled into key-value pair, and the key-value pair eventually formed is:The form of keyword+signature value;
Keyword, which is that service end is customized, can represent the expression formula of certain checking;For the data or data being verified
Combination, signature is signed using the private key of service end oneself.
In the present embodiment, such as the checking keyword definition of cell-phone number is " S01 ", and the checking keyword definition of name is
“S02”;Then it is proved to be successful after cell-phone number, userid+ cell-phone numbers is signed, forms a signature value.Obviously, this kind is defined
Mode has diversified forms.
Step C03, service end is encrypted above-mentioned key-value pair data with the symmetric key of service end, forms encrypted characters
String, the result and encrypted characters string are returned to mobile terminal;It will be readily appreciated that, checking keyword can with encrypted characters string
To set same form, Unified coding.
Step S02, the result returned according to service end judges whether to enter next step, and cache encrypted characters string with
And the business datum in current procedures;
Step S03, assembles all step business datums of caching, and the encrypted characters string that each step service end is returned, one
Rise and be sent to service end;
Step C04, the encrypted characters string that mobile terminal is submitted is decrypted one by one, and keyword+signature value is reduced into after decryption
Data format;
Step C05, according to implication of the service end to keyword definition, searches whole business that final step mobile terminal is submitted
Corresponding data in data, and corresponding data and signature value are carried out sign test comparison, if whole sign tests pass through, according to number
The characteristics of according to signature, checking of the submitted business datum Jing Guo service end is can be concluded that, and be not tampered with, Wu Xuzai
Secondary checking.
In the present embodiment, such as keyword is S01, then searches the userid+ mobile phones in the business datum for submitting
Number, and the corresponding signature values of S01 in userid+ cell-phone numbers and key-value pair are carried out sign test;
Step C06, carries out the regular traffic processing of final step.
So far, combined preferred embodiment shown in the drawings describes technical scheme, still, this area
Technical staff is it is easily understood that protection scope of the present invention is expressly not limited to these embodiments.Without departing from this
On the premise of the principle of invention, those skilled in the art can make equivalent change or replacement to correlation technique feature, these
Technical scheme after changing or replacing it is fallen within protection scope of the present invention.
Claims (8)
1. a kind of service end data processing method verified for mobile terminal wizard-like, it is characterised in that comprise the following steps:
The business datum that service end is verified the need for being sent to mobile terminal carries out data verification;
The service end is signed to the business datum being verified with service end private key, and returns to mobile terminal;Above-mentioned steps
Completed in the mobile terminal guide step;
The business datum of all steps for the assembling caching that the service end submits mobile terminal final step is tested with public key
Label, if whole sign tests pass through, the business datum submitted passes through the checking of the service end.
2. the service end data processing method according to claim 1 verified for mobile terminal wizard-like, it is characterised in that
In the signature process of the service end, service end is signed using private key, and defines a keyword, keyword and label
Name value is assembled into key-value pair, and form is:Keyword+signature value.
3. the service end data processing method according to claim 2 verified for mobile terminal wizard-like, it is characterised in that
The keyword, which is that service end is customized, can represent the expression formula of certain checking.
4. the service end data processing method according to claim 2 verified for mobile terminal wizard-like, it is characterised in that
The key-value pair of the service end formation is encrypted with the symmetric key of service end, encrypted characters string is formed, according to preset format
The result and encrypted characters string are returned to mobile terminal.
5. the service end data processing method according to claim 4 verified for mobile terminal wizard-like, it is characterised in that
The mobile terminal assembles the encryption that all step business datums and each step service end of caching are returned when final step is submitted
Character string, service end is sent jointly to according to default form.
6. the service end data processing method according to claim 4 verified for mobile terminal wizard-like, it is characterised in that
The service end one by one decrypts the encrypted characters string that mobile terminal is submitted, and default keyword+signature value is reduced into after decryption
Form.
7. the service end data processing method according to claim 6 verified for mobile terminal wizard-like, it is characterised in that
The service end is searched in whole business datums that final step mobile terminal is submitted according to implication of the service end to keyword definition
Corresponding data, and corresponding data and signature value are carried out sign test comparison.
8. the service end data processing side verified for mobile terminal wizard-like according to claim 2-7 any claims
Method, it is characterised in that the quantity of the key-value pair is at least one.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710278683.0A CN107241187B (en) | 2017-04-25 | 2017-04-25 | A kind of server-side data processing method for the verifying of mobile terminal wizard-like |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710278683.0A CN107241187B (en) | 2017-04-25 | 2017-04-25 | A kind of server-side data processing method for the verifying of mobile terminal wizard-like |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107241187A true CN107241187A (en) | 2017-10-10 |
CN107241187B CN107241187B (en) | 2019-11-08 |
Family
ID=59984300
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710278683.0A Active CN107241187B (en) | 2017-04-25 | 2017-04-25 | A kind of server-side data processing method for the verifying of mobile terminal wizard-like |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107241187B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111378A (en) * | 2009-12-25 | 2011-06-29 | 上海格尔软件股份有限公司 | Signature verification system |
CN104969528A (en) * | 2012-12-28 | 2015-10-07 | 诺克诺克实验公司 | Query system and method to determine authentication capabilities |
CN106452792A (en) * | 2016-11-21 | 2017-02-22 | 济南浪潮高新科技投资发展有限公司 | Data single transmission module based on digital signature integrity checking |
-
2017
- 2017-04-25 CN CN201710278683.0A patent/CN107241187B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111378A (en) * | 2009-12-25 | 2011-06-29 | 上海格尔软件股份有限公司 | Signature verification system |
CN104969528A (en) * | 2012-12-28 | 2015-10-07 | 诺克诺克实验公司 | Query system and method to determine authentication capabilities |
CN106452792A (en) * | 2016-11-21 | 2017-02-22 | 济南浪潮高新科技投资发展有限公司 | Data single transmission module based on digital signature integrity checking |
Also Published As
Publication number | Publication date |
---|---|
CN107241187B (en) | 2019-11-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11323272B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
WO2020135114A1 (en) | Method and device for authenticating identity information, and server | |
CN105850073B (en) | Information system access authentication method and device | |
CN107948204B (en) | One-key login method and system, related equipment and computer readable storage medium | |
WO2018030707A1 (en) | Authentication system and method, and user equipment, authentication server, and service server for performing same method | |
US20190305955A1 (en) | Push notification authentication | |
KR101744747B1 (en) | Mobile terminal, terminal and method for authentication using security cookie | |
CN106936790A (en) | The method that client and server end carries out two-way authentication is realized based on digital certificate | |
US20130232551A1 (en) | Method and device for anonymous entity identification | |
KR102137122B1 (en) | Security check method, device, terminal and server | |
CN111865889B (en) | Login request processing method, system, device, electronic equipment and storage medium | |
CN111756750B (en) | Secure access method, device, equipment and storage medium | |
US20220029983A1 (en) | System and method for automated customer verification | |
US20240098493A1 (en) | Identifying trusted service set identifiers for wireless networks | |
US10972465B1 (en) | Secure authentication through visual codes containing unique metadata | |
CN113536250B (en) | Token generation method, login verification method and related equipment | |
CN110690971A (en) | Data processing method and system based on USBKey | |
KR101799517B1 (en) | A authentication server and method thereof | |
CN107241187B (en) | A kind of server-side data processing method for the verifying of mobile terminal wizard-like | |
US20220086134A1 (en) | Mobile device based credential authentication | |
US20210385213A1 (en) | Device-to-device authentication method and program based on virtual authentication code | |
WO2023029476A1 (en) | Method for determining account information when user is in non-login state, and system | |
CN113591053A (en) | Method and system for identifying general mobile equipment based on biological information | |
CN106790164B (en) | L2TP password modification method and device | |
TWI694346B (en) | System and method for multiple identity authentication credentials |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PP01 | Preservation of patent right | ||
PP01 | Preservation of patent right |
Effective date of registration: 20210922 Granted publication date: 20191108 |