CN107241187B - A kind of server-side data processing method for the verifying of mobile terminal wizard-like - Google Patents
A kind of server-side data processing method for the verifying of mobile terminal wizard-like Download PDFInfo
- Publication number
- CN107241187B CN107241187B CN201710278683.0A CN201710278683A CN107241187B CN 107241187 B CN107241187 B CN 107241187B CN 201710278683 A CN201710278683 A CN 201710278683A CN 107241187 B CN107241187 B CN 107241187B
- Authority
- CN
- China
- Prior art keywords
- server
- mobile terminal
- verifying
- wizard
- data processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Abstract
The invention discloses a kind of server-side data processing method for the verifying of mobile terminal wizard-like, the processes are as follows: server-side carries out data verification to the business datum that the needs that mobile terminal is sent are verified;The server-side signs to the business datum being verified with server-side private key, and returns to mobile terminal;Above-mentioned steps are completed in the mobile terminal guide step;The business datum of all steps for the assembling caching that mobile terminal final step is submitted is carried out sign test with public key by the server-side, if whole sign tests pass through, the business datum submitted has been subjected to the verifying of the server-side.The present invention is directed to the server-side data processing method of mobile terminal wizard-like verifying, the characteristics of using data signature, achievees the effect that verify again;It can simply and effectively ensure under mobile terminal wizard-like verifying scene, server-side carries out the safety of data processing.
Description
Technical field
The present invention relates to data security arts in internet communication, more particularly to one kind to take when the verifying of mobile terminal wizard-like
Business end carries out safely and effectively data processing method.
Background technique
With the arrival of mobile internet era, mobile end equipment is in explosive growth, and people need the application of mobile terminal
Ask more and more, in the different software process of installation and operation, mobile terminal will appear the scene of many wizard-like verifyings.Such as
" card process is tied up in registration ", " giving password process for change ", " modification data process " etc., these scenes have a common ground: in guide
In each step request of formula verification process, it is likely to presence service end verifying needs and is needed after the completion of the verifying of all steps
It completes final step to submit, and finishing service process.
The scene of this wizard-like verifying, the problem of some secure contexts being brought to system: wizard-like verification process
Verification process only occurs for request step, and practical business interaction does not occur;Practical business interaction can occur when submitting for final step,
But for server-side, the requests verification step of final step and front be it is separated, the data safety in intermediate link is not
It can guarantee.
In view of the above technical defects, two kinds of alternative solutions exist in the prior art.Scheme one, server-side note
The data firmly being had verified that in intermediate steps, when final step is submitted, the data being had verified that by server-side assembling front, and
The data come up are submitted to form partial data source, finishing service processing with final step mobile terminal.The advantages of program, is: clothes
The data that each step had verified that are remembered at business end, mobile terminal in final step without data authenticated before submitting again, then
The data having verified that are comparatively safe, and reason is that client is had no chance the data distorted have verified that again.But disadvantage is: (1)
Server-side design is not flexible, due to complete preceding Buffering Verifier data in final step, and assembles in final step, in this way can be right
Wizard-like design in mobile terminal generates very strong dependence, if the data structure of each step changes in the guide of mobile terminal,
Or the step of guide, changes, server-side is also required to the logic that changes;(2) since verify data is buffered in server-side,
It is also contemplated that rollback of client during guide modifies problem;(3) due to client in front the step of verifying after the completion of,
Final step may not necessarily be covered, may finally abandon submission business, therefore be also contemplated that the timeliness of server-side verify data caching
Property problem.
Scheme two remembers the data of each step by mobile terminal, all steps before assembling when final step is submitted
Data form complete business datum and submit together, verified again after submission by server-side, finishing service processing.This scheme
The advantages of be: server-side verifying and final step handle separate logic, server-side do not have to it is data cached, independent of client
Wizard-like design.But disadvantage is: to guarantee that Information Security when last execution business, server-side are needed to final step
The total data of submission is verified again, to guarantee that data are not distorted after authenticated by client;But it is not all
Verifying can verify again: for such as mobile phone identifying code after being proved to be successful, final step can not verify mobile phone identifying code again.
In view of the defect of above-mentioned safety problem and existing solution, the invention person is by prolonged research and in fact
It tramples and obtains this creation finally.
Summary of the invention
The purpose of the present invention is to provide a kind of server-side data processing methods for the verifying of mobile terminal wizard-like, with solution
The problem of certainly server-side design is not flexible in the prior art, repeated authentication.
To achieve the goals above, the technical scheme is that a kind of server-side for the verifying of mobile terminal wizard-like
Data processing method includes the following steps:
Server-side carries out data verification to the business datum that the needs that mobile terminal is sent are verified;
The server-side signs to the business datum being verified with server-side private key, and returns to mobile terminal;It is above-mentioned
Step is completed in the mobile terminal guide step;
The server-side by mobile terminal final step submit assembling caching all steps business datum public key into
Row sign test, if whole sign tests pass through, the business datum submitted has been subjected to the verifying for leading to the server-side.
Further, in the signature process of the server-side, server-side is signed using private key, and defines a pass
Keyword and signature value are assembled into key-value pair, format by key word are as follows: keyword+signature value.
Further, the keyword is the customized expression formula that can represent certain verifying of server-side.
Further, the symmetric key for the key-value pair server-side that the server-side is formed is encrypted, and encrypted word is formed
Symbol string returns to verification result and encrypted characters string to mobile terminal according to preset format.
Further, the mobile terminal is when final step is submitted, and assembles all step business datums of caching and each
The encrypted characters string that server-side returns is walked, sends jointly to server-side according to preset format.
Further, the server-side one by one decrypts the encrypted characters string that mobile terminal is submitted, and is reduced into after decryption default
Keyword+signature value format.
Further, the server-side is searched final step mobile terminal and is mentioned according to server-side to the meaning of keyword definition
Corresponding data in whole business datums of friendship, and corresponding data and signature value are carried out sign test comparison.
Further, the quantity of the key-value pair is at least one.
Compared with prior art the invention has the following advantages: the present invention is directed to the service of mobile terminal wizard-like verifying
End data processing method the characteristics of using data signature, achievees the effect that verify again;Can simply and effectively ensure mobile terminal to
Conduction is verified under scene, and server-side carries out the safety of data processing.
On the one hand, the present invention uses data signature, only when mobile terminal final step is submitted, completes one-time authentication, avoids
Repeated authentication saves program resource.
Another invention, data signature of the present invention are checked on using the customized expression formula that can represent certain verifying of server-side
Key word and signature value are assembled into key-value pair, and coded format is easy, and server-side has a biggish design flexibility, data format it is steady
It is qualitative good.
Also, mobile terminal of the present invention will form complete business datum and submit together, by servicing after submission in final step
End is verified again, and server-side verifying and final step separately handle logic, and server-side is without data cached, independent of client
Wizard-like design, have biggish design flexibility.Server-side will need the data verified to sign during guide
Name, and the unified verifying signature in final step, greatly save the program resource of server.
Detailed description of the invention
Fig. 1 is the flow diagram of the server-side data processing method for the verifying of mobile terminal wizard-like of the invention;
Fig. 2 is the flow diagram of mobile terminal and server-side both sides in wizard-like verifying in mobile terminal of the invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Whole description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.
Refering to Figure 1, it is the server-side data processing method for the verifying of mobile terminal wizard-like of the invention
Flow diagram;Include the following steps:
Step a, server-side carry out data verification to the business datum that the needs that mobile terminal is sent are verified;
Step b, server-side signs to the business datum being verified with server-side private key, and returns to mobile terminal;
Step c, the business datum public key of all steps for the assembling caching that server-side submits mobile terminal final step
Sign test is carried out, if whole sign tests pass through, the business datum submitted has passed through the verifying of server-side.
It can then trust by the data that above-mentioned steps c is verified, be not tampered with, without verifying again;It is tested by above-mentioned
After card, then server-side carries out the regular traffic processing of final step.
Specifically, the signature process of above-mentioned steps b is applied in the guide step of mobile terminal, and in above-mentioned steps b, service
End is signed using private key, and defines a keyword, and keyword and signature value are assembled into key-value pair;Keyword is service
Hold the customized expression formula that can represent certain verifying;The format of finally formed key-value pair are as follows: keyword+signature value lattice
Formula.
Preferably, the safety in order to preferably protect signed data, in above-mentioned steps b, above-mentioned key-value pair can be with
Increase code key;Concrete operations are as follows: the symmetric key of above-mentioned key-value pair data server-side is encrypted, encrypted characters are formed
String returns to verification result and encrypted characters string to mobile terminal.
Specifically, mobile terminal judges whether to enter next according to the verification result that server-side returns after above-mentioned steps b
Step, and cache the business datum in the encrypted characters string from server-side and current procedures.
Specifically, above-mentioned steps c occurs when the completion final step of mobile terminal guide needs to submit to server-side, at this
In the process, situation is encrypted if it exists, and all step business datums and each step server-side of the mobile terminal assembling caching return
Encrypted characters string, send jointly to server-side according to preset format.
Correspondingly, the server-side one by one decrypts the encrypted characters string that mobile terminal is submitted, it is reduced into after decryption preset
The format of key-value pair, keyword+signature value format.In the present embodiment, there are at least one guide step, each guides
Step may all need to verify, and accordingly, there exist at least one key-value pair datas, and therefore, mobile terminal sends key-value pair to server-side
Every key-value pair data is sent to server-side according to preset format by data value, avoids that verifying disorder occurs.
Specifically, according to server-side to the meaning of keyword definition, it is mobile to search final step in above-mentioned steps c
Corresponding data in the whole business datums submitted are held, and corresponding data and signature value are carried out sign test comparison, if entirely
Portion's sign test passes through, and the characteristics of according to data signature, can be concluded that submitted business datum has been subjected to the verifying of server-side, and
It is not tampered with, without verifying again.
It please refers to shown in Fig. 2, is mobile terminal and server-side both sides processing in wizard-like verifying in mobile terminal of the invention
Flow diagram illustrates the process below as the sequencing of timing are as follows:
Step S01, mobile terminal send the business datum for needing to verify in current procedures to server-side;Those skilled in the art
It is understood that the transformat of business datum can be common coded format, this process can also be encrypted.
Step C01, server-side carry out data verification to the business datum of submission;
Step C02 signs to the data being verified with server-side private key, and defines a keyword, key
Word and signature value are assembled into key-value pair, the key-value pair eventually formed are as follows: keyword+signature value form;
Keyword is the customized expression formula that can represent certain verifying of server-side;For the data or data being verified
Combination, signature are signed using the private key of server-side oneself.
In the present embodiment, for example the verifying keyword definition of cell-phone number is " S01 ", and the verifying keyword definition of name is
"S02";It after being then proved to be successful cell-phone number, signs to userid+ cell-phone number, forms a signature value.Obviously, this kind defines
Mode has diversified forms.
Step C03, server-side encrypt the symmetric key of above-mentioned key-value pair data server-side, form encrypted characters
String returns to verification result and encrypted characters string to mobile terminal;It will be readily appreciated that verifying keyword and encrypted characters string can
Same format, Unified coding is arranged.
Step S02, according to server-side return verification result judge whether enter in next step, and cache encrypted characters string with
And the business datum in current procedures;
Step S03, the encrypted characters string that all step business datums and each step server-side for assembling caching return, one
It rises and is sent to server-side;
Step C04 one by one decrypts the encrypted characters string that mobile terminal is submitted, keyword+signature value is reduced into after decryption
Data format;
Step C05 searches whole business that final step mobile terminal is submitted according to server-side to the meaning of keyword definition
Corresponding data in data, and corresponding data and signature value are carried out sign test comparison, if whole sign tests pass through, according to number
The characteristics of according to signature, it can be concluded that submitted business datum has been subjected to the verifying of server-side, and be not tampered with, Wu Xuzai
Secondary verifying.
In the present embodiment, for example keyword is S01, then searches the userid+ mobile phone in the business datum for submitting
Number, and the corresponding signature value of S01 in userid+ cell-phone number and key-value pair is carried out sign test;
Step C06 carries out the regular traffic processing of final step.
So far, it has been combined preferred embodiment shown in the drawings and describes technical solution of the present invention, still, this field
Technical staff is it is easily understood that protection scope of the present invention is expressly not limited to these specific embodiments.Without departing from this
Under the premise of the principle of invention, those skilled in the art can make equivalent change or replacement to the relevant technologies feature, these
Technical solution after change or replacement will fall within the scope of protection of the present invention.
Claims (8)
1. a kind of server-side data processing method for the verifying of mobile terminal wizard-like, which comprises the steps of:
Server-side carries out data verification to the business datum that the needs that mobile terminal is sent are verified;
The server-side signs to the business datum being verified with server-side private key, and returns to mobile terminal;Above-mentioned steps
It is completed in the mobile terminal guide step;
The server-side tests the business datum of all steps for the assembling caching that mobile terminal final step is submitted with public key
Label, if whole sign tests pass through, the business datum submitted passes through the verifying of the server-side.
2. the server-side data processing method according to claim 1 for the verifying of mobile terminal wizard-like, which is characterized in that
In the signature process of the server-side, server-side is signed using private key, and defines a keyword, keyword and label
Name value is assembled into key-value pair, format are as follows: keyword+signature value.
3. the server-side data processing method according to claim 2 for the verifying of mobile terminal wizard-like, which is characterized in that
The keyword is the customized expression formula that can represent certain verifying of server-side.
4. the server-side data processing method according to claim 2 for the verifying of mobile terminal wizard-like, which is characterized in that
The symmetric key for the key-value pair server-side that the server-side is formed is encrypted, and encrypted characters string is formed, according to preset format
Verification result and encrypted characters string are returned to mobile terminal.
5. the server-side data processing method according to claim 4 for the verifying of mobile terminal wizard-like, which is characterized in that
The mobile terminal assembles all step business datums of caching and the encryption of each step server-side return when final step is submitted
Character string sends jointly to server-side according to preset format.
6. the server-side data processing method according to claim 5 for the verifying of mobile terminal wizard-like, which is characterized in that
The server-side one by one decrypts the encrypted characters string that mobile terminal is submitted, and preset keyword+signature value is reduced into after decryption
Format.
7. the server-side data processing method according to claim 6 for the verifying of mobile terminal wizard-like, which is characterized in that
The server-side, to the meaning of keyword definition, is searched in whole business datums that final step mobile terminal is submitted according to server-side
Corresponding data, and corresponding data and signature value are carried out sign test comparison.
8. for the server-side data processing side of mobile terminal wizard-like verifying according to claim 2-7 any claim
Method, which is characterized in that the quantity of the key-value pair is at least one.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710278683.0A CN107241187B (en) | 2017-04-25 | 2017-04-25 | A kind of server-side data processing method for the verifying of mobile terminal wizard-like |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710278683.0A CN107241187B (en) | 2017-04-25 | 2017-04-25 | A kind of server-side data processing method for the verifying of mobile terminal wizard-like |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107241187A CN107241187A (en) | 2017-10-10 |
CN107241187B true CN107241187B (en) | 2019-11-08 |
Family
ID=59984300
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710278683.0A Active CN107241187B (en) | 2017-04-25 | 2017-04-25 | A kind of server-side data processing method for the verifying of mobile terminal wizard-like |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107241187B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111378A (en) * | 2009-12-25 | 2011-06-29 | 上海格尔软件股份有限公司 | Signature verification system |
CN104969528A (en) * | 2012-12-28 | 2015-10-07 | 诺克诺克实验公司 | Query system and method to determine authentication capabilities |
CN106452792A (en) * | 2016-11-21 | 2017-02-22 | 济南浪潮高新科技投资发展有限公司 | Data single transmission module based on digital signature integrity checking |
-
2017
- 2017-04-25 CN CN201710278683.0A patent/CN107241187B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111378A (en) * | 2009-12-25 | 2011-06-29 | 上海格尔软件股份有限公司 | Signature verification system |
CN104969528A (en) * | 2012-12-28 | 2015-10-07 | 诺克诺克实验公司 | Query system and method to determine authentication capabilities |
CN106452792A (en) * | 2016-11-21 | 2017-02-22 | 济南浪潮高新科技投资发展有限公司 | Data single transmission module based on digital signature integrity checking |
Also Published As
Publication number | Publication date |
---|---|
CN107241187A (en) | 2017-10-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106899570B (en) | The processing method of two dimensional code, apparatus and system | |
CN110493202B (en) | Login token generation and verification method and device and server | |
CN109711133B (en) | Identity information authentication method and device and server | |
WO2018030707A1 (en) | Authentication system and method, and user equipment, authentication server, and service server for performing same method | |
US9225728B2 (en) | Method and device for anonymous entity identification | |
CN109618341A (en) | A kind of digital signature authentication method, system, device and storage medium | |
CN103581105A (en) | Login verification method and login verification system | |
CN106911684B (en) | Authentication method and system | |
CN106936790A (en) | The method that client and server end carries out two-way authentication is realized based on digital certificate | |
KR102137122B1 (en) | Security check method, device, terminal and server | |
CN108777675B (en) | Electronic device, block chain-based identity authentication method, and computer storage medium | |
CN107430658A (en) | Fail-safe software certification and checking | |
JP5193787B2 (en) | Information processing method, relay server, and network system | |
CN111092719B (en) | Label data refreshing method and system, payment method and system | |
CN111865889B (en) | Login request processing method, system, device, electronic equipment and storage medium | |
US20220029983A1 (en) | System and method for automated customer verification | |
US20240098493A1 (en) | Identifying trusted service set identifiers for wireless networks | |
CN107835160A (en) | Third party's user authen method based on Quick Response Code | |
CN106897606A (en) | A kind of brush machine means of defence and device | |
CN110113329A (en) | A kind of verification method and device of identifying code | |
US10972465B1 (en) | Secure authentication through visual codes containing unique metadata | |
CN110690971A (en) | Data processing method and system based on USBKey | |
CN103532979A (en) | Method for generating and verifying multi-conversation verification codes under CGI (common gateway interface) for web | |
CN107241187B (en) | A kind of server-side data processing method for the verifying of mobile terminal wizard-like | |
CN109495458A (en) | A kind of method, system and the associated component of data transmission |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PP01 | Preservation of patent right |
Effective date of registration: 20210922 Granted publication date: 20191108 |
|
PP01 | Preservation of patent right |