CN107547494B - 用于安全在线认证的系统和方法 - Google Patents

用于安全在线认证的系统和方法 Download PDF

Info

Publication number
CN107547494B
CN107547494B CN201610867335.2A CN201610867335A CN107547494B CN 107547494 B CN107547494 B CN 107547494B CN 201610867335 A CN201610867335 A CN 201610867335A CN 107547494 B CN107547494 B CN 107547494B
Authority
CN
China
Prior art keywords
protected
website
protected website
information
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610867335.2A
Other languages
English (en)
Chinese (zh)
Other versions
CN107547494A (zh
Inventor
德米特里·L·彼得罗维切夫
阿提姆·O·巴拉诺夫
叶夫根尼·V·贡恰罗夫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kaspersky Lab AO
Original Assignee
Kaspersky Lab AO
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kaspersky Lab AO filed Critical Kaspersky Lab AO
Publication of CN107547494A publication Critical patent/CN107547494A/zh
Application granted granted Critical
Publication of CN107547494B publication Critical patent/CN107547494B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
CN201610867335.2A 2016-06-24 2016-09-29 用于安全在线认证的系统和方法 Active CN107547494B (zh)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
RU2016125283 2016-06-24
RU2016125283A RU2635276C1 (ru) 2016-06-24 2016-06-24 Безопасная аутентификация по логину и паролю в сети Интернет с использованием дополнительной двухфакторной аутентификации
US15/237,738 US10284543B2 (en) 2016-06-24 2016-08-16 System and method for secure online authentication
US15/237,738 2016-08-16

Publications (2)

Publication Number Publication Date
CN107547494A CN107547494A (zh) 2018-01-05
CN107547494B true CN107547494B (zh) 2020-12-18

Family

ID=60263850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610867335.2A Active CN107547494B (zh) 2016-06-24 2016-09-29 用于安全在线认证的系统和方法

Country Status (4)

Country Link
US (2) US10284543B2 (enExample)
JP (1) JP6654985B2 (enExample)
CN (1) CN107547494B (enExample)
RU (1) RU2635276C1 (enExample)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10430894B2 (en) 2013-03-21 2019-10-01 Khoros, Llc Gamification for online social communities
JP2017228118A (ja) * 2016-06-23 2017-12-28 富士通株式会社 情報処理装置、情報処理システム、情報処理プログラムおよび情報処理方法
RU2635276C1 (ru) * 2016-06-24 2017-11-09 Акционерное общество "Лаборатория Касперского" Безопасная аутентификация по логину и паролю в сети Интернет с использованием дополнительной двухфакторной аутентификации
US10346449B2 (en) 2017-10-12 2019-07-09 Spredfast, Inc. Predicting performance of content and electronic messages among a system of networked computing devices
US10999278B2 (en) 2018-10-11 2021-05-04 Spredfast, Inc. Proxied multi-factor authentication using credential and authentication management in scalable data networks
US10594773B2 (en) 2018-01-22 2020-03-17 Spredfast, Inc. Temporal optimization of data operations using distributed search and server management
US11061900B2 (en) 2018-01-22 2021-07-13 Spredfast, Inc. Temporal optimization of data operations using distributed search and server management
RU2728506C2 (ru) * 2018-06-29 2020-07-29 Акционерное общество "Лаборатория Касперского" Способ блокировки сетевых соединений
RU2697958C1 (ru) * 2018-06-29 2019-08-21 Акционерное общество "Лаборатория Касперского" Система и способ обнаружения вредоносной активности на компьютерной системе
US10855657B2 (en) * 2018-10-11 2020-12-01 Spredfast, Inc. Multiplexed data exchange portal interface in scalable data networks
CN110719274B (zh) * 2019-09-29 2022-10-04 武汉极意网络科技有限公司 网络安全控制方法、装置、设备及存储介质
WO2021222490A1 (en) * 2020-04-30 2021-11-04 Laboratory Corporation Of America Holdings Transparent secure link for point-of-care devices
US11438289B2 (en) 2020-09-18 2022-09-06 Khoros, Llc Gesture-based community moderation
US12120078B2 (en) 2020-09-18 2024-10-15 Khoros, Llc Automated disposition of a community of electronic messages under moderation using a gesture-based computerized tool
US11997093B2 (en) * 2020-09-30 2024-05-28 Goodwell Technologies, Inc. Secure private network navigation
US11714629B2 (en) 2020-11-19 2023-08-01 Khoros, Llc Software dependency management
US12238101B2 (en) * 2021-03-09 2025-02-25 Oracle International Corporation Customizing authentication and handling pre and post authentication in identity cloud service
US20240220646A1 (en) * 2022-12-29 2024-07-04 Capital One Services, Llc Browser extension to detect cloud uploads
US12261844B2 (en) 2023-03-06 2025-03-25 Spredfast, Inc. Multiplexed data exchange portal interface in scalable data networks
CN118573478B (zh) * 2024-07-31 2024-12-06 恒生电子股份有限公司 访问验证系统、方法及装置

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013089771A1 (en) * 2011-12-16 2013-06-20 Intel Corporation Secure user attestation and authentication to a remote server
CN105429934A (zh) * 2014-09-19 2016-03-23 腾讯科技(深圳)有限公司 Https连接验证的方法和装置
CN105516169A (zh) * 2015-12-23 2016-04-20 北京奇虎科技有限公司 检测网站安全的方法及装置

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030232092A1 (en) 2002-06-14 2003-12-18 Hasenmayer Donald L. Liquid antacid compositions
JP2004151863A (ja) 2002-10-29 2004-05-27 Sony Corp 自動ログインシステム、自動ログイン方法、自動ログインプログラム、及び記憶媒体
GB0305959D0 (en) * 2003-03-15 2003-04-23 Ibm Client web service access
JP2004318582A (ja) * 2003-04-17 2004-11-11 Nippon Telegraph & Telephone East Corp ネットワークアクセスシステム及び方法、認証装置、エッジルータ、アクセス制御装置、ならびに、コンピュータプログラム
JP4313091B2 (ja) 2003-05-30 2009-08-12 株式会社ルネサステクノロジ 情報処理システム
US7457823B2 (en) * 2004-05-02 2008-11-25 Markmonitor Inc. Methods and systems for analyzing data related to possible online fraud
RU2386220C2 (ru) * 2005-07-07 2010-04-10 Телефонактиеболагет Лм Эрикссон (Пабл) Способ и устройство для аутентификации и конфиденциальности
JP4277835B2 (ja) * 2005-07-29 2009-06-10 日本ビクター株式会社 デジタル放送受信装置
US7613445B1 (en) * 2005-12-22 2009-11-03 Symantec Corporation Cost control system for access to mobile services
EP1811421A1 (en) * 2005-12-29 2007-07-25 AXSionics AG Security token and method for authentication of a user with the security token
JP2007334753A (ja) 2006-06-16 2007-12-27 Nippon Telegr & Teleph Corp <Ntt> アクセス管理システムおよび方法
US8429734B2 (en) * 2007-07-31 2013-04-23 Symantec Corporation Method for detecting DNS redirects or fraudulent local certificates for SSL sites in pharming/phishing schemes by remote validation and using a credential manager and recorded certificate attributes
US8245030B2 (en) * 2008-12-19 2012-08-14 Nai-Yu Pai Method for authenticating online transactions using a browser
US8850526B2 (en) * 2010-06-23 2014-09-30 K7 Computing Private Limited Online protection of information and resources
US9225510B1 (en) * 2010-08-17 2015-12-29 Go Daddy Operating Company, LLC Website secure certificate status determination via partner browser plugin
US9117075B1 (en) * 2010-11-22 2015-08-25 Trend Micro Inc. Early malware detection by cross-referencing host data
CA2724297C (en) * 2010-12-14 2013-11-12 Xtreme Mobility Inc. System and method for authenticating transactions through a mobile device
US8533834B1 (en) * 2011-04-22 2013-09-10 Juniper Networks, Inc. Antivirus intelligent flow framework
US20120329388A1 (en) * 2011-06-27 2012-12-27 Broadcom Corporation NFC-Enabled Devices to Store and Retrieve Portable Application-Specific Personal Information for Use with Computational Platforms
CN103975615B (zh) 2011-12-16 2019-09-03 英特尔公司 用自动生成的登录信息经由近场通信登录
US9356804B1 (en) * 2012-06-12 2016-05-31 Amazon Technologies, Inc. Policy-based network connection resource selection
US20140180931A1 (en) * 2012-12-07 2014-06-26 David Lie System and Method for Secure Wi-Fi- Based Payments Using Mobile Communication Devices
US9032206B2 (en) * 2013-02-25 2015-05-12 Surfeasy, Inc. Rule sets for client-applied encryption in communications networks
RU2583710C2 (ru) * 2013-07-23 2016-05-10 Закрытое акционерное общество "Лаборатория Касперского" Система и способ обеспечения конфиденциальности информации, используемой во время операций аутентификации и авторизации, при использовании доверенного устройства
US20150281227A1 (en) * 2014-03-31 2015-10-01 Symple ID Inc. System and method for two factor user authentication using a smartphone and nfc token and for the automatic generation as well as storing and inputting of logins for websites and web applications
US9282094B1 (en) * 2014-06-27 2016-03-08 Emc Corporation Transparent adaptive authentication and transaction monitoring
US9202249B1 (en) * 2014-07-03 2015-12-01 Palantir Technologies Inc. Data item clustering and analysis
US20170206351A1 (en) * 2014-07-22 2017-07-20 Viasat, Inc. Mobile device security monitoring and notification
US9473516B1 (en) * 2014-09-29 2016-10-18 Amazon Technologies, Inc. Detecting network attacks based on a hash
GB2537154B (en) * 2015-04-09 2021-09-08 Wandera Ltd Detecting "man-in-the-middle" attacks
US11785052B2 (en) * 2016-06-21 2023-10-10 International Business Machines Corporation Incident response plan based on indicators of compromise
RU2635276C1 (ru) * 2016-06-24 2017-11-09 Акционерное общество "Лаборатория Касперского" Безопасная аутентификация по логину и паролю в сети Интернет с использованием дополнительной двухфакторной аутентификации

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013089771A1 (en) * 2011-12-16 2013-06-20 Intel Corporation Secure user attestation and authentication to a remote server
CN105429934A (zh) * 2014-09-19 2016-03-23 腾讯科技(深圳)有限公司 Https连接验证的方法和装置
CN105516169A (zh) * 2015-12-23 2016-04-20 北京奇虎科技有限公司 检测网站安全的方法及装置

Also Published As

Publication number Publication date
JP6654985B2 (ja) 2020-02-26
US10284543B2 (en) 2019-05-07
US20170374057A1 (en) 2017-12-28
JP2017228264A (ja) 2017-12-28
RU2635276C1 (ru) 2017-11-09
US20190199711A1 (en) 2019-06-27
CN107547494A (zh) 2018-01-05
US11140150B2 (en) 2021-10-05

Similar Documents

Publication Publication Date Title
CN107547494B (zh) 用于安全在线认证的系统和方法
RU2587423C2 (ru) Система и способ обеспечения безопасности онлайн-транзакций
US10469251B2 (en) System and method for preemptive self-healing security
US8713705B2 (en) Application authentication system and method
Onwuzurike et al. Danger is my middle name: experimenting with SSL vulnerabilities in Android apps
RU2571721C2 (ru) Система и способ обнаружения мошеннических онлайн-транзакций
US9071600B2 (en) Phishing and online fraud prevention
Sun et al. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures
Mladenov et al. On the security of modern single sign-on protocols: Second-order vulnerabilities in openid connect
Panos et al. A security evaluation of FIDO’s UAF protocol in mobile and embedded devices
Kuchhal et al. Evaluating the security posture of real-world fido2 deployments
Mannan et al. Leveraging personal devices for stronger password authentication from untrusted computers
Luvanda Identifying threats associated with man-in-the-middle attacks during communication between a mobile device and the back end server in mobile banking applications
Kim et al. Security analysis and bypass user authentication bound to device of windows hello in the wild
US8261328B2 (en) Trusted electronic communication through shared vulnerability
Orucho et al. Security threats affecting user-data on transit in mobile banking applications: A review
EP3058498B1 (en) Crm security core
Li et al. Authenticator rebinding attack of the UAF protocol on mobile devices
Luvanda Proposed framework for securing mobile banking applications from man in the middle attacks
EP3261009B1 (en) System and method for secure online authentication
Ur Rahman et al. Practical security for rural internet kiosks
US12499278B1 (en) DI intercommunication for cybersecurity protection and OS piracy protection
Alavi et al. Where is the weakest link? a study on security discrepancies between android apps and their website counterparts
Williams et al. Follow the Money Through Apple Pay
de Andrade Case study to identify vulnerabilities in applications developed for the Android

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant