CN107770116A - The safe verification method and the network equipment of dialogue-based connection - Google Patents

The safe verification method and the network equipment of dialogue-based connection Download PDF

Info

Publication number
CN107770116A
CN107770116A CN201610669795.4A CN201610669795A CN107770116A CN 107770116 A CN107770116 A CN 107770116A CN 201610669795 A CN201610669795 A CN 201610669795A CN 107770116 A CN107770116 A CN 107770116A
Authority
CN
China
Prior art keywords
information
client
checking
session connection
network equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610669795.4A
Other languages
Chinese (zh)
Inventor
李伟波
马晋
瞿浩正
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Dongguan packaging printing paper products company limited
Original Assignee
Shenzhen Huayun Digital Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Huayun Digital Co Ltd filed Critical Shenzhen Huayun Digital Co Ltd
Priority to CN201610669795.4A priority Critical patent/CN107770116A/en
Publication of CN107770116A publication Critical patent/CN107770116A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to a kind of safe verification method and the network equipment of dialogue-based connection, this method includes:Instruction the first back information of generation is established in the session connection sent according to client;According to the first back information and first prestore password generate the first combined information;According to the first combined information, with reference to preset algorithm, the first checking information is calculated;Judge whether the second checking information that client generates according to the first back information matches the first checking information;If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.It whether legal to the identity of client in session connection can effectively be verified, effectively prevent that be not built-in with the first illegitimate client for prestoring password establishes session connection by the modes such as network attack, camouflage identity and the network equipment, security is higher.

Description

The safe verification method and the network equipment of dialogue-based connection
Technical field
Embodiment of the present invention is related to information security verification technique field, more particularly to a kind of peace of dialogue-based connection Full verification method and the network equipment.
Background technology
Into wired home and the technological evolvement process of industry 4.0, it is desirable to which increasing home appliance and industry are set It is standby to turn into the network equipment with interconnecting function, such as:Refrigerator, air-conditioning, printer etc..Realize that the network equipment of interconnecting function is more Number uses TCP/IP communication agreement so that the client realized based on the communication protocol is easy to interconnect with the network equipment.
For example, when a network printer is run in a network environment, it can only establish session with a client (Session Connection) is connected, if certain client request for running Intelligent printing control software and the network printing Machine establishes session connection, then the network printer is firstly the need of whether legal, the only legal client of the identity for differentiating client End, just allow to establish session connection with the network printer, and receive the control command and data for coming from client, printed Operation.And for the illegal client of identity, refuse the connection that conversates, and do not receive from any control with the client System order and data.
In process of the present invention is realized, inventor has found that prior art has problems with:Due to TCP/IP communication agreement With high opening, larger potential safety hazard, such as network attack, the client request connection for pretending identity be present.
The content of the invention
Embodiment of the present invention is mainly solving the technical problems that provide a kind of safe verification method of dialogue-based connection And whether the network equipment, the network equipment legal to the identity of client in session connection can effectively be verified, prevent with Illegal client establishes session connection.
In order to solve the above technical problems, the technical scheme that embodiment of the present invention uses is:A kind of base is provided In the safe verification method of session connection, including:
Instruction the first back information of generation is established in the session connection sent according to client;
According to first back information and first prestore password generate the first combined information;
According to first combined information, with reference to preset algorithm, the first checking information is calculated;
Judge whether the second checking information that client generates according to first back information matches the first checking information;
If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
Wherein, whether second checking information for judging that client generates according to first back information matches first Also include before the step of checking information:
Judge the second checking information that client generates according to first back information whether is received in preset duration.
Wherein, to be client prestore password and receive described first time second checking information according to described first Pass information and generate first combined information, and according to first combined information, be calculated with reference to the preset algorithm.
Wherein, in addition to:
The session connection sent according to client, which is released order, generates the second back information;
According to second back information and second prestore password generate the second combined information;
According to second combined information, with reference to preset algorithm, the 3rd checking information is calculated;
Judge whether the 4th checking information that client generates according to second back information matches the 3rd checking information;
If so, session connection release successful information is then sent, if it is not, then sending session connection release failure information.
Wherein, whether the 4th checking information for judging that client generates according to second back information matches the 3rd Also include before the step of checking information:
Judge the 4th checking information whether is received in preset duration.
Wherein, to be client prestore password and receive described second time the 4th checking information according to described second Pass information and generate second combined information, and according to second combined information, be calculated with reference to the preset algorithm.
In order to solve the above technical problems, another technical scheme that embodiment of the present invention uses is:A kind of network is provided Equipment, including:
The passback of instruction generation first is established in first back information generation module, the session connection for being sent according to client Information;
First combined information generation module, for according to first back information and first prestore password generate first group Close information;
First checking information computing module, for according to first combined information, with reference to preset algorithm, being calculated One checking information;
First matching judgment module, the second checking information generated for judging client according to first back information Whether first checking information is matched;
If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
Wherein, in addition to:First duration judge module, for judging second checking whether is received in preset duration Information.
Wherein, in addition to:
Second back information generation module, the session connection for being sent according to client, which is released order, generates the second passback Information;
Second combined information generation module, for according to second back information and second prestore password generate second group Close information;
3rd checking information computing module, for according to second combined information, with reference to preset algorithm, being calculated Three checking informations;
Second matching judgment module, the 4th checking information generated for judging client according to second back information Whether threeth checking information is matched;
If so, session connection release successful information is then sent, if it is not, then sending session connection release failure information.
Wherein, in addition to:Second duration judge module, for judging the 4th checking whether is received in preset duration Information.
The beneficial effect of embodiment of the present invention is:A kind of safety of dialogue-based connection provided in an embodiment of the present invention is tested Instruction the first back information of generation is established in card method, the session connection that the network equipment is sent according to client;According to the first passback Information and first prestore password generate the first combined information;According to the first combined information, with reference to preset algorithm, first is calculated Checking information;Judge whether the second checking information that client generates according to the first back information matches the first checking information;If It is then to send session connection and be successfully established information, if it is not, then sending session connection establishes failure information.So as in session It is whether legal to the identity of client in connection effectively to be verified, effectively prevent from not being built-in with the first illegal visitor for prestoring password Session connection is established in family end by the modes such as network attack, camouflage identity and the network equipment, and security is higher.
Brief description of the drawings
Fig. 1 is a kind of schematic flow sheet of the safe verification method of dialogue-based connection provided in an embodiment of the present invention;
Fig. 2 is a kind of flow signal of the safe verification method for dialogue-based connection that further embodiment of this invention provides Figure;
Fig. 3 is a kind of structural representation of the network equipment provided in an embodiment of the present invention;
Fig. 4 is a kind of structural representation for network equipment that further embodiment of this invention provides;
Fig. 5 is the electronic equipment of the safe verification method for the dialogue-based connection of execution that further embodiment of this invention provides Hardware architecture diagram.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, it is right below in conjunction with drawings and Examples The present invention is further elaborated.It should be appreciated that specific embodiment described herein is only to explain the present invention, not For limiting the present invention.
In addition, as long as technical characteristic involved in each embodiment of invention described below is each other not Conflict can is formed to be mutually combined.
The safe verification method of the dialogue-based connection of the embodiment of the present invention is to solve the network equipment in processing session The problem of how whether identity at checking request end is legal during establishment of connection, release, the network equipment can be used The refrigerator of TCP/IP communication agreement, air-conditioning, washing machine, printer etc., request end can be the meters using TCP/IP communication agreement Calculation machine, hand-held intelligent terminal etc., possess interconnecting function between the network equipment and request end.
The embodiment of the present invention is specifically addressed with reference to specific accompanying drawing.
Fig. 1 is a kind of schematic flow sheet of the safe verification method of dialogue-based connection provided in an embodiment of the present invention.Such as Shown in Fig. 1, this method includes:
Step 11, the session connection sent according to client establish instruction the first back information of generation.
In the embodiment of the present invention, client sends session connection to the network equipment and establishes instruction, and the network equipment receives meeting The first back information of generation after instruction is established in words connection, and first back information then is sent into client, the first passback Information can be random string or binary data.While the network equipment sends the first back information, network Equipment starts built-in timer and carries out countdown.
Step 13, prestore password the first combined information of generation according to the first back information and first.
In the embodiment of the present invention, before step 11, built-in first prestore password in the network device, in the client Built-in first preset password, prevents the first preset password to be trapped when the network equipment transmits among clients, plays encryption Effect so that the client for being built-in with first preset password possesses the verification condition of legal identity.First preset password can be with It is character string or binary data.By taking the generating mode of the first combined information as an example, the first combined information can be One back information and first prestore password splicing generate, for example, the first preset password is attached to behind the first back information, again Such as, the first preset password is attached to before the first back information.First combined information can also be the first back information and One password that prestores generates according to preset model, for example, by character or binary system in the first preset password and the first back information Number is interspersed to be staggered.
Step 15, according to the first combined information, with reference to preset algorithm, the first checking information is calculated.
In the embodiment of the present invention, preset algorithm is MD5 algorithms or MD4 algorithms, MD3 algorithms in hash algorithm Deng.First checking information is input information of the network equipment using the first combined information as preset algorithm, utilizes preset algorithm meter Obtained informative abstract.
Step 17, judge whether the second checking information that client generates according to the first back information matches the first checking letter Breath;
If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
In the embodiment of the present invention, the client for being built-in with the first preset password is identified as legal client, and this is legal Client can be according to built in itself first prestore the first back information generation that password and the network equipment that receives are sent First combined information, and then above-mentioned second checking information is calculated according to the first combined information, and with reference to preset algorithm, this Two checking informations are identical with the first checking information, i.e., the second checking information matches with the first checking information, and the network equipment is to legal Client send session connection be successfully established information.
The client for not being built-in with the first preset password is identified as illegal client, and the illegal client can not root The second checking information that the first back information generation sent according to the network equipment received matches with the first checking information, network Equipment sends session connection to illegal client and establishes failure information, so as to prevent illegal client by network attack, The modes such as camouflage identity establish session connection with the network equipment.
In the embodiment of the present invention, in order to prevent illegal client from being cracked to preset algorithm, in step 15 and step 17 Between, in addition to:Judge the second checking information that client generates according to the first back information whether is received in preset duration, If so, step 17 is then carried out, if it is not, then sending session connection establishes failure information.Timer built in the network equipment be used for The network equipment carries out the countdown of preset duration as initial time at the time of sending the first back information.When preset algorithm is It during MD5, can effectively prevent the hash for cracking MD5 from colliding the attack of algorithm, need to expend necessarily because hash algorithm cracks MD5 Duration, preset duration is set smaller than to the duration of hash algorithm consuming, the once attack of hash algorithm will fail.Example Such as, preset duration is set as 2 seconds, 3 seconds, 4 seconds etc..
A kind of safe verification method of dialogue-based connection provided in an embodiment of the present invention, the network equipment are sent out according to client Instruction the first back information of generation is established in the session connection sent;According to the first back information and first prestore password generate first group Close information;According to the first combined information, with reference to preset algorithm, the first checking information is calculated;Judge client according to first Whether the second checking information of back information generation matches the first checking information;If so, then sending session connection is successfully established letter Breath, if it is not, then sending session connection establishes failure information.So as to effectively prevent from not being built-in with the first illegal client for prestoring password Session connection is established in end by the modes such as network attack, camouflage identity and the network equipment, and security is higher.
Fig. 2 is a kind of safe verification method schematic flow sheet for dialogue-based connection that further embodiment of this invention provides. As shown in Fig. 2 this method includes:
Step 21, the session connection sent according to client establish instruction the first back information of generation.
In the embodiment of the present invention, client sends session connection to the network equipment and establishes instruction, and the network equipment receives meeting The first back information of generation after instruction is established in words connection, and first back information then is sent into client.Set in network While preparation send the first back information, the network equipment starts built-in timer and carries out countdown.
Step 22, prestore password the first combined information of generation according to the first back information and first.
In the embodiment of the present invention, before step 21, built-in first prestore password in the network device, meanwhile, in client Also built-in first preset password in end, prevents the first preset password to be trapped when the network equipment transmits among clients, together When be built-in with first preset password client possess the verification condition of legal identity.
Step 23, according to the first combined information, with reference to preset algorithm, the first checking information is calculated.
In the embodiment of the present invention, preset algorithm is MD5 algorithms or MD4 algorithms, MD3 algorithms in hash algorithm Deng.First checking information is input information of the network equipment using the first combined information as preset algorithm, utilizes preset algorithm meter Obtained informative abstract.
Step 24, judge whether the second checking information that client generates according to the first back information matches the first checking letter Breath;
If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
In the embodiment of the present invention, in order to prevent illegal client from being cracked to preset algorithm, in step 23 and step 24 Between, in addition to:Judge the second checking information that client generates according to the first back information whether is received in preset duration, If so, step 24 is then carried out, if it is not, then sending session connection establishes failure information.Timer built in the network equipment be used for The network equipment carries out the countdown of preset duration as initial time at the time of sending the first back information.
Step 25, the session connection sent according to client, which are released order, generates the second back information.
In the embodiment of the present invention, after being successfully established session connection, it can be realized between legal client and the network equipment The transmission of control instruction and data, for example, the network equipment is the network printer, legal client can be sent out to the network printer Control instruction and data are sent, carries out print job.
When legal client needs to discharge the session connection with the network equipment, client sends session to the network equipment Connection Release instruct, the network equipment receive session connection release order after generation the second back information, then by this second Back information is sent to client, and the second back information can be random string or binary data.Set in network While preparation send the second back information, the network equipment starts built-in timer and carries out timing.It should be noted that second time Passing information can be identical with the first back information, can also be different from the first back information.
Step 26, prestore password the second combined information of generation according to the second back information and second.
In the embodiment of the present invention, second prestores password can be identical with first password that prestores, and can also be prestored with first close Code is different.Second is built-in with the network device to prestore password, in the client also built-in second preset password, prevent that second is pre- If password is trapped when the network equipment transmits among clients, encryption effect is played so that it is second default close to be built-in with this The client of code possesses the verification condition of legal identity.Second preset password can be character string or binary data. By taking the generating mode of the second combined information as an example, the second combined information can be the second back information and second prestore password splicing Generation, for example, the second preset password is attached to behind the second back information, and for example, second is attached to by the second preset password Before back information.Second combined information can also be that the second back information and second password that prestores generate according to preset model, It is staggered for example, the second preset password is interted with the character in the second back information or binary number.
Step 27, according to the second combined information, with reference to preset algorithm, the 3rd checking information is calculated.
In the embodiment of the present invention, preset algorithm is MD5 algorithms or MD4 algorithms, MD3 algorithms in hash algorithm Deng.3rd checking information is input information of the network equipment using the second combined information as preset algorithm, utilizes preset algorithm meter Obtained informative abstract.
Step 28, judge whether the 4th checking information that client generates according to the second back information matches the 3rd checking letter Breath;
If so, session connection release successful information is then sent, if it is not, then sending session connection release failure information.
In the embodiment of the present invention, the client for being built-in with the second preset password is identified as legal client, and this is legal Client can be according to built in itself second prestore the second back information generation that password and the network equipment that receives are sent Second combined information, and then above-mentioned 4th checking information is calculated according to the second combined information, and with reference to preset algorithm, this Four checking informations are identical with the 3rd checking information, i.e., the 4th checking information matches with the 3rd checking information, and the network equipment is to legal Client send session connection release successful information.
The client for not being built-in with the second preset password is identified as illegal client, and the illegal client can not root The 4th checking information that the second back information generation sent according to the network equipment received matches with the 3rd checking information, network Equipment sends session connection release failure information to illegal client, so as to prevent illegal client by network attack, The modes such as camouflage identity cut off the session connection that legal client is established with the network equipment.
In the embodiment of the present invention, in order to prevent illegal client from being cracked to preset algorithm, in step 27 and step 28 Between, in addition to:Judge the 4th checking information that client generates according to the second back information whether is received in preset duration, If so, step 28 is then carried out, if it is not, then sending session connection release failure information.Timer built in the network equipment be used for The network equipment carries out the countdown of preset duration as initial time at the time of sending the second back information.
Fig. 3 is a kind of structural representation of the network equipment 30 provided in an embodiment of the present invention.As shown in figure 3, the network is set Standby 30 include:
Instruction generation first time is established in first back information generation module 31, the session connection for being sent according to client Pass information;
First combined information generation module 32, for according to the first back information and first prestore password generation first combination Information;
First checking information computing module 33, for according to the first combined information, with reference to preset algorithm, being calculated first Checking information;
First matching judgment module 34, for judging that the second checking information that client generates according to the first back information is The first checking information of no matching;
If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
In the embodiment of the present invention, in order to verify whether the identity of client is legal, prevent illegal client from passing through network The modes such as attack, camouflage identity and the network equipment establish session connection, first by the first back information generation module 31 according to visitor Instruction the first back information of generation is established in the session connection that family end is sent;And then first combined information generation module 32 according to first Back information and first prestore password generate the first combined information;Subsequent first checking information computing module 33 is according to the first combination Information, with reference to preset algorithm, the first checking information is calculated;Finally by the first matching judgment module 34 judge client according to Whether the second checking information of the first back information generation matches the first checking information;It is created as if so, then sending session connection Work(information, if it is not, then sending session connection establishes failure information.
Fig. 4 is a kind of structural representation for network equipment 40 that further embodiment of this invention provides.As shown in figure 4, the net Network equipment 40 includes:
Instruction generation first time is established in first back information generation module 4a, the session connection for being sent according to client Pass information;
First combined information generation module 4b, for according to the first back information and first prestore password generation first combination Information;
First checking information computing module 4c, for according to the first combined information, with reference to preset algorithm, being calculated first Checking information;
First duration judge module 4d, for judging the second checking information whether is received in preset duration.
First matching judgment module 4e, for judging that the second checking information that client generates according to the first back information is The first checking information of no matching;
If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
Second back information generation module 4f, the session connection for being sent according to client, which is released order, to be generated second time Pass information;
Second combined information generation module 4g, for according to the second back information and second prestore password generation second combination Information;
3rd checking information computing module 4h, for according to the second combined information, with reference to preset algorithm, being calculated the 3rd Checking information;
Second duration judge module 4i, for judging the 4th checking information whether is received in preset duration.
Second matching judgment module 4j, for judging that the 4th checking information that client generates according to the second back information is The 3rd checking information of no matching;
If so, session connection release successful information is then sent, if it is not, then sending session connection release failure information.
In the embodiment of the present invention, built first by the first back information generation module 4a session connections sent according to client The first back information of vertical instruction generation;And then first combined information generation module 4b prestored according to the first back information and first it is close Code the first combined information of generation;Subsequent first checking information computing module 4c is according to the first combined information, with reference to preset algorithm, meter Calculation obtains the first checking information;And then first duration judge module 4d judge whether to receive the second checking letter in preset duration Breath, if so, then judging that the second checking information that client generates according to the first back information is by the first matching judgment module 4e The first checking information of no matching;If so, then sending session connection is successfully established information, lost if it is not, then sending session connection and establishing Lose information.
Further embodiment of this invention provides a kind of nonvolatile computer storage media, and the computer-readable storage medium is deposited Computer executable instructions are contained, the computer executable instructions can perform the dialogue-based company in above-mentioned any means embodiment The safe verification method connect.
Fig. 5 is the electronic equipment of the safe verification method for the dialogue-based connection of execution that further embodiment of this invention provides Hardware architecture diagram, as shown in figure 5, the electronic equipment includes:
One or more processors 510 and memory 520, in Fig. 5 by taking a processor 510 as an example.
Performing the electronic equipment of the safe verification method of dialogue-based connection can also include:Input unit 530 and output Device 540.
Processor 510, memory 520, input unit 530 and output device 540 can pass through bus or other modes Connect, in Fig. 5 exemplified by being connected by bus.
Memory 520 is used as a kind of non-volatile computer readable storage medium storing program for executing, available for storage non-volatile software journey Sequence, non-volatile computer executable program and module, such as the safety verification of the dialogue-based connection in the embodiment of the present invention Programmed instruction/module corresponding to method is (for example, the first back information generation module 31, the life of the first combined information shown in accompanying drawing 3 Into module 32, the first checking information computing module 33 and the first matching judgment module 34).Processor 510 is stored in by operation Non-volatile software program, instruction and module in memory 520, so as to the various function application and number of execute server According to processing, that is, realize the safe verification method of the dialogue-based connection of above method embodiment.
Memory 520 can include storing program area and storage data field, wherein, storing program area can store operation system Application program required for system, at least one function;Storage data field can store uses created number according to the network equipment According to etc..In addition, memory 520 can include high-speed random access memory, nonvolatile memory can also be included, such as extremely Few a disk memory, flush memory device or other non-volatile solid state memory parts.In certain embodiments, memory 520 is optional including that can pass through network connection to net relative to the remotely located memory of processor 510, these remote memories Network equipment.The example of above-mentioned network includes but is not limited to internet, intranet, LAN, mobile radio communication and combinations thereof.
Input unit 530 can receive the numeral or character information of input, and produce with the user of the network equipment set with And the key signals input that function control is relevant.Output device 540 may include the display devices such as display screen.
One or more of modules are stored in the memory 520, when by one or more of processors During 510 execution, the safe verification method of the dialogue-based connection in above-mentioned any means embodiment is performed.
The said goods can perform the method that the embodiment of the present invention is provided, and possesses the corresponding functional module of execution method and has Beneficial effect.Not ins and outs of detailed description in the present embodiment, reference can be made to the method that the embodiment of the present invention is provided.
Device embodiment described above is only schematical, wherein the unit illustrated as separating component can To be or may not be physically separate, it can be as the part that unit is shown or may not be physics list Member, you can with positioned at a place, or can also be distributed on multiple NEs.It can be selected according to the actual needs In some or all of module realize the purpose of this embodiment scheme.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can Realized by the mode of software plus general hardware platform, naturally it is also possible to pass through hardware.Based on such understanding, above-mentioned technology The part that scheme substantially contributes to correlation technique in other words can be embodied in the form of software product, the computer Software product can store in a computer-readable storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions to So that computer equipment (can be personal computer, server, either network equipment etc.) perform each embodiment or Method described in some parts of embodiment.
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;At this Under the thinking of invention, it can also be combined between the technical characteristic in above example or different embodiments, step can be with Realized with random order, and many other changes of the different aspect of the present invention as described above be present, for simplicity, they do not have Have and provided in details;Although the present invention is described in detail with reference to the foregoing embodiments, the ordinary skill people of this area Member should be understood:It can still modify to the technical scheme described in foregoing embodiments, or to which part skill Art feature carries out equivalent substitution;And these modifications or replacement, the essence of appropriate technical solution is departed from each reality of the present invention Apply the scope of a technical scheme.

Claims (10)

  1. A kind of 1. safe verification method of dialogue-based connection, it is characterised in that including:
    Instruction the first back information of generation is established in the session connection sent according to client;
    According to first back information and first prestore password generate the first combined information;
    According to first combined information, with reference to preset algorithm, the first checking information is calculated;
    Judge whether the second checking information that client generates according to first back information matches the first checking information;
    If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
  2. 2. according to the method for claim 1, it is characterised in that the judgement client is given birth to according to first back information Into the second checking information whether match the first checking information the step of before also include:
    Judge the second checking information that client generates according to first back information whether is received in preset duration.
  3. 3. method according to claim 1 or 2, it is characterised in that second checking information is client according to First prestores password and first back information that receives generates first combined information, and according to the described first combination Information, it is calculated with reference to the preset algorithm.
  4. 4. according to the method for claim 1, it is characterised in that also include:
    The session connection sent according to client, which is released order, generates the second back information;
    According to second back information and second prestore password generate the second combined information;
    According to second combined information, with reference to preset algorithm, the 3rd checking information is calculated;
    Judge whether the 4th checking information that client generates according to second back information matches the 3rd checking information;
    If so, session connection release successful information is then sent, if it is not, then sending session connection release failure information.
  5. 5. according to the method for claim 4, it is characterised in that the judgement client is given birth to according to second back information Into the 4th checking information whether match three checking informations the step of before also include:
    Judge the 4th checking information whether is received in preset duration.
  6. 6. the method according to claim 4 or 5, it is characterised in that the 4th checking information is client according to Second prestores password and second back information that receives generates second combined information, and according to the described second combination Information, it is calculated with reference to the preset algorithm.
  7. A kind of 7. network equipment, it is characterised in that including:
    Instruction generation the first passback letter is established in first back information generation module, the session connection for being sent according to client Breath;
    First combined information generation module, for according to first back information and first prestore password generation first combination believe Breath;
    First checking information computing module, for according to first combined information, with reference to preset algorithm, being calculated first and testing Demonstrate,prove information;
    First matching judgment module, whether the second checking information generated according to first back information for judging client Match the first checking information;
    If so, then sending session connection is successfully established information, if it is not, then sending session connection establishes failure information.
  8. 8. the network equipment according to claim 7, it is characterised in that also include:First duration judge module, for judging Second checking information whether is received in preset duration.
  9. 9. the network equipment according to claim 7 or 8, it is characterised in that also include:
    Second back information generation module, the session connection for being sent according to client, which is released order, generates the second passback letter Breath;
    Second combined information generation module, for according to second back information and second prestore password generation second combination believe Breath;
    3rd checking information computing module, for according to second combined information, with reference to preset algorithm, being calculated the 3rd and testing Demonstrate,prove information;
    Second matching judgment module, whether the 4th checking information generated according to second back information for judging client Match the 3rd checking information;
    If so, session connection release successful information is then sent, if it is not, then sending session connection release failure information.
  10. 10. the network equipment according to claim 9, it is characterised in that also include:Second duration judge module, for sentencing Break and the 4th checking information whether is received in preset duration.
CN201610669795.4A 2016-08-15 2016-08-15 The safe verification method and the network equipment of dialogue-based connection Pending CN107770116A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610669795.4A CN107770116A (en) 2016-08-15 2016-08-15 The safe verification method and the network equipment of dialogue-based connection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610669795.4A CN107770116A (en) 2016-08-15 2016-08-15 The safe verification method and the network equipment of dialogue-based connection

Publications (1)

Publication Number Publication Date
CN107770116A true CN107770116A (en) 2018-03-06

Family

ID=61259922

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610669795.4A Pending CN107770116A (en) 2016-08-15 2016-08-15 The safe verification method and the network equipment of dialogue-based connection

Country Status (1)

Country Link
CN (1) CN107770116A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1384642A (en) * 2001-04-29 2002-12-11 华为技术有限公司 Method of adding subscriber's security confirmation to simple network management protocol
US20100262831A1 (en) * 2007-10-23 2010-10-14 Yi Cheng Method and Apparatus for Providing Secure Linking to a User Identity in a Digital Rights Management System
CN102387152A (en) * 2011-11-03 2012-03-21 北京锐安科技有限公司 Preset-key-based symmetric encryption communication method
CN104683359A (en) * 2015-03-27 2015-06-03 成都三零瑞通移动通信有限公司 Safety channel establishment method, and data protection method and safety channel key updating method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1384642A (en) * 2001-04-29 2002-12-11 华为技术有限公司 Method of adding subscriber's security confirmation to simple network management protocol
US20100262831A1 (en) * 2007-10-23 2010-10-14 Yi Cheng Method and Apparatus for Providing Secure Linking to a User Identity in a Digital Rights Management System
CN102387152A (en) * 2011-11-03 2012-03-21 北京锐安科技有限公司 Preset-key-based symmetric encryption communication method
CN104683359A (en) * 2015-03-27 2015-06-03 成都三零瑞通移动通信有限公司 Safety channel establishment method, and data protection method and safety channel key updating method thereof

Similar Documents

Publication Publication Date Title
CN101217575B (en) An IP address allocation and device in user end certification process
CN105306473B (en) A kind of method for preventing injection attacks, client, server and system
CN107070880A (en) A kind of method and system of single-sign-on, a kind of authentication center's server
CN105099707B (en) A kind of offline authentication method, server and system
CN109257391A (en) A kind of access authority opening method, device, server and storage medium
CN106790285B (en) A kind of Session state reuse method and device
CN106790272A (en) A kind of system and method for single-sign-on, a kind of application server
CN107547565A (en) A kind of network access verifying method and device
CN104980449B (en) The safety certifying method and system of network request
CN107623698A (en) Method and device for remotely debugging network equipment
CN109407651A (en) The control method and device of vehicle
CN107835145A (en) The method and distributed system of a kind of anti-replay-attack
KR20190127124A (en) Method and apparatus for verifying integrity of source code and related data using blockchain
CN108881233A (en) anti-attack processing method, device, equipment and storage medium
CN106453321A (en) Authentication server, system and method, and to-be-authenticated terminal
CN101404655B (en) Client terminal and its method for launching communication and communication system of network game
CN103957194B (en) A kind of procotol IP cut-in methods and access device
CN108449354A (en) A kind of reinforcing server log safety method, device and server based on agreement of knocking at the door
CN109525462A (en) Gateway test method and device
CN110166471A (en) A kind of portal authentication method and device
CN109067749A (en) A kind of information processing method, equipment and computer readable storage medium
CN105205384A (en) Method for automatically acquiring account information of user side, logging in and storing
CN107770116A (en) The safe verification method and the network equipment of dialogue-based connection
CN102685135B (en) Software authority verification method based on C/S (Client/Server) framework
CN110233825A (en) Equipment initial methods, internet of things equipment, system, platform device and smart machine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20191120

Address after: 518000 office building two and 3 of Fu Da factory area, Chongqing Road, Baoan District Fuyong street, Shenzhen, Guangdong

Applicant after: Shenzhen Dongguan packaging printing paper products company limited

Address before: 518022, Shenzhen, Guangdong province Luohu District Shennan East Road, No. 5002 Hing Plaza Plaza Wang business center 5308

Applicant before: SHENZHEN HUAYUN DIGITAL CO., LTD.

TA01 Transfer of patent application right
RJ01 Rejection of invention patent application after publication

Application publication date: 20180306

RJ01 Rejection of invention patent application after publication