CN107770192A - Identity authentication method and computer-readable recording medium in multisystem - Google Patents
Identity authentication method and computer-readable recording medium in multisystem Download PDFInfo
- Publication number
- CN107770192A CN107770192A CN201711113993.3A CN201711113993A CN107770192A CN 107770192 A CN107770192 A CN 107770192A CN 201711113993 A CN201711113993 A CN 201711113993A CN 107770192 A CN107770192 A CN 107770192A
- Authority
- CN
- China
- Prior art keywords
- service system
- user
- token
- access
- enterprise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses one kind in multisystem identity authentication method and computer-readable recording medium.Methods described includes:In user after the first service system of enterprise completes authentication, access request of the user to the second service system of the enterprise is received;Judge whether the second service system approves identity authentication result of the first service system to the user;If the second service system approves identity authentication result of the first service system to the user, the user is directly allowed to access the second service system.
Description
Technical field
The present invention relates to field of information processing, espespecially one kind identity authentication method and computer-readable is deposited in multisystem
Storage media.
Background technology
As the information-based further service operation of development and enterprise needs, the application system of enterprises is more and more.
Such as the OA office automation systems, HR HRMSs, company ERP system, management platform, these systems have oneself
Independent user authentication module and mechanism, user have to the login account and password for remembeing each system, and are using
During different system, it is necessary to repeat logon, very big inconvenience is brought to user, and meanwhile it is good to user profile neither one
Unified management so that safeguard that user profile becomes relatively difficult.Therefore, on the premise of guaranteeing data security, how body is simplified
Part identifying procedure is urgent problem to be solved.
The content of the invention
In order to solve the above-mentioned technical problem, the invention provides one kind in multisystem identity authentication method and computer
Readable storage medium storing program for executing, flow for authenticating ID can be simplified on the premise of guaranteeing data security.
In order to reach the object of the invention, the invention provides one kind in multisystem identity authentication method, including:
In user after the first service system of enterprise completes authentication, the user is received to the second of the enterprise
The access request of service system;
Judge whether the second service system approves identity authentication result of the first service system to the user;
If the second service system approves identity authentication result of the first service system to the user, directly
Connecing allows the user to access the second service system.
Wherein, methods described also has following features:It is described to obtain the clothes that the first service system is trusted in enterprise
Before business system, methods described also includes:
The certification request that multiple systems of the enterprise are sent is received, wherein the certification request of each system includes this service
The identification information for the service system that system is trusted;
According to the certification request, service system and the trusting relationship for the service system trusted are established.
Wherein, methods described also has following features:It is described to judge whether the second service system approves described first
Service system includes to the identity authentication result of the user:
The service system associated according to each service system prestored, obtains and the first service system is trusted in enterprise
The service system of system;
Judge the first service system whether in the service system that the second server is trusted;
If it is, determine that second service system approves authentication knot of the first service system to the user
Fruit.
Wherein, methods described also has following features:
It is described user enterprise first service system complete authentication after, methods described also includes:
Access token is provided to the user, and according to the service system that the first service system is trusted in enterprise,
Record the service system that the access token allows to access;
Access request of the user to the second service system of the enterprise is received, including:
When receiving the access request to the transmission of second service system, the token is also received;
It is described to judge whether the second service system approves authentication of the first service system to the user
As a result, including:
Obtain the token of the access request;
The service system for allowing to access according to the token, determines whether the second service system can in the token
In the service system of access;
If the second service system is in the service system that the token is able to access that, it is determined that second service system
Approve identity authentication result of the first service system to the user.
Wherein, methods described also has following features:Methods described also includes:
Obtain the effective time information of the token;
After the use duration for detecting the token reaches effective time, delete and token, which is permitted, to be able to access that to the token
Perhaps the record information of the service system accessed.
A kind of computer-readable recording medium, is stored thereon with computer program, and the program is realized when being executed by processor
Following steps, including:
Receiving step, in user after the first service system of enterprise completes authentication, the user is received to described
The access request of the second service system of enterprise;
Judgment step, judges whether the second service system approves identity of the first service system to the user
Authentication result;
Rate-determining steps, if the second service system approves authentication of the first service system to the user
As a result, then the user is directly allowed to access the second service system.
Wherein, the computer-readable recording medium also has following features:Described when the program is executed by processor
Before obtaining the service system that the first service system is trusted in enterprise, following steps are also realized:
Certification request receiving step, the certification request that multiple systems of the enterprise are sent is received, wherein each system
Certification request includes the identification information for the service system that this service system is trusted;
Trusting relationship establishment step, according to the certification request, establish service system and the letter for the service system trusted
The relation of appointing.
Wherein, the computer-readable recording medium also has following features:The program is executed by processor the judgement
Include during step:
The service system associated according to each service system prestored, obtains and the first service system is trusted in enterprise
The service system of system;
Judge the first service system whether in the service system that the second server is trusted;
If it is, determine that second service system approves authentication knot of the first service system to the user
Fruit.
Wherein, the computer-readable recording medium also has following features:Described in when the program is executed by processor
User also realizes that following steps include after the first service system of enterprise completes authentication:
Token issue step, access token is provided to the user, and according to trusting the first service system in enterprise
The service system of system, record the service system that the access token allows to access;
The receiving step, when receiving the access request to the transmission of second service system, also receive the token;
It is described to judge whether the second service system approves authentication of the first service system to the user
As a result the step of, including:
Obtain the token of the access request;
The service system for allowing to access according to the token, determines whether the second service system can in the token
In the service system of access;
If the second service system is in the service system that the token is able to access that, it is determined that second service system
Approve identity authentication result of the first service system to the user.
Wherein, the computer-readable recording medium also has following features:The program is also realized when being executed by processor
Following steps include:
Duration obtaining step, obtain the effective time information of the token;
Token management step, after the use duration for detecting the token reaches effective time, delete to the token
It is able to access that token allows the record information of service system of access.
Embodiment provided by the invention, after user is successful in the first service system authentication of enterprise, by judging second
Whether service system approves authentication result of the first service system to the user, if approving the authentication result, need not enter
Row authentication, directly allow the user to access second service system, the flow of authentication is eliminated, by between service system
Trusting relationship, realize the safeguard protection of data, so as to realize on the premise of guaranteeing data security, simplify authentication stream
Journey.
Other features and advantages of the present invention will be illustrated in the following description, also, partly becomes from specification
Obtain it is clear that or being understood by implementing the present invention.The purpose of the present invention and other advantages can be by specification, rights
Specifically noted structure is realized and obtained in claim and accompanying drawing.
Brief description of the drawings
Accompanying drawing is used for providing further understanding technical solution of the present invention, and a part for constitution instruction, with this
The embodiment of application is used to explain technical scheme together, does not form the limitation to technical solution of the present invention.
Fig. 1 is the flow chart of the identity authentication method provided by the invention in multisystem;
Fig. 2 is the structure chart of computer-readable recording medium provided by the invention.
Embodiment
For the object, technical solutions and advantages of the present invention are more clearly understood, below in conjunction with accompanying drawing to the present invention
Embodiment be described in detail.It should be noted that in the case where not conflicting, in the embodiment and embodiment in the application
Feature can mutually be combined.
Can be in the computer system of such as one group computer executable instructions the flow of accompanying drawing illustrates the step of
Perform.Also, although logical order is shown in flow charts, in some cases, can be with suitable different from herein
Sequence performs shown or described step.
Fig. 1 is the flow chart of the identity authentication method provided by the invention in multisystem.Method includes shown in Fig. 1:
Step 101, user enterprise first service system complete authentication after, receive the user to the enterprise
The access request of the second service system of industry;
Wherein, for multiple service systems in same enterprise, a user is usually constructed with above-mentioned multiple services in enterprise
The access rights of system, therefore, when carrying out authentication, the trust between service system can be relied on to close by unification authentication platform
System, is managed to Client-initiated access request.
Step 102, judge whether the second service system approves identity of the first service system to the user
Authentication result;
Wherein, the trusting relationship is initiated in service system, and specific implementation is as follows:
The certification request that multiple systems of the enterprise are sent is received, wherein the certification request of each system includes this service
The identification information for the service system that system is trusted;
According to the certification request, service system and the trusting relationship for the service system trusted are established.
For example, after enterprise increases a service system, can by service system active reporting that this is newly increased its
The service system of trust, complete the foundation of trusting relationship;It is of course also possible to from unification authentication platform to already present service system
Whether inquiry trusts the system newly increased, and according to the feedback of already present service system, determines trusting relationship.
It should be noted that trusting relationship include two kinds, it is a kind of be it is unidirectional, i.e., second service system trust first service
The identity authentication result of system, first service system can distrust the identity authentication result of second service system;Another kind is
Two-way, i.e., first server and second server all approve the identity authentication result of other side;
If step 103, the second service system approve authentication of the first service system to the user
As a result, then the user is directly allowed to access the second service system.
Embodiment of the method provided by the invention, after user is successful in the first service system authentication of enterprise, pass through judgement
Whether second service system approves authentication result of the first service system to the user, if approving the authentication result, nothing
Authentication need to be carried out, directly allows the user to access second service system, eliminates the flow of authentication, is by service
Trusting relationship between system, the safeguard protection of data is realized, so as to realize on the premise of guaranteeing data security, simplify authentication
Flow.
In the above-mentioned methods, it is described to judge whether the second service system approves the first service system to the use
The identity authentication result at family can be realized by the following two kinds mode:
The first implementation, including:
The service system associated according to each service system prestored, obtains and the first service system is trusted in enterprise
The service system of system;
Judge the first service system whether in the service system that the second server is trusted;
If it is, determine that second service system approves authentication knot of the first service system to the user
Fruit.
Specifically, after the request of user's access second service system is received, the mark of the second service system is obtained
Know information, obtain the identification list for the service system that the second service system is trusted, judge the mark of first service system
Whether in the identification list, if, then it represents that second service system trusts the authentication result of the first service system;It is no
Then, represent that second service system distrusts the authentication result of the first service system, it is necessary to which the user is in second service system
Re-execute flow for authenticating ID.
Second of implementation:
It is described user enterprise first service system complete authentication after, methods described also includes:
Access token is provided to the user, and according to the service system that the first service system is trusted in enterprise,
Record the service system that the access token allows to access;
Access request of the user to the second service system of the enterprise is received, including:
When receiving the access request to the transmission of second service system, the token is also received;
It is described to judge whether the second service system approves authentication of the first service system to the user
As a result, including:
Obtain the token of the access request;
The service system for allowing to access according to the token, determines whether the second service system can in the token
In the service system of access;
If the second service system is in the service system that the token is able to access that, it is determined that second service system
Approve identity authentication result of the first service system to the user.
Compared with traditional user inputs authentication information, when sending access request, it is only necessary to according to what is provided
Token can carry out subsequent access, also simplify the complexity for accessing operation.
The second way is specifically described below, the present invention is based on logging in offer between multisystem under micro services environment
Unified certificate scheme.
Debarkation authentication:Unified Verification System is provided, the logon information of user compared with the user profile of Verification System.
Authentication marks (ticket):Return authentication mark after certification success, feeds back to user.
Ticket certifications:Verification System passes through ageing and validity certification ticket legitimacy.
Ticket is extracted:Application system should be able to be identified and extract to ticket, by the communication with Verification System,
Whether energy automatic decision active user is logged, so as to complete the function of single-sign-on.
Illustrated below with an application example:
The single sign-on scheme of multisystem under a kind of environment based on micro services, it is characterised in that:Once log in and may have access to
Resource in different application systems, mainly including the following steps:
Step 1:User logs in OA systems.
Step 2:OA systems check whether effective token of corresponding requests in Verification System, if so, then reading corresponding
Identity information, it is allowed to its access;If without or token valid, redirect a user to unified identity authentication platform, and take
Band operation system address, into step 3.
Step 3:Unified identity authentication platform provide the page in, user input identity documents information, platform validation this
Identity documents information, if effectively, one effective token of generation is to user, into step 4;If invalid, continue to recognize
Card, untill certification success or exiting.
Step 4:User carries the token that step 3 obtains, and accesses OA systems again.
Step 5:OA systems obtain the token that user carries, and are submitted to authentication platform and carry out validity check and identity letter
Breath obtains.
Step 6:If token can return to subscriber identity information corresponding to token by validity check, authentication platform
OA systems are given, operation system is in identity information and effective token write-in session status, it is allowed to which user is carried out with this identity information
The various operations of OA systems;If token by validity check, can not be redirected to authentication platform, return to step three again.
It should be noted that needing to be managed the ageing of token, to ensure the security of user's access, reduce black
The possibility of visitor's attack, concrete methods of realizing are for example as follows:
Obtain the effective time information of the token;
After the use duration for detecting the token reaches effective time, delete and token, which is permitted, to be able to access that to the token
Perhaps the record information of the service system accessed.
Specifically, after locally the record is deleted, conducted interviews even if reusing the token, due to unification authentication platform
The information of the token has no longer been stored, therefore the validity of the token can not have been judged, have rejected and entered using the token
The operation that row accesses, user need to re-start authentication.
Application example provided by the invention, use the certification unified based on offer is logged between multisystem under micro services environment
Scheme, solving user only needs to log in the application system of all mutual trusts of can access, and does not have to repeat logon,
Operating efficiency is improved, improves the competitiveness of sea of clouds platform.
Fig. 2 is the structure chart of computer-readable recording medium provided by the invention.Computer-readable storage medium shown in Fig. 2
Matter, computer program being stored thereon with, the program realizes following steps when being executed by processor, including:
Receiving step, in user after the first service system of enterprise completes authentication, the user is received to described
The access request of the second service system of enterprise;
Judgment step, judges whether the second service system approves identity of the first service system to the user
Authentication result;
Rate-determining steps, if the second service system approves authentication of the first service system to the user
As a result, then the user is directly allowed to access the second service system.
In a computer-readable recording medium embodiment provided by the invention, in institute when the program is executed by processor
State before obtaining the service system that the first service system is trusted in enterprise, also realize following steps:
Certification request receiving step, the certification request that multiple systems of the enterprise are sent is received, wherein each system
Certification request includes the identification information for the service system that this service system is trusted;
Trusting relationship establishment step, according to the certification request, establish service system and the letter for the service system trusted
The relation of appointing.
In a computer-readable recording medium embodiment provided by the invention, the program, which is executed by processor, described to be sentenced
Include during disconnected step:
The service system associated according to each service system prestored, obtains and the first service system is trusted in enterprise
The service system of system;
Judge the first service system whether in the service system that the second server is trusted;
If it is, determine that second service system approves authentication knot of the first service system to the user
Fruit.
In a computer-readable recording medium embodiment provided by the invention:
It is also real described in when the program is executed by processor in user after the first service system of enterprise completes authentication
Existing following steps include:
Token issue step, access token is provided to the user, and according to trusting the first service system in enterprise
The service system of system, record the service system that the access token allows to access;
The receiving step, when receiving the access request to the transmission of second service system, also receive the token;
It is described to judge whether the second service system approves authentication of the first service system to the user
As a result the step of, including:
Obtain the token of the access request;
The service system for allowing to access according to the token, determines whether the second service system can in the token
In the service system of access;
If the second service system is in the service system that the token is able to access that, it is determined that second service system
Approve identity authentication result of the first service system to the user.
In a computer-readable recording medium embodiment provided by the invention, reality is gone back when the program is executed by processor
Existing following steps include:
Duration obtaining step, obtain the effective time information of the token;
Token management step, after the use duration for detecting the token reaches effective time, delete to the token
It is able to access that token allows the record information of service system of access.
Computer-readable recording medium provided by the invention, after user is successful in the first service system authentication of enterprise,
By judging whether second service system approves authentication result of the first service system to the user, if approving the certification knot
Fruit, then authentication need not be carried out, directly allow the user to access second service system, eliminate the flow of authentication, borrow
The trusting relationship helped between service system, the safeguard protection of data is realized, so as to realize on the premise of guaranteeing data security, simplified
Flow for authenticating ID.
One of ordinary skill in the art will appreciate that all or part of step of above-described embodiment can use computer journey
Sequence flow realizes that the computer program can be stored in a computer-readable recording medium, the computer program exists
(such as system, unit, device) performs on corresponding hardware platform, upon execution, including the step of embodiment of the method it
One or its combination.
Alternatively, all or part of step of above-described embodiment can also realize that these steps can using integrated circuit
To be fabricated to integrated circuit modules one by one respectively, or the multiple modules or step in them are fabricated to single integrated electricity
Road module is realized.So, the present invention is not restricted to any specific hardware and software combination.
Each device/functional module/functional unit in above-described embodiment can be realized using general computing device, it
Can concentrate on single computing device, can also be distributed on the network that multiple computing devices are formed.
Each device/functional module/functional unit in above-described embodiment realized in the form of software function module and as
Independent production marketing in use, can be stored in a computer read/write memory medium.Computer mentioned above
Read/write memory medium can be read-only storage, disk or CD etc..
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained
Cover within protection scope of the present invention.Therefore, protection scope of the present invention should be defined by the protection domain described in claim.
Claims (10)
1. one kind identity authentication method in multisystem, it is characterised in that including:
In user after the first service system of enterprise completes authentication, second service of the user to the enterprise is received
The access request of system;
Judge whether the second service system approves identity authentication result of the first service system to the user;
If the second service system approves identity authentication result of the first service system to the user, directly permit
Perhaps described user accesses the second service system.
2. according to the method for claim 1, it is characterised in that the first service system is trusted in the acquisition in enterprise
Service system before, methods described also includes:
The certification request that multiple systems of the enterprise are sent is received, wherein the certification request of each system includes this service system
The identification information for the service system trusted;
According to the certification request, service system and the trusting relationship for the service system trusted are established.
3. according to the method for claim 2, it is characterised in that it is described judge whether the second service system approve described in
First service system includes to the identity authentication result of the user:
The service system associated according to each service system prestored, obtains and the first service system is trusted in enterprise
Service system;
Judge the first service system whether in the service system that the second server is trusted;
If it is, determine that second service system approves identity authentication result of the first service system to the user.
4. according to the method for claim 2, it is characterised in that:
It is described user enterprise first service system complete authentication after, methods described also includes:
Access token is provided to the user, and according to the service system that the first service system is trusted in enterprise, record
The access token allows the service system accessed;
Access request of the user to the second service system of the enterprise is received, including:
When receiving the access request to the transmission of second service system, the token is also received;
It is described to judge whether the second service system approves identity authentication result of the first service system to the user,
Including:
Obtain the token of the access request;
The service system for allowing to access according to the token, determines whether the second service system is able to access that in the token
Service system in;
If the second service system is in the service system that the token is able to access that, it is determined that second service system is approved
Identity authentication result of the first service system to the user.
5. according to the method for claim 4, it is characterised in that methods described also includes:
Obtain the effective time information of the token;
After the use duration for detecting the token reaches effective time, delete and token, which allows to visit, to be able to access that to the token
The record information for the service system asked.
6. a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that the program is held by processor
Following steps are realized during row, including:
Receiving step, in user after the first service system of enterprise completes authentication, the user is received to the enterprise
Second service system access request;
Judgment step, judges whether the second service system approves authentication of the first service system to the user
As a result;
Rate-determining steps, if the second service system approves authentication knot of the first service system to the user
Fruit, then the user is directly allowed to access the second service system.
7. computer-readable recording medium according to claim 6, it is characterised in that when the program is executed by processor
Before the service system of the first service system is trusted in the acquisition in enterprise, following steps are also realized:
Certification request receiving step, the certification request that multiple systems of the enterprise are sent is received, wherein the certification of each system
Request includes the identification information for the service system that this service system is trusted;
Trusting relationship establishment step, according to the certification request, the trust for the service system established service system and trusted is closed
System.
8. computer-readable recording medium according to claim 7, it is characterised in that the program is executed by processor described
Include during judgment step:
The service system associated according to each service system prestored, obtains and the first service system is trusted in enterprise
Service system;
Judge the first service system whether in the service system that the second server is trusted;
If it is, determine that second service system approves identity authentication result of the first service system to the user.
9. computer-readable recording medium according to claim 7, it is characterised in that:
Also realized such as after the first service system of enterprise completes authentication in user described in when the program is executed by processor
Lower step includes:
Token issue step, access token is provided to the user, and according to trusting the first service system in enterprise
Service system, record the service system that the access token allows to access;
The receiving step, when receiving the access request to the transmission of second service system, also receive the token;
It is described to judge whether the second service system approves identity authentication result of the first service system to the user
The step of, including:
Obtain the token of the access request;
The service system for allowing to access according to the token, determines whether the second service system is able to access that in the token
Service system in;
If the second service system is in the service system that the token is able to access that, it is determined that second service system is approved
Identity authentication result of the first service system to the user.
10. computer-readable recording medium according to claim 9, it is characterised in that when the program is executed by processor
Also realize that following steps include:
Duration obtaining step, obtain the effective time information of the token;
Token management step, after the use duration for detecting the token reaches effective time, deleting can to the token
Access token allows the record information of the service system accessed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711113993.3A CN107770192A (en) | 2017-11-13 | 2017-11-13 | Identity authentication method and computer-readable recording medium in multisystem |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711113993.3A CN107770192A (en) | 2017-11-13 | 2017-11-13 | Identity authentication method and computer-readable recording medium in multisystem |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107770192A true CN107770192A (en) | 2018-03-06 |
Family
ID=61273578
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711113993.3A Pending CN107770192A (en) | 2017-11-13 | 2017-11-13 | Identity authentication method and computer-readable recording medium in multisystem |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107770192A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109272302A (en) * | 2018-10-16 | 2019-01-25 | 翟红鹰 | Management method, terminal and readable storage medium storing program for executing based on block chain technology |
| CN109547432A (en) * | 2018-11-19 | 2019-03-29 | 中国银行股份有限公司 | Multisystem verification method and device, storage medium and electronic equipment |
| CN110034933A (en) * | 2018-12-25 | 2019-07-19 | 中国银联股份有限公司 | Inter-system subscriber mutual trust authentication method and inter-system subscriber mutual trust Verification System |
| CN110120946A (en) * | 2019-04-29 | 2019-08-13 | 武汉理工大学 | A kind of Centralized Authentication System and method of Web and micro services |
| CN111131132A (en) * | 2018-10-31 | 2020-05-08 | 北京国双科技有限公司 | Method and device for realizing multi-system login |
| CN111385279A (en) * | 2018-12-28 | 2020-07-07 | 深圳市优必选科技有限公司 | Service access authority system and method |
| CN111538966A (en) * | 2020-04-17 | 2020-08-14 | 中移(杭州)信息技术有限公司 | Access method, access device, server and storage medium |
| CN111935159A (en) * | 2020-08-13 | 2020-11-13 | 工银科技有限公司 | Method, device and system for authenticating mutual trust between multiple systems |
| CN114238803A (en) * | 2022-02-25 | 2022-03-25 | 北京结慧科技有限公司 | Method and system for managing business registration data of enterprise-level user |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101183940A (en) * | 2007-12-11 | 2008-05-21 | 中兴通讯股份有限公司 | Method for multi-application system to perform authentication to user identification |
| CN101453476A (en) * | 2009-01-06 | 2009-06-10 | 中国人民解放军信息工程大学 | Cross domain authentication method and system |
| CN101605030A (en) * | 2008-06-13 | 2009-12-16 | 新奥特(北京)视频技术有限公司 | A kind of uniform authentication realizing method of using towards TV station based on Active Directory |
| US20140149741A1 (en) * | 2012-11-27 | 2014-05-29 | Oracle International Corporation | Access management system using trusted partner tokens |
-
2017
- 2017-11-13 CN CN201711113993.3A patent/CN107770192A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101183940A (en) * | 2007-12-11 | 2008-05-21 | 中兴通讯股份有限公司 | Method for multi-application system to perform authentication to user identification |
| CN101605030A (en) * | 2008-06-13 | 2009-12-16 | 新奥特(北京)视频技术有限公司 | A kind of uniform authentication realizing method of using towards TV station based on Active Directory |
| CN101453476A (en) * | 2009-01-06 | 2009-06-10 | 中国人民解放军信息工程大学 | Cross domain authentication method and system |
| US20140149741A1 (en) * | 2012-11-27 | 2014-05-29 | Oracle International Corporation | Access management system using trusted partner tokens |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109272302A (en) * | 2018-10-16 | 2019-01-25 | 翟红鹰 | Management method, terminal and readable storage medium storing program for executing based on block chain technology |
| CN111131132A (en) * | 2018-10-31 | 2020-05-08 | 北京国双科技有限公司 | Method and device for realizing multi-system login |
| CN109547432A (en) * | 2018-11-19 | 2019-03-29 | 中国银行股份有限公司 | Multisystem verification method and device, storage medium and electronic equipment |
| CN109547432B (en) * | 2018-11-19 | 2020-11-27 | 中国银行股份有限公司 | Multi-system verification method and device, storage medium and electronic equipment |
| CN110034933A (en) * | 2018-12-25 | 2019-07-19 | 中国银联股份有限公司 | Inter-system subscriber mutual trust authentication method and inter-system subscriber mutual trust Verification System |
| CN111385279A (en) * | 2018-12-28 | 2020-07-07 | 深圳市优必选科技有限公司 | Service access authority system and method |
| CN110120946A (en) * | 2019-04-29 | 2019-08-13 | 武汉理工大学 | A kind of Centralized Authentication System and method of Web and micro services |
| CN111538966A (en) * | 2020-04-17 | 2020-08-14 | 中移(杭州)信息技术有限公司 | Access method, access device, server and storage medium |
| CN111538966B (en) * | 2020-04-17 | 2024-02-23 | 中移(杭州)信息技术有限公司 | Access method, access device, server and storage medium |
| CN111935159A (en) * | 2020-08-13 | 2020-11-13 | 工银科技有限公司 | Method, device and system for authenticating mutual trust between multiple systems |
| CN114238803A (en) * | 2022-02-25 | 2022-03-25 | 北京结慧科技有限公司 | Method and system for managing business registration data of enterprise-level user |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200304485A1 (en) | Controlling Access to Resources on a Network | |
| CN107770192A (en) | Identity authentication method and computer-readable recording medium in multisystem | |
| AU2019206006B2 (en) | System and method for biometric protocol standards | |
| CN104364790B (en) | System and method for implementing dual factor anthentication | |
| US10484385B2 (en) | Accessing an application through application clients and web browsers | |
| CN108804906B (en) | System and method for application login | |
| US8424061B2 (en) | Method, system and program product for authenticating a user seeking to perform an electronic service request | |
| US8973123B2 (en) | Multifactor authentication | |
| US8832857B2 (en) | Unsecured asset detection via correlated authentication anomalies | |
| US11539526B2 (en) | Method and apparatus for managing user authentication in a blockchain network | |
| US20170147600A1 (en) | Techniques for securely sharing files from a cloud storage | |
| CN105229987A (en) | The initiatively mobile authentication of associating | |
| US20080163348A1 (en) | Moving principals across security boundaries without service interruption | |
| US10397214B2 (en) | Collaborative sign-on | |
| CN103209168A (en) | Method and system for achieving single sign-on | |
| CN103975567B (en) | Two-factor authentication method and virtual machine facility | |
| US20150067772A1 (en) | Apparatus, method and computer-readable storage medium for providing notification of login from new device | |
| CN105354482A (en) | Single sign-on method and device | |
| CN110069909A (en) | It is a kind of to exempt from the close method and device for logging in third party system | |
| CN116415217A (en) | Instant authorization system based on zero trust architecture | |
| Wang et al. | A framework for formal analysis of privacy on SSO protocols | |
| CN115422526B (en) | Role authority management method, device and storage medium | |
| KR102508418B1 (en) | Method and system for providing in-house security management solution | |
| CN111400750B (en) | Trusted measurement method and device based on access process judgment | |
| Riti et al. | Identity and Access Management with Google Cloud Platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180306 |