CN108229970A - A kind of processing method and processing device of authentication information - Google Patents

A kind of processing method and processing device of authentication information Download PDF

Info

Publication number
CN108229970A
CN108229970A CN201611170628.1A CN201611170628A CN108229970A CN 108229970 A CN108229970 A CN 108229970A CN 201611170628 A CN201611170628 A CN 201611170628A CN 108229970 A CN108229970 A CN 108229970A
Authority
CN
China
Prior art keywords
authentication information
user
authentication
product line
individual event
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611170628.1A
Other languages
Chinese (zh)
Inventor
李维之
李兴会
赵秀慧
周剑
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Baidu Online Network Technology Beijing Co Ltd
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN201611170628.1A priority Critical patent/CN108229970A/en
Publication of CN108229970A publication Critical patent/CN108229970A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products

Abstract

The present invention proposes a kind of processing method and processing device of authentication information, and method therein includes:Authentication information model is generated according to the individual event authentication information of user configuration;The authentication information submitted according to the authentication information model checking user;The authentication state of the user is updated according to the check results of the authentication information.After this method by the individual event authentication information of user configuration by generating authentication information model, the authentication state of the user is updated according to the check results of the authentication information model, the acquisition standard for making authentication information is consistent with entrance unification and structuring rule, ensure that authentication information can be multiplexed with inter-product line, it reduces trade company to repeat to submit the inconvenience of audit, improves the consistency of user experience;Each product line can realize simple and quick access by the authentication information model being configured, and so as to reduce the coupling between system, repeat to open, and then can support the quick exploitation of new product without each product line.

Description

A kind of processing method and processing device of authentication information
Technical field
The present invention relates to computer realm more particularly to a kind of processing method and processing devices of authentication information.
Background technology
With the combination of internet and business, very important link is become to the certification of user, be business expansion and The basis of risk prevention system.At present, for different business, the identifying procedure of user is also differed, and with portfolio Increase, certified product is also more and more, each product is required for a set of identifying procedure newly developed.
For example, existing identifying procedure mainly includes endorsement certification, phone authentication and video authentication etc..Endorsement is recognized Card, it usually needs carry out qualification certification, management place certification and record the flows such as certification in violation of rules and regulations;For phone authentication, usually need Carry out the flows such as service calls certification and foreground phone authentication;For video authentication, it usually needs carry out production process video The flows such as certification and management place video authentication.
Since in existing identifying procedure, each product line is required for respectively completing the streams such as the acquisition storage of authentication information Journey.In terms of operational angle, the processing of authentication information is undertaken respectively by product line, authentication information dispersion, redundancy, in some instances it may even be possible to mutually Contradiction, had both been unfavorable for the standardization of authentication information flow, was also unfavorable for the consistency of user experience;In terms of engineering viewpoint, increase newly Product line needs each procedure links that overlapping development authentication information is handled, and system reusability is low, the degree of coupling is high, the development cycle It is long.
Invention content
Present invention solves the technical problem that one of be existing for existing user authentication flow authentication information dispersion and redundancy, Reusability is relatively low, the degree of coupling is higher and the development cycle is longer.
One embodiment according to an aspect of the present invention provides a kind of processing method of authentication information, including:
Authentication information model is generated according to the individual event authentication information of user configuration;
The authentication information submitted according to the authentication information model checking user;
The authentication state of the user is updated according to the check results of the authentication information.
One embodiment according to a further aspect of the invention provides a kind of processing unit of authentication information, including:
For generating the device of authentication information model according to the individual event authentication information of user configuration;
Device for the authentication information submitted according to the authentication information model checking user;
For updating the device of the authentication state of the user according to the check results of the authentication information.
After the individual event authentication information of user configuration is generated authentication information model due to the present embodiment, according to the authentication information The check results of model update the authentication state of the user, make the acquisition standard of authentication information and entrance is unified and structuring is regular Unanimously, ensure that authentication information can be multiplexed with inter-product line, reduce user and repeat to submit the inconvenience of audit, improve the one of user experience Cause property;Each product line can realize simple and quick access by the authentication information model being configured, so as to reduce the coupling between system It closes, without each product line overlapping development, and then can support the quick exploitation of new product.
Although those of ordinary skill in the art will be appreciated that following detailed description carries out referenced in schematic embodiment, attached drawing, But the present invention is not limited in these embodiments.But the scope of the present invention is extensive, and is intended to be bound only by appended right It is required that limit the scope of the present invention.
Description of the drawings
By reading the detailed description made to non-limiting example made with reference to the following drawings, of the invention is other Feature, objects and advantages will become more apparent upon:
Fig. 1 shows the flow chart of the processing method according to authentication information proposed by the present invention.
Fig. 2 shows the flow charts of the processing method of authentication information that the embodiment of the present invention one proposes.
Fig. 3 shows the layered structure schematic diagram that the authentication information that the embodiment of the present invention one proposes includes.
Fig. 4 shows the flow chart being configured in digital section layer that the embodiment of the present invention one proposes.
Fig. 5 shows the block diagram of front end list generation control that the embodiment of the present invention one proposes.
Fig. 6 show that the embodiment of the present invention one proposes to calculate polymerization logic, data source and packaging structure into The schematic diagram of row configuration.
Fig. 7 shows the flow chart of the processing method for the another authentication information that the embodiment of the present invention two proposes.
Fig. 8 shows showing according to data mode to divide the fundamental type of data field for the proposition of the embodiment of the present invention two It is intended to.
Fig. 9 shows the block diagram of the processing unit according to authentication information proposed by the present invention.
Figure 10 shows the block diagram of the processing unit for the authentication information that the embodiment of the present invention three proposes.
Figure 11 shows the block diagram of the processing unit for the authentication information that the embodiment of the present invention four proposes.
The same or similar reference numeral represents the same or similar component in attached drawing.
Specific embodiment
It should be mentioned that some exemplary embodiments are described as before exemplary embodiment is discussed in greater detail The processing described as flow chart or method.Although operations are described as the processing of sequence by flow chart, therein to be permitted Multioperation can be implemented concurrently, concomitantly or simultaneously.In addition, the sequence of operations can be rearranged.When it The processing can be terminated when operation is completed, it is also possible to have the additional step being not included in attached drawing.The processing It can correspond to method, function, regulation, subroutine, subprogram etc..
Alleged within a context " computer equipment ", also referred to as " computer ", referring to can be by running preset program or referring to Enable performing the intelligent electronic device of the predetermined process process such as numerical computations and/or logical calculated, can include processor with Memory, instructed by the survival that prestores in memory of processor execution perform predetermined process process or by ASIC, The hardware such as FPGA, DSP perform predetermined process process or are realized by said two devices combination.Computer equipment includes but unlimited In server, PC, laptop, tablet computer, smart mobile phone etc..
The computer equipment includes user equipment and the network equipment.Wherein, the user equipment includes but not limited to electricity Brain, smart mobile phone, PDA etc.;The network equipment includes but not limited to single network server, multiple network servers form Server group or the cloud being made of a large amount of computers or network server based on cloud computing (Cloud Computing), wherein, Cloud computing is one kind of Distributed Calculation, a super virtual computer being made of the computer collection of a group loose couplings.Its In, the computer equipment can isolated operation realize the present invention, also can access network and by with other calculating in network The present invention is realized in the interactive operation of machine equipment.Wherein, the network residing for the computer equipment include but not limited to internet, Wide area network, Metropolitan Area Network (MAN), LAN, VPN network etc..
It should be noted that the user equipment, the network equipment and network etc. are only for example, other are existing or from now on may be used The computer equipment or network that can occur such as are applicable to the present invention, should also be included within the scope of the present invention, and to draw It is incorporated herein with mode.
Method (some of them are illustrated by flow) discussed hereafter can be by hardware, software, firmware, centre Part, microcode, hardware description language or its arbitrary combination are implemented.Implement when with software, firmware, middleware or microcode When, to implement the program code of necessary task or code segment can be stored in machine or computer-readable medium and (for example deposit Storage media) in.(one or more) processor can implement necessary task.
Specific structure and function details disclosed herein are only representative, and are for describing showing for the present invention The purpose of example property embodiment.But the present invention can be implemented, and be not interpreted as by many alternative forms It is limited only by the embodiments set forth herein.
Although it should be understood that may have been used term " first ", " second " etc. herein to describe each unit, But these units should not be limited by these terms.The use of these items is only for by a unit and another unit It distinguishes.For example, in the case of the range without departing substantially from exemplary embodiment, it is single that first unit can be referred to as second Member, and similarly second unit can be referred to as first unit.Term "and/or" used herein above include one of them or The arbitrary and all combination of more listed associated items.
It should be understood that when a unit is referred to as " connecting " or during " coupled " to another unit, can directly connect It connects or is coupled to another unit or there may be temporary location.In contrast, when a unit is referred to as " directly connecting Connect " or " direct-coupling " to another unit when, then there is no temporary locations.It should explain in a comparable manner and be used to retouch State the relationship between unit other words (such as " between being in ... " compared to " between being directly in ... ", " and with ... it is adjacent Closely " compared to " with ... be directly adjacent to " etc.).
Term used herein above is not intended to limit exemplary embodiment just for the sake of description specific embodiment.Unless Context clearly refers else, otherwise singulative used herein above "one", " one " also attempt to include plural number.Should also When understanding, term " comprising " and/or "comprising" used herein above provide stated feature, integer, step, operation, The presence of unit and/or component, and do not preclude the presence or addition of other one or more features, integer, step, operation, unit, Component and/or a combination thereof.
It should further be mentioned that in some replaces realization modes, the function/action being previously mentioned can be according to different from attached The sequence indicated in figure occurs.For example, depending on involved function/action, the two width figures shown in succession actually may be used Substantially simultaneously to perform or can perform in a reverse order sometimes.
The present invention is described in further detail below in conjunction with the accompanying drawings.
Fig. 1 is the flow chart of the processing method of authentication information according to an embodiment of the invention.
With reference to shown in Fig. 1, the processing method of the authentication information described in the present embodiment includes the following steps:
S110, authentication information model is generated according to the individual event authentication information of user configuration;
S120, the authentication information submitted according to the authentication information model checking user;
S130, the authentication state that the user is updated according to the check results of the authentication information.
Each step is described in further detail below.
In step S110, the user information of certification as needed can be by user in advance in configuration platform to needing certification Individual event authentication information is configured.
User information in the present embodiment includes product line information, and the configuration of the product line information is included to field class Type, check logic and/or the configuration for showing pattern.
Optionally, which includes product line mark, unique mark, certification object mark and/or certification mark Know.It is combined by the individual event authentication information to user configuration, the authentication information model needed for product line can be formed.
The authentication information model for brand authentication, including but not limited to trade mark registration may be used in the authentication information model Three authentication items schemes such as proof, trade mark registration figure and trade mark ownership relationship proof show, interact, verifying, combining, issuing Rule and logic.
Wherein, preview, the storage of the individual event authentication information can be carried out to the individual event authentication information model in the configuration platform Type can include:Text, setting option, picture, time, address and/or table.
In step S120, verified according to the authentication information that scheduled verification strategy submits the user, and will verification As a result existing authentication platform or Related product line are sent to.
Wherein, which is usually applied to during brand authentication, in the trade mark number in the verification strategy Appearance can determine that the trade mark LOGO pictures of upload can be directed to requires certain length-width ratio and size accordingly by specified format Limitation etc..
Optionally, if the user has sharable authentication information, which is carried as user The check results of the authentication information of friendship.
Legitimacy verifies can be carried out, and by the knot of legitimacy verifies to the authentication information that the user submits in the authentication platform Fruit is sent to corresponding audit platform.
In step S130, user can entrust third party to collect evidence, by third party by the qualification data input of evidence obtaining to flat Platform, and verified according to the authentication information that the authentication content that third party provides submits the user, it will finally be needed by user The information of certification is sent to the third party and is audited.
Optionally, after audit platform updates the authentication state of the user according to the check results of the authentication information, also Relatively general static resource can be stored on content distributing network, and the configuration for needing to upgrade and change is arranged on each production Product line is issued the authentication state of the updated user by pre- fixed platform, so that the public checks or analysis of strategies.
The technical solution proposed using the present embodiment, by the way that the individual event authentication information of user configuration is generated authentication information mould After type, the authentication state of the user is updated according to the check results of the authentication information model, make authentication information acquisition standard and Entrance is unified and structuring rule is consistent, ensures that authentication information can be multiplexed with inter-product line, reduces user and repeats to submit audit Inconvenience improves the consistency of user experience;Each product line can realize simple and quick connect by the authentication information model being configured Enter, so as to reduce the coupling between system, without each product line overlapping development, and then can support the quick exploitation of new product, protect The reusability and autgmentability of certification effect have been demonstrate,proved, can gradually develop into system-wide unification authentication platform, has reduced other business The development cost of system, while specification Valuation Standard.
Embodiment one
The processing method of another authentication information is proposed in the present embodiment, with reference to shown in Fig. 2, is included the following steps:
S210, the authentication information for obtaining user.
The differentiation of authentication information is mainly reflected in two aspects, first, scene determines authentication content, second is that authentication content Itself.
Authentication content is determined for scene, the considerations of for Universal and scalability, for specific transactions scene, this reality One group of authentication information can be positioned from following dimension by applying example:
(1), product line ID:Between each product line, authentication information can include more parts;
(2), unique ID:Inside product line, similar authentication information can include more parts;
(3), certification object ID:It is often referred to the account of user or further composite object;
(4), certification ID:Referring to needs the specific content of certification.
Authentication information is described by above-mentioned 4 dimensions, then can meet the needs of under common scene.
S220, authentication information model is generated according to the individual event authentication information of user configuration.
The present embodiment is to the authentication information model foundation layered structure, to be conducive to administrative authentication information, while effectively The authentication information is encapsulated, makes external easily data needed for acquisition, with reference to shown in Fig. 3, which includes following several A level:
(1), data field layer:Actual content including authentication information and under different scenes to the explanation of content, with Ensure the consistency of authentication information;
(2), authenticating party pattern layer:Screening combination, while specified data source are carried out to the data field of authentication information, at this The isolation of the achievable authentication data of layer is shared;
(3), certification masterplate layer:One kind of certificate scheme is abstracted, the same approach in different data source is connected, The contact is conducive to administrative authentication information and formulates unified product strategy;
(4), authentication layers:The logical combination of one or more certificate schemes can pass through and be configured as the window externally exported Combinational logic can meet the needs of different product line.
S230, configuration and parsing authentication information.
On the basis of authentication information layering, each layer can be configured, ultimately form complete authentication model. Data field layer, with reference to shown in Fig. 4, the main part of configuration is data definition, wherein the mainly definition of data type.Its In, the intension of dtd--data type definition includes:
(1), data render model:Provide the interactive form of page elements;
(2), data verification method:The parameter of specified front end verification, the parameter of rear end verification, the rule of verification;
(3), data structure:The institutional framework of specified data.
It is configured by authentication information model corresponding to authentication information type, generates unified, self-explanatory data Dictionary.This matches the authentication information model supports hot plug postponed, can come into force after modification, without disposing code again.
Wherein, which is usually applied in brand authentication, and general there are three authentication items, and each authentication items have several Field, each authentication items, field have corresponding English code name, form dictionary and externally provide, and system can will be according to these English code name is addressed to specific data.
If some user is submitting authentication information, which can be appreciated that one generates according to authentication information model rendering The submission page, after having submitted can be verified according to method of calibration, the number for finally being submitted user according to data structure According to the metadata for switching to structuring, and will be in metadata storage to full dose authentication information.
S540, authentication information model is updated by front end list generation control.
To ensure the consistency of user experience, while reduce the cost of access of each product line, with reference to shown in Fig. 5, this implementation Example proposes general front end list generation control.Control is generated by the front end list, general static resource can be deposited It is placed on CDN (Content Delivery Network, content distributing network), and the configuration point that will be needed to upgrade and change Cloth is in each product line.The authentication information model can be provided by existing sincere authentication platform, and it is specific that product line does not need to concern Authentication logic.
The front end list production control has following characteristic:
Versatility:Any product line is applicable to by the authentication information model that generation is configured, between different product line Authentication data can be isolated or share, and all operating interactives and request of data can all be completed by the front end form controls.
It is personalized:When each product line access authentication platform, can reserved API be passed through with self-defined adeditive attribute (Application Programming Interface, application programming interface) changes the interaction of the front end form controls Behavior and part format.
The calculating of S550, authentication information are with polymerizeing.
For general authentication platform, the value volume and range of product of the authentication information needed is all very much.Meanwhile the downstream of docking Very much, the advance data maincenter including each data terminal, the statistics calculating of user credit and each product line etc..
Secondly, the pretreatment logic of authentication information and information needed for these downstreams also has very big difference.Cause in handle Logic when metadata switchs to business datum is more complicated, while the efficiency for developing a socket to each downstream is relatively low.
How easily to be converted between metadata and business datum, need to handle following data:
Metadata:According to the authentication information after uniform data protocol architecture;
Business datum:Each required data in downstream are typically passed through certain calculating, polymerization logical process.
For this purpose, the present embodiment proposes the modelling that interface defines, and realize data acquisition, calculating and interface module Separation.With reference to shown in Fig. 6, calculate polymerization logic, data source and packaging structure and can be carried out being configured, manage business concentratedly The calculating and distribution of data change a small amount of configuration with regard to that can complete the upgrading of interface, so as to reduce the cost that exploitation is safeguarded.
Embodiment two
The processing method of another authentication information is proposed in the present embodiment, with reference to shown in Fig. 7, is included the following steps:
S710, the authentication information for obtaining user.
For the storage form of unified all authentication informations, with reference to shown in Fig. 8, the present embodiment carries out all authentication datas It concludes.
The fundamental type of data field is divided according to data mode first:
Text:The information of plain text is generally included, can there is canonical limitation, sensitive word limitation etc.;
Multiselect:The business meaning of configurable setting option and each option, the processing logic of corresponding service;
Picture:It is controllable to upload quantity, size, support online preview, asynchronous more scale compressions etc.;
Time:It can support time point or period, the operation flow of setup time triggering;
Address:Configurable display provinces and cities or better address, the detection of address legitimacy;
Table:Support nested all other field type.
On this basis, to each fundamental type defined attribute, including:
Admittable regulation:Including above-mentioned canonical limitation, sensitive word limitation, legitimacy detection etc., external be overlapped is supported Configuration, both ensures data consistency, can also meet customization demand;
Composition part:Allow same data field that there is different composition parts, to be suitable for different scenes, simultaneously System also provides normalized data;
Expression-form:Allow same data field, the form with different submissions, publication and disclosure.
By providing the type and attribute of authentication field, authentication information is packaged and is deposited with unified data protocol Storage.
S720, authentication information model is generated according to the individual event authentication information of user configuration.
The present embodiment is to the authentication information model foundation layered structure, to be conducive to administrative authentication information, while effectively The authentication information is encapsulated, makes external easily data needed for acquisition, with reference to shown in Fig. 3, which includes following several A level:
(1), data field layer:Actual content including authentication information and under different scenes to the explanation of content, with Ensure the consistency of authentication information;
(2), authenticating party pattern layer:Screening combination, while specified data source are carried out to the data field of authentication information, at this The isolation of the achievable authentication data of layer is shared;
(3), certification masterplate layer:One kind of certificate scheme is abstracted, the same approach in different data source is connected, The contact is conducive to administrative authentication information and formulates unified product strategy;
(4), authentication layers:The logical combination of one or more certificate schemes can pass through and be configured as the window externally exported Combinational logic can meet the needs of different product line.
S730, configuration and parsing authentication information.
On the basis of authentication information layering, each layer can be configured, ultimately form complete authentication model. Data field layer, with reference to shown in Fig. 4, the main part of configuration is data definition, wherein the mainly definition of data type.Its In, the intension of dtd--data type definition includes:
(1), data render model:Provide the interactive form of page elements;
(2), data verification method:The parameter of specified front end verification, the parameter of rear end verification, the rule of verification;
(3), data structure:The institutional framework of specified data.
It is configured by authentication information model corresponding to authentication information type, generates unified, self-explanatory data Dictionary.This matches the authentication information model supports hot plug postponed, can come into force after modification, without disposing code again.
If some user is submitting authentication information, which can be appreciated that one generates according to authentication information model rendering The submission page, after having submitted can be verified according to method of calibration, the number for finally being submitted user according to data structure According to the metadata for switching to structuring, and will be in metadata storage to full dose authentication information.
S740, authentication information model is updated by front end list generation control.
To ensure the consistency of user experience, while reduce the cost of access of each product line, with reference to shown in Fig. 5, this implementation Example proposes general front end list generation control.Control is generated by the front end list, general static resource can be deposited It is placed on CDN, and the configuration for needing to upgrade and change is distributed in each product line.The authentication information model can be by existing sincere Believe that authentication platform provides, product line does not need to pay close attention to specific authentication logic.
The front end list production control has following characteristic:
Versatility:Any product line is applicable to by the authentication information model that generation is configured, between different product line Authentication data can be isolated or share, and all operating interactives and request of data can all be completed by the front end form controls.
It is personalized:When each product line access authentication platform, can be changed with self-defined adeditive attribute by reserved API The interbehavior and part format of the front end form controls.
The calculating of S750, authentication information are with polymerizeing.
For general authentication platform, the value volume and range of product of the authentication information needed is all very much.Meanwhile the downstream of docking Very much, the advance data maincenter including each data terminal, the statistics calculating of user credit and each product line etc..
Secondly, the pretreatment logic of authentication information and information needed for these downstreams also has very big difference.So as in handle Logic when metadata switchs to business datum is more complicated, while the efficiency for developing a socket to each downstream is relatively low.
How easily to be converted between metadata and business datum, need to handle following data:
Metadata:According to the authentication information after uniform data protocol architecture;
Business datum:Each required data in downstream are typically passed through certain calculating, polymerization logical process.
For this purpose, the present embodiment proposes the modelling that interface defines, and realize data acquisition, calculating and interface module Separation.With reference to shown in Fig. 6, calculate polymerization logic, data source and packaging structure and can be carried out being configured, manage business concentratedly The calculating and distribution of data change a small amount of configuration with regard to that can complete the upgrading of interface, so as to reduce the cost that exploitation is safeguarded.
S760, authentication information inter-product line share.
User can repeatedly carry out same certification, can also pass through progress of the different certifications to same certification individual event Multiple certification.With reference to shown in Fig. 8, to adapt to the demand of different product line, authentication information and authentication result can be according to certification lists The modes such as row are shared entirely for item, certification, individual event.
With reference to shown in Fig. 9, the processing unit of the authentication information described in the present embodiment can include following device:
For generating the device of authentication information model according to the individual event authentication information of user configuration, (hereinafter referred to as " model is given birth to Into device ") 910;
Device (hereinafter referred to as " model school for the authentication information submitted according to the authentication information model checking user Experiment device ") 920;
For updating the device of the authentication state of the user according to the check results of the authentication information (hereinafter referred to as " information updating apparatus ") 930.
Each device is described in further detail below.
The user information of certification as needed, can be by model generating means 910 in advance in configuration platform to needing certification Individual event authentication information be configured.
User information in the present embodiment includes product line information, and the configuration of the product line information is included to field class Type, check logic and/or the configuration for showing pattern.
Optionally, which includes product line mark, unique mark, certification object mark and/or certification mark Know.It is combined by the individual event authentication information to user configuration, the authentication information model needed for product line can be formed.
Wherein, preview, the storage of the individual event authentication information can be carried out to the individual event authentication information model in the configuration platform Type can include:Text, setting option, picture, time, address and/or table.
Model checking device 920 can be verified according to the authentication information that scheduled verification strategy submits the user, and Check results are sent to existing authentication platform or Related product line.
Optionally, if the user has sharable authentication information, which is carried as user The check results of the authentication information of friendship.
Can legitimacy school be carried out to the authentication information that the user submits by model checking device 920 in the authentication platform It tests, and the result of legitimacy verifies is sent to corresponding audit platform.
User can entrust third party to collect evidence, by third party by the qualification data input of evidence obtaining to platform, and according to The authentication information that the authentication content that tripartite provides submits the user verifies, finally by information updating apparatus 930 to user The information for needing certification is audited.
Optionally, after audit platform updates the authentication state of the user according to the check results of the authentication information, also Relatively general static resource can be stored on content distributing network, and the configuration for needing to upgrade and change is arranged on each production Product line is issued the authentication state of the updated user by pre- fixed platform, so that the public checks or analysis of strategies.
The technical solution proposed using the present embodiment, by the way that the individual event authentication information of user configuration is produced authentication information mould After type, the authentication state of the user is updated according to the check results of the authentication information model, make authentication information acquisition standard and Entrance is unified and structuring rule is consistent, ensures that authentication information can be multiplexed with inter-product line, reduces user and repeats to submit audit Inconvenience improves the consistency of user experience;Each product line can realize simple and quick connect by the authentication information model being configured Enter, so as to reduce the coupling between system, without each product line overlapping development, and then can support the quick exploitation of new product;It protects The reusability and autgmentability of certification effect have been demonstrate,proved, can gradually develop into system-wide unification authentication platform, has reduced other business The development cost of system, while specification Valuation Standard.
Embodiment three
The processing unit of another authentication information is proposed in the present embodiment, with reference to shown in Figure 10, including following device:
For obtaining the device of the authentication information of user (hereinafter referred to as " information acquisition device ") 1010;
For generating the device of authentication information model according to the individual event authentication information of user configuration, (hereinafter referred to as " generation fills Put ") 1020;
For being configured and parsing the device of authentication information (hereinafter referred to as " resolver ") 1030;
For device (hereinafter referred to as " the more new clothes being updated by front end list generation control to authentication information model Put ") 1040;
For the device (hereinafter referred to as " information computing device ") 1050 calculated with polymerizeing of authentication information.
The differentiation of authentication information is mainly reflected in two aspects, first, scene determines authentication content, second is that authentication content Itself.
Authentication content is determined for scene, the considerations of for Universal and scalability, for specific transactions scene, this reality One group of authentication information can be positioned from following dimension by applying example:
(1), product line ID:Between each product line, authentication information can include more parts;
(2), unique ID:Inside product line, similar authentication information can include more parts;
(3), certification object ID:It is often referred to the account of user or further composite object;
(4), certification ID:Referring to needs the specific content of certification.
Above-mentioned 4 dimensions are obtained by information acquisition device 1010 and describe authentication information, then can meet common scene Under demand.
The present embodiment by generating means 1020 to the authentication information model foundation layered structure, to be conducive to administrative authentication Information, while the authentication information is effectively encapsulated, make external easily data needed for acquisition, with reference to shown in Fig. 3, the authentication information Model includes following level:
(1), data field layer:Actual content including authentication information and under different scenes to the explanation of content, with Ensure the consistency of authentication information.
(2), authenticating party pattern layer:Screening combination, while specified data source are carried out to the data field of authentication information, at this The isolation of the achievable authentication data of layer is shared.
(3), certification masterplate layer:One kind of certificate scheme is abstracted, the same approach in different data source is connected, The contact is conducive to administrative authentication information and formulates unified product strategy.
(4), authentication layers:The logical combination of one or more certificate schemes can pass through and be configured as the window externally exported Combinational logic can meet the needs of different product line.
On the basis of authentication information layering, each layer can be configured by resolver 1030, ultimately formed Complete authentication model.In data field layer, with reference to shown in Fig. 4, the main part of configuration is data definition, wherein mainly counting According to the definition of type.Wherein, the intension of dtd--data type definition includes:
(1), data render model:Provide the interactive form of page elements;
(2), data verification method:The parameter of specified front end verification, the parameter of rear end verification, the rule of verification;
(3), data structure:The institutional framework of specified data.
It is configured by authentication information model corresponding to authentication information type, generates unified, self-explanatory data Dictionary.This matches the authentication information model supports hot plug postponed, can come into force after modification, without disposing code again.
If some user is submitting authentication information, which can be appreciated that one generates according to authentication information model rendering The submission page, after having submitted can be verified according to method of calibration, the number for finally being submitted user according to data structure According to the metadata for switching to structuring, and will be in metadata storage to full dose authentication information.
To ensure the consistency of user experience, while reduce the cost of access of each product line, with reference to shown in Fig. 5, this implementation Example is proposed generates control by the front end list that updating device 1040 is supported.Control is generated by the front end list, can be incited somebody to action General static resource is stored on CDN, and the configuration for needing to upgrade and change is distributed in each product line.The authentication information Model can be provided by existing sincere authentication platform, and product line does not need to pay close attention to specific authentication logic.
The front end list production control has following characteristic:
Versatility:Any product line is applicable to by the authentication information model that generation is configured, between different product line Authentication data can be isolated or share, and all operating interactives and request of data can all be completed by the front end form controls.
It is personalized:When each product line access authentication platform, can be changed with self-defined adeditive attribute by reserved API The interbehavior and part format of the front end form controls.
For general authentication platform, the value volume and range of product of the authentication information needed is all very much.Meanwhile the downstream of docking Very much, the advance data maincenter including each data terminal, the statistics calculating of user credit and each product line etc..
Secondly, the pretreatment logic of authentication information and information needed for these downstreams also has very big difference.Cause in handle Logic when metadata switchs to business datum is more complicated, while the efficiency for developing a socket to each downstream is relatively low.
How easily to be converted between metadata and business datum, need to handle following data:
Metadata:According to the authentication information after uniform data protocol architecture;
Business datum:Each required data in downstream are typically passed through certain calculating, polymerization logical process.
For this purpose, the modelling that interface defines can be realized by information computing device 1050, and realize data acquisition, calculate And the separation of interface module.With reference to shown in Fig. 6, calculate polymerization logic, data source and packaging structure and can be carried out matching It puts, manages the calculating and distribution of business datum concentratedly, change a small amount of configuration with regard to the upgrading of interface can be completed, so as to reduce exploitation The cost of maintenance.
Embodiment two
The processing unit of another authentication information is proposed in the present embodiment, with reference to shown in Figure 11, including following device:
For obtaining the device of the authentication information of user (hereinafter referred to as " information acquisition device ") 1010;
For generating the device of authentication information model according to the individual event authentication information of user configuration, (hereinafter referred to as " generation fills Put ") 1020;
For being configured and parsing the device of authentication information (hereinafter referred to as " resolver ") 1030;
For device (hereinafter referred to as " the more new clothes being updated by front end list generation control to authentication information model Put ") 1040;
For the device (hereinafter referred to as " information computing device ") 1050 calculated with polymerizeing of authentication information;
The device (hereinafter referred to as " sharing means ") 1060 shared for the inter-product line of authentication information.
For the storage form of unified all authentication informations, with reference to shown in Fig. 8, the present embodiment carries out all authentication datas It concludes.
The fundamental type of data field is divided according to data mode first:
Text:The information of plain text is generally included, can there is canonical limitation, sensitive word limitation etc.;
Multiselect:The business meaning of configurable setting option and each option, the processing logic of corresponding service;
Picture:It is controllable to upload quantity, size, support online preview, asynchronous more scale compressions etc.;
Time:It can support time point or period, the operation flow of setup time triggering;
Address:Configurable display provinces and cities or better address, the detection of address legitimacy;
Table:Support nested all other field type.
On this basis, to each fundamental type defined attribute, including:
Admittable regulation:Including above-mentioned canonical limitation, sensitive word limitation, legitimacy detection etc., external be overlapped is supported Configuration, both ensures data consistency, can also meet customization demand;
Composition part:Allow same data field that there is different composition parts, to be suitable for different scenes, simultaneously System also provides normalized data;
Expression-form:Allow same data field, the form with different submissions, publication and disclosure.
By providing the type and attribute of authentication field, authentication information can be unified by information acquisition device 1010 Data protocol is packaged and is stored.
The present embodiment by generating means 1020 to the authentication information model foundation layered structure, to be conducive to administrative authentication Information, while the authentication information is effectively encapsulated, make external easily data needed for acquisition, with reference to shown in Fig. 3, the authentication information Model includes following level:
(1), data field layer:Actual content including authentication information and under different scenes to the explanation of content, with Ensure the consistency of authentication information.
(2), authenticating party pattern layer:Screening combination, while specified data source are carried out to the data field of authentication information, at this The isolation of the achievable authentication data of layer is shared.
(3), certification masterplate layer:One kind of certificate scheme is abstracted, the same approach in different data source is connected, The contact is conducive to administrative authentication information and formulates unified product strategy.
(4), authentication layers:The logical combination of one or more certificate schemes can pass through and be configured as the window externally exported Combinational logic can meet the needs of different product line.
On the basis of authentication information layering, each layer can be configured by resolver 1030, ultimately formed Complete authentication model.In data field layer, with reference to shown in Fig. 4, the main part of configuration is data definition, wherein mainly counting According to the definition of type.Wherein, the intension of dtd--data type definition includes:
(1), data render model:Provide the interactive form of page elements;
(2), data verification method:The parameter of specified front end verification, the parameter of rear end verification, the rule of verification;
(3), data structure:The institutional framework of specified data.
It is configured by authentication information model corresponding to authentication information type, generates unified, self-explanatory data Dictionary.This matches the authentication information model supports hot plug postponed, can come into force after modification, without disposing code again.
If some user is submitting authentication information, which can be appreciated that one generates according to authentication information model rendering The submission page, after having submitted can be verified according to method of calibration, the number for finally being submitted user according to data structure According to the metadata for switching to structuring, and will be in metadata storage to full dose authentication information.
To ensure the consistency of user experience, while reduce the cost of access of each product line, with reference to shown in Fig. 5, this implementation Example is proposed generates control by the front end list that updating device 1040 is supported.Control is generated by the front end list, can be incited somebody to action General static resource is stored on CDN, and the configuration for needing to upgrade and change is distributed in each product line.The authentication information Model can be provided by existing sincere authentication platform, and product line does not need to pay close attention to specific authentication logic.
The front end list production control has following characteristic:
Versatility:Any product line is applicable to by the authentication information model that generation is configured, between different product line Authentication data can be isolated or share, and all operating interactives and request of data can all be completed by the front end form controls.
It is personalized:When each product line access authentication platform, can be changed with self-defined adeditive attribute by reserved API The interbehavior and part format of the front end form controls.
For general authentication platform, the value volume and range of product of the authentication information needed is all very much.Meanwhile the downstream of docking Very much, the advance data maincenter including each data terminal, the statistics calculating of user credit and each product line etc..
Secondly, the pretreatment logic of authentication information and information needed for these downstreams also has very big difference.So as in handle Logic when metadata switchs to business datum is more complicated, while the efficiency for developing a socket to each downstream is relatively low.
How easily to be converted between metadata and business datum, need to handle following data:
Metadata:According to the authentication information after uniform data protocol architecture;
Business datum:Each required data in downstream are typically passed through certain calculating, polymerization logical process.
For this purpose, the modelling that interface defines can be realized by information computing device 1050, and realize data acquisition, calculate And the separation of interface module.With reference to shown in Fig. 6, calculate polymerization logic, data source and packaging structure and can be carried out matching It puts, manages the calculating and distribution of business datum concentratedly, change a small amount of configuration with regard to the upgrading of interface can be completed, so as to reduce exploitation The cost of maintenance.
User can carry out same certification more than 1060 times by sharing means, can also be by different certifications to same The multiple certification of carry out of a certification individual event.With reference to shown in Fig. 8, to adapt to the demand of different product line, authentication information and certification knot Fruit can the modes such as row be shared entirely according to certification individual event, certification, individual event.
It should be noted that the present invention can be carried out in the assembly of software and/or software and hardware, for example, this hair Application-specific integrated circuit (ASIC) can be used in bright each device or any other is realized similar to hardware device.In one embodiment In, software program of the invention can perform to realize steps described above or function by processor.Similarly, it is of the invention Software program can be stored in computer readable recording medium storing program for performing (including relevant data structure), for example, RAM memory, Magnetic or optical driver or floppy disc and similar devices.In addition, hardware can be used to realize in some steps or function of the present invention, example Such as, as coordinating with processor so as to perform the circuit of each step or function.
It is obvious to a person skilled in the art that the present invention is not limited to the details of above-mentioned exemplary embodiment, Er Qie In the case of without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power Profit requirement rather than above description limit, it is intended that all by what is fallen within the meaning and scope of the equivalent requirements of the claims Variation includes within the present invention.Any reference numeral in claim should not be considered as to the involved claim of limitation.This Outside, it is clear that one word of " comprising " is not excluded for other units or step, and odd number is not excluded for plural number.That is stated in system claims is multiple Unit or device can also be realized by a unit or device by software or hardware.The first, the second grade words are used for table Show title, and do not represent any particular order.
Although front is specifically shown and describes exemplary embodiment, it will be understood to those of skill in the art that It is that in the case of the spirit and scope without departing substantially from claims, can be varied from terms of its form and details.Here Sought protection illustrates in the dependent claims.

Claims (16)

1. a kind of processing method of authentication information, including:
Authentication information model is generated according to the individual event authentication information of user configuration;
The authentication information submitted according to the authentication information model checking user;
The authentication state of the user is updated according to the check results of the authentication information.
2. according to the method described in claim 1, wherein, the individual event authentication information includes:Product line mark, unique mark, Certification object identifies and/or certification mark.
3. according to the method described in claim 1, wherein, the storage class of the individual event authentication information includes:Text, setting choosing Item, picture, time, address and/or table.
It is 4. described that authentication information is generated according to the individual event authentication information of user configuration according to the method described in claim 1, wherein The step of model, includes:
Preview is carried out to the authentication information model.
5. according to the method described in claim 1, wherein, the certification submitted according to the authentication information model checking user The step of information, includes:
If the user has sharable authentication information, the sharable authentication information is submitted as the user The check results of authentication information.
6. according to the method described in claim 1, wherein, the certification submitted according to the authentication information model checking user The step of information, further includes:
The authentication information that the authentication content provided according to third party submits the user verifies.
7. according to the method described in claim 6, wherein, the authentication content provided according to third party submits the user Authentication information the step of being verified include:
Relatively general static resource is stored on content distributing network, and the configuration for needing to upgrade and change is arranged on respectively Product line.
8. according to the method described in claim 1, wherein, the method further includes:
The authentication state of the updated user is issued by pre- fixed platform.
9. a kind of processing unit of authentication information, including:
For generating the device of authentication information model according to the individual event authentication information of user configuration;
Device for the authentication information submitted according to the authentication information model checking user;
For updating the device of the authentication state of the user according to the check results of the authentication information.
10. device according to claim 9, wherein, it is used to be generated according to the individual event authentication information of user configuration described In the device of authentication information model, the individual event authentication information includes:Product line mark, unique mark, certification object mark and/ Or certification mark.
11. device according to claim 9, wherein, it is used to be generated according to the individual event authentication information of user configuration described In the device of authentication information model, the storage class of the individual event authentication information includes:Text, setting option, picture, the time, Address and/or table.
12. device according to claim 9, wherein, it is described to be used to be submitted according to the authentication information model checking user The device of authentication information include:
For carrying out the device of preview to the authentication information model.
13. device according to claim 9, wherein, it is described to be used to be submitted according to the authentication information model checking user The device of authentication information include:
If having sharable authentication information for the user, the sharable authentication information is carried as the user The device of the check results of the authentication information of friendship.
14. device according to claim 9, wherein, it is described to be used to be submitted according to the authentication information model checking user The device of authentication information further include:
The device verified for the authentication information submitted according to the authentication content that third party provides to the user.
15. device according to claim 14, wherein, it is described to be used for according to the authentication content that third party provides to the use The device that the authentication information that family is submitted is verified includes:
For relatively general static resource to be stored in content distributing network, and the configuration that needs to upgrade and change is set In the device of each product line.
16. device according to claim 9, wherein, described device further includes:
For the device for issuing the authentication state of the updated user by pre- fixed platform.
CN201611170628.1A 2016-12-16 2016-12-16 A kind of processing method and processing device of authentication information Pending CN108229970A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611170628.1A CN108229970A (en) 2016-12-16 2016-12-16 A kind of processing method and processing device of authentication information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611170628.1A CN108229970A (en) 2016-12-16 2016-12-16 A kind of processing method and processing device of authentication information

Publications (1)

Publication Number Publication Date
CN108229970A true CN108229970A (en) 2018-06-29

Family

ID=62651602

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611170628.1A Pending CN108229970A (en) 2016-12-16 2016-12-16 A kind of processing method and processing device of authentication information

Country Status (1)

Country Link
CN (1) CN108229970A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109005167A (en) * 2018-07-24 2018-12-14 腾讯科技(深圳)有限公司 A kind of processing method of authentication data, device, server and storage medium
CN110428266A (en) * 2019-08-01 2019-11-08 上海爱富爱克斯网络科技发展有限责任公司 A kind of identification method for forex dealer's financial supervision licence plate

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100281517A1 (en) * 2004-06-25 2010-11-04 Kabushiki Kaisha Toshiba and Toshiba Solutions Corporation System, Apparatus, Program, and Method for Authentication
CN102647432A (en) * 2012-05-17 2012-08-22 湖南神州祥网科技有限公司 Authentication information transmission method, device and authentication middleware
CN102761529A (en) * 2011-04-29 2012-10-31 上海格尔软件股份有限公司 Website authentication method based on picture identification digital signatures
CN103544074A (en) * 2012-07-09 2014-01-29 阿里巴巴集团控股有限公司 Method and device for verifying service
CN104320265A (en) * 2014-11-21 2015-01-28 北京奇虎科技有限公司 Authentication method and device for software platform

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100281517A1 (en) * 2004-06-25 2010-11-04 Kabushiki Kaisha Toshiba and Toshiba Solutions Corporation System, Apparatus, Program, and Method for Authentication
CN102761529A (en) * 2011-04-29 2012-10-31 上海格尔软件股份有限公司 Website authentication method based on picture identification digital signatures
CN102647432A (en) * 2012-05-17 2012-08-22 湖南神州祥网科技有限公司 Authentication information transmission method, device and authentication middleware
CN103544074A (en) * 2012-07-09 2014-01-29 阿里巴巴集团控股有限公司 Method and device for verifying service
CN104320265A (en) * 2014-11-21 2015-01-28 北京奇虎科技有限公司 Authentication method and device for software platform

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109005167A (en) * 2018-07-24 2018-12-14 腾讯科技(深圳)有限公司 A kind of processing method of authentication data, device, server and storage medium
CN110428266A (en) * 2019-08-01 2019-11-08 上海爱富爱克斯网络科技发展有限责任公司 A kind of identification method for forex dealer's financial supervision licence plate

Similar Documents

Publication Publication Date Title
CN108334387B (en) Dynamic interface rendering method and device
US10754513B2 (en) Updating assets rendered in a virtual world environment based on detected user interactions in another world
US20130304604A1 (en) Systems and methods for dynamic digital product synthesis, commerce, and distribution
CN103201997B (en) A kind of document services method and system of sing on web
EP2367132B1 (en) Automated rules-based rights resolution
US20140136712A1 (en) Cloud resources as a service multi-tenant data model
CN104885074B (en) The cloud platform of management design data
CN107066242A (en) Determine the method and system of the mark of software in software container
US20140040791A1 (en) Development platform for software as a service (saas) in a multi-tenant environment
US20110161847A1 (en) System and method for integrating and publishing pages of content
CN106951555A (en) SaaS mode contents management systems based on structural data
US20180275971A1 (en) Graphical user interface programming system
CN109478152A (en) Cloud content status frame
CN108229970A (en) A kind of processing method and processing device of authentication information
CN107391118A (en) A kind of Web applications Consumer's Experience plateform system
Qiu et al. Role-based 3D visualisation for asynchronous PLM collaboration
CN110392880A (en) System and method for managing the dynamic design data of virtual environment
US7975143B2 (en) Method, system, and program product for generating and validating digital signatures
KR20150111917A (en) Method and apparatus for mapping process information onto asset data
Smyth iPhone iOS 6 Development Essentials
CN116521509A (en) Intelligent contract testing method, device, equipment, storage medium and product
CN114998558A (en) Meta-universe scene construction method and device
JP5547917B2 (en) Content generation / distribution system for portable information terminals
CN104111768A (en) Interactive window, methods and systems for defining, quoting and synchronizing interactive windows
Saito et al. Engineering cloud: Flexible and integrated development environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180629