CN108306739B - Method for detecting user identity information, server, computer-readable storage medium and computer equipment - Google Patents

Method for detecting user identity information, server, computer-readable storage medium and computer equipment Download PDF

Info

Publication number
CN108306739B
CN108306739B CN201810058231.6A CN201810058231A CN108306739B CN 108306739 B CN108306739 B CN 108306739B CN 201810058231 A CN201810058231 A CN 201810058231A CN 108306739 B CN108306739 B CN 108306739B
Authority
CN
China
Prior art keywords
client
timestamp
server
feature code
difference value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810058231.6A
Other languages
Chinese (zh)
Other versions
CN108306739A (en
Inventor
胡耀文
陈少杰
张文明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Douyu Network Technology Co Ltd
Original Assignee
Wuhan Douyu Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Douyu Network Technology Co Ltd filed Critical Wuhan Douyu Network Technology Co Ltd
Priority to CN201810058231.6A priority Critical patent/CN108306739B/en
Publication of CN108306739A publication Critical patent/CN108306739A/en
Application granted granted Critical
Publication of CN108306739B publication Critical patent/CN108306739B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a method, a server and computer equipment for detecting user identity information, wherein the method comprises the following steps: receiving request information sent by a client, wherein the request information contains current identity information of the client; reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between the server-side timestamp and the client-side timestamp; acquiring a first time stamp of the server corresponding to the reading moment, judging whether a second time difference value meets a preset detection condition, and if so, acquiring key information; a second time difference value is determined according to the first time stamp and the target time stamp; generating a second feature code according to the key information and the target timestamp; and judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user.

Description

Method for detecting user identity information, server, computer-readable storage medium and computer equipment
Technical Field
The invention belongs to the technical field of live broadcast, and particularly relates to a method, a server and computer equipment for detecting user identity information.
Background
At present, with the increasing maturity of the development of a live broadcast platform, a plurality of users select to become a main broadcast and increase the popularity by abnormal means.
For example, a hacker steals a cookie for authentication by monitoring a request initiated by a normal user to a server, and then masquerades the cookie as a user to send other requests to the server, so that a certain anchor is added to a collection list of the user, the collection index of the anchor is improved, the popularity of the anchor is improved, and the order of a live broadcast platform is influenced.
Disclosure of Invention
Aiming at the problems in the prior art, the embodiment of the invention provides a method, a server and computer equipment for detecting user information, which are used for solving the technical problem that in the prior art, a hacker steals an identity information cookie of a normal user, so that the hacker pretends to be that the normal user sends some abnormal requests to the server, and the server cannot detect the identity information of the user, so that the order of a live broadcast platform is influenced.
The embodiment of the invention provides a method for detecting user identity information, which is applied to a live broadcast platform and comprises the following steps:
receiving request information sent by a client, wherein the request information contains current identity information of the client;
reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between a server-side timestamp and a client-side timestamp;
acquiring a first time stamp of the server corresponding to the reading moment, judging whether a second time difference value meets a preset detection condition, and if so, acquiring key information; the second time difference value is determined according to the first time stamp and the target time stamp;
generating a second feature code according to the key information and the target timestamp;
and judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user.
In the foregoing solution, the determining whether the second time difference satisfies a preset detection condition, and if so, acquiring the key information includes:
judging whether the second time difference value meets the detection condition | P | < d, if so, acquiring the key information; d is a preset time threshold value, and P is the second time difference value.
In the foregoing solution, generating a second feature code according to the key information and the target timestamp based on a preset time interval includes:
determining the second signature S2 according to the formula S2 ═ F (key, t); wherein, F is a reversible encryption algorithm or a one-way hash algorithm, t is the target timestamp, and key is the key information.
In the above scheme, if the second time difference does not satisfy the preset detection condition, the request information is rejected.
The present invention also provides a server, comprising:
the system comprises a receiving unit, a sending unit and a receiving unit, wherein the receiving unit is used for receiving request information sent by a client, and the request information contains current identity information of the client;
the acquisition unit is used for reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between a server-side timestamp and a client-side timestamp;
the first judging unit is used for acquiring a first timestamp of the server corresponding to the reading moment, judging whether the second time difference value meets a preset detection condition, and if so, acquiring key information; the second time difference value is determined according to the first time stamp and the target time stamp;
the generating unit is used for generating a second feature code according to the key information and the target timestamp;
and the second judging unit is used for judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user.
In the foregoing solution, the second obtaining unit is specifically configured to:
judging whether the second time difference value meets the detection condition | P | < d, if so, acquiring the key information; d is a preset time threshold value, and P is the second time difference value.
In the foregoing solution, the generating unit is specifically configured to:
determining the second signature S2 according to the formula S2 ═ F (key, t); wherein, F is a reversible encryption algorithm or a one-way hash algorithm, t is the target timestamp, and key is the key information.
In the foregoing solution, the first determining unit is specifically configured to:
and if the second time difference value is judged not to meet the preset detection condition, rejecting the request information.
The present invention provides a computer readable storage medium having stored thereon a computer program enabling, when executed by a processor, the execution of a method as set forth in any one of the preceding claims.
The invention provides a computer device for detecting user identity information, comprising:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein,
the memory stores program instructions executable by the processor, the processor being capable of performing the method as described in any one of the above.
The invention provides a method, a server and computer equipment for detecting user identity information, wherein the method comprises the following steps: receiving request information sent by a client, wherein the request information contains current identity information of the client; reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between the server-side timestamp and the client-side timestamp; acquiring a first time stamp of the server corresponding to the reading moment, judging whether a second time difference value meets a preset detection condition, and if so, acquiring key information; a second time difference value is determined according to the first time stamp and the target time stamp; generating a second feature code according to the key information and the target timestamp; judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user; therefore, after the server receives the request information sent by the client, the server decrypts the feature codes in the user identity information to obtain the target timestamp of the client, calculates the second feature codes according to the target timestamp and the key information, determines that the user is a normal user when the second feature codes are consistent with the first feature codes, and determines that the user is an abnormal user when the second feature codes are inconsistent with the first feature codes; therefore, abnormal users can be accurately identified, so that the requests of the abnormal users are rejected, and the live broadcast order of the live broadcast platform is ensured.
Drawings
Fig. 1 is a schematic flowchart of a method for detecting user identity information according to an embodiment of the present invention;
fig. 2 is a schematic overall structure diagram of a server according to a second embodiment of the present invention;
fig. 3 is a schematic view of an overall structure of a computer device for detecting user identity information according to a third embodiment of the present invention.
Detailed Description
In order to solve the technical problem that in the prior art, a hacker pretends to be a normal user and sends some abnormal requests to a server by stealing an identity information cookie of the normal user, and the server cannot detect the identity information of the user, so that the order of a live platform is affected, the invention provides a method, a server and computer equipment for detecting the identity information of the user, wherein the method is applied to the live platform and comprises the following steps: the invention provides a method, a server and computer equipment for detecting user identity information, wherein the method comprises the following steps: receiving request information sent by a client, wherein the request information contains current identity information of the client; reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between the server-side timestamp and the client-side timestamp; acquiring a first time stamp of the server corresponding to the reading moment, judging whether a second time difference value meets a preset detection condition, and if so, acquiring key information; a second time difference value is determined according to the first time stamp and the target time stamp; generating a second feature code according to the key information and the target timestamp; and judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user.
The technical solution of the present invention is further described in detail by the accompanying drawings and the specific embodiments.
Example one
The embodiment provides a method for detecting user identity information, which is applied to a live broadcast platform, and as shown in fig. 1, the method includes:
s110, receiving request information sent by a client, wherein the request information contains current identity information of the client;
in this step, when the client needs to request the server to execute a corresponding trigger action, request information is sent to the server, where the request information carries current identity information of the client, and the current identity information includes: and after the client logs in successfully, the server issues a first identity information cookie and a first feature code generated by the client to the client. The server receives the request information sent by the client accordingly.
Here, the specific implementation of the client generating the first feature code is as follows:
and after the user successfully logs in the live broadcast platform, the server sends the key information to the client, and sends a server-side timestamp corresponding to the sending time and the first identity information cookie of the user to the client. Here, each user has a unique key information and a unique cookie.
After receiving the server-side timestamp corresponding to the sending time, if the server-side timestamp is inconsistent with the client-side timestamp at a certain time, a difference between the server-side timestamp and the client-side timestamp needs to be considered in order to avoid intercepting a normal request of a user.
After the client receives the server-side timestamp corresponding to the sending time, the client-side timestamp corresponding to the sending time needs to be acquired, and a first time difference value between the client-side timestamp and the server-side timestamp is determined.
For example, at the sending time (which may be any time), the server-side timestamp is 12:38:12, the client-side timestamp is 12:38:09, the local time of the client is 3s slower than the server-side time, and the first time difference between the client-side timestamp and the server-side timestamp is 3 s.
Here, when new user identity information needs to be generated, the client needs to obtain a current timestamp corresponding to a generation time, for example, when the user identity information needs to be generated at the time of 15:01:23, the current timestamp is 15:01: 23.
And after the current timestamp corresponding to the moment of generating the user identity information is obtained, generating a first feature code according to the key information, the current timestamp corresponding to the moment of generating the user identity information and the first time difference value based on a preset time interval.
Specifically, firstly, a target timestamp t is determined according to the current timestamp and the first time difference value; when the server-side timestamp is greater than the client-side timestamp, determining the sum of the current timestamp and the first time difference value as the target timestamp; and when the server-side timestamp is smaller than the client-side timestamp, determining the absolute value of the difference between the current timestamp and the first time difference value as the target timestamp t.
For example, the current timestamp is 15:01:23, the first time difference value is 3s, and when the server-side timestamp is greater than the client-side timestamp, the target timestamp t is 15:01: 26; and when the server-side timestamp is less than the client-side timestamp, then the target timestamp t is 15:01: 20.
Then, the first feature code S1 is determined according to formula (1) according to a preset time interval, where the preset time interval may be determined according to the requirement of the actual scene, such as 2S:
S1=F(key,t) (1)
in formula (1), t is a target timestamp; the key is key information which is sent to the client by the server after the user successfully logs in, and each user has unique key information; f is a reversible hash algorithm or a one-way hash algorithm; the one-way hash algorithm may include: md5, sha-256, crc32 algorithm, etc.; the reversible encryption algorithm comprises: symmetric encryption algorithms and asymmetric encryption algorithms, such as encryption algorithms like RSA, DSA, etc.
Specifically, for example, the target timestamp is 1516070451, the key information is aiugpiagguiauhsdphausdasfhf, and when the signature code is determined by using the md5 algorithm, the following is implemented:
the feature code 5223e9b30065d3346de87 daeeaea 5f was obtained using S1 ═ md5(1516070451 aiugpiaagwpiuahsffifiusfafafdhf).
Similarly, if the target timestamp is 1516070451, for example, when the signature S1 is obtained by using the asymmetric encryption algorithm RSA, the following is implemented:
after the client successfully logs in, the server generates a pair of public key and private key for the user by using RSA encryption algorithm, the public key is issued to the client, and the private key is stored by the server. After the client receives the public key, the target timestamp 1516070451 is encrypted by using the RSA encryption algorithm, and the final encryption result is the feature code s.
For example, the target timestamp is 1516070451, and when the signature s is obtained by using a symmetric encryption algorithm DSA, the following is implemented:
after the client successfully logs in, the server generates a key message for the user by using a symmetric encryption algorithm (DSA), and sends the key message to the client. After receiving the key information, the client encrypts the target timestamp 1516070451 using a DSA encryption algorithm, and the final encryption result is the signature s.
After the feature code is generated, when the client sends a request to the server, the js page of the client writes the feature code into the first identity information cookie of the user, generates the current identity information of the user, and sends the current identity information to the server, so that the server can detect whether the user is a normal user or not based on the current identity information.
S111, reading a first feature code in the current identity information and a target timestamp of the client;
in the step, after receiving current identity information, a server reads a first feature code in the current identity information and a target timestamp of the client; and the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between the server-side timestamp and the client-side timestamp at any moment.
Here, since the client calculates the first feature code based on the preset time interval, the first feature code S1 read by the server is the first feature code calculated last time before the client sends the first feature code to the server.
S112, acquiring a server-side timestamp at the reading moment, judging whether the second time difference value meets a preset generation condition, and if so, acquiring key information;
in this step, if the client is the first feature code calculated by using the one-way hash algorithm, the client sends the target timestamp t to the server together when sending the request to the server. The server needs to determine a second time difference value P according to a first time stamp t' and a target time stamp of the client by using a formula (2), where the first time stamp is a time stamp corresponding to a time when the server reads the current identity information:
P=t'–t (2)
judging whether the second time difference value P meets the detection condition | P | is less than or equal to d, and if so, acquiring key information key; if not, directly rejecting the request sent by the user; d is a preset time threshold value, is generally different from 5 s to 30s, and can be set according to an actual application scene.
When the key information is obtained, the server obtains the identity authentication identification in the cookie; and searching the key information key issued for the user based on the identity authentication identifier.
When the client is the first feature code calculated by the reversible encryption algorithm, the server can correspondingly analyze the first feature code by using the reversible decryption algorithm to obtain a target timestamp of the client;
specifically, when the server receives the current identity information of the client, the first feature code is extracted from the current identity information according to the feature code extraction identifier. After the first feature code is extracted, analyzing the first feature code by using a reversible decryption algorithm to obtain a target timestamp, which specifically comprises the following steps:
firstly, key information needs to be obtained, and when an encryption algorithm used by a client is an RSA encryption algorithm, a server obtains an identity authentication identifier in the current identity information; searching key information key distributed for the user based on the identity authentication identifier in the cookie; here, since the RSA encryption algorithm is an asymmetric encryption algorithm, the server allocates public key information to the user, and then finds out private key information corresponding to the public key information, where the key information key is the private key information.
Then, the feature code is decrypted by using a corresponding decryption algorithm formula (3), and a target timestamp t of the client is obtained:
t=F'(key,S1) (3)
in formula (3), S1 is the first feature code, and F' is a reversible decryption algorithm corresponding to the RSA encryption algorithm.
Similarly, if the client is the first feature code calculated by using the reversible encryption algorithm DSA, the server decrypts the first feature code in the same manner as described above to obtain the target timestamp. Different from the decryption algorithm corresponding to the RSA encryption algorithm, the server searches the key information key allocated to the user based on the identity authentication identifier in the current identity information cookie by using the decryption algorithm corresponding to the DSA encryption algorithm, and the key information is shared by the server and the client.
S113, generating a second feature code according to the key information and the target timestamp;
after key information and a target timestamp are obtained, generating a second feature code according to the key information and the target timestamp;
in generating the second feature code, the server may generate the second feature code S2 directly according to equation (4).
S2=F(key,t) (4)
Wherein S2 is a second feature code, F is a one-way hash algorithm, t is the target timestamp, and key is the key information.
The method for generating the second feature code by the server is completely the same as the method for generating the first feature code by the client, and is not described herein again.
S114, detecting the user identity information according to the first feature code and the second feature code.
And after the server generates a second feature code, judging whether the second feature code is consistent with the first feature code, and if so, determining that the user is a normal user. And if not, determining that the user is an abnormal user.
In addition, after the second time difference value P is determined, the user identity information may also be detected based on the second time difference value and a preset detection condition.
Specifically, when the second time difference value meets the detection condition | P | ≦ d, determining that the user is a normal user; when the second time difference value meets the detection condition | P | > d, determining that the user is an abnormal user; d is a preset time threshold value, is generally different from 5 s to 30s, and can be set according to an actual application scene.
Therefore, the identity information of the user can be detected, and if the user is determined to be an abnormal user, the request sent by the user is directly rejected, so that the order of the live broadcast platform is ensured.
Further, the validity period T of the feature code in this embodiment is determined by the time density k of the target timestamp T and the time threshold d, and may be specifically determined according to formula (5):
T=2*d/k (5)
for example, the preset time interval is 2s, that is, the client calculates the feature code every 2s, the time density k of T is 0.5, and if the time threshold d is set to 3s, the valid period T of the feature code is 2 × 5/0.5 at maximum, which is 12 seconds. That is, the signature is valid for 12s, i.e. after a hacker has stolen the signature, it may be accepted that the request was sent within 12s, but the request sent after 12s must be rejected.
If the signature is calculated at 1 st s and the request is sent at 3 rd s, then the signature on the request has actually passed 2 seconds. The server determines that the second difference is 2 seconds, less than 3, after checking, so the request is accepted. But a hacker can only use the signature in the 1 st second after stealing it.
If a request is sent with the signature code immediately after the signature code is calculated in the 1 st s, the hacker can use the signature code in the next 3 seconds after stealing the request.
In general, the timestamp of the client is almost the same as the timestamp of the server, so that the value of P is always around 0. After the hacker steals the cookie, the validity period of the signature code will be only half of the above-mentioned case, i.e., T ═ d/k.
Example two
Corresponding to the first embodiment, this embodiment provides a server, as shown in fig. 2, where the server includes: a receiving unit 21, an acquiring unit 22, a first judging unit 23, a generating unit 24, and a second judging unit 25; wherein the content of the first and second substances,
the receiving unit 21 is configured to receive request information sent by a client, where the request information includes current identity information of the client.
Specifically, when a client needs to request a server to execute a corresponding trigger action, request information is sent to the server, where the request information carries current identity information of the client, and the current identity information includes: and after the client logs in successfully, the server issues a first identity information cookie and a first feature code generated by the client to the client. Accordingly, the receiving unit 21 is configured to receive the request information sent by the client.
Here, the specific implementation of the client generating the first feature code is as follows:
and after the user successfully logs in the live broadcast platform, the server sends the key information to the client, and sends a server-side timestamp corresponding to the sending time and the first identity information cookie of the user to the client. Here, each user has a unique key information and a unique cookie.
After receiving the server-side timestamp corresponding to the sending time, if the server-side timestamp is inconsistent with the client-side timestamp at a certain time, a difference between the server-side timestamp and the client-side timestamp needs to be considered in order to avoid intercepting a normal request of a user.
After the client receives the server-side timestamp corresponding to the sending time, the client-side timestamp corresponding to the sending time needs to be acquired, and a first time difference value between the client-side timestamp and the server-side timestamp is determined.
For example, at the sending time (which may be any time), the server-side timestamp is 12:38:12, the client-side timestamp is 12:38:09, the local time of the client is 3s slower than the server-side time, and the first time difference between the client-side timestamp and the server-side timestamp is 3 s.
Here, when new user identity information needs to be generated, the client needs to obtain a current timestamp corresponding to a generation time, for example, when the user identity information needs to be generated at the time of 15:01:23, the current timestamp is 15:01: 23.
And after the current timestamp corresponding to the moment of generating the user identity information is obtained, generating a first feature code according to the key information, the current timestamp corresponding to the moment of generating the user identity information and the first time difference value based on a preset time interval.
Specifically, firstly, a target timestamp t is determined according to the current timestamp and the first time difference value; when the server-side timestamp is greater than the client-side timestamp, determining the sum of the current timestamp and the first time difference value as the target timestamp; and when the server-side timestamp is smaller than the client-side timestamp, determining the absolute value of the difference between the current timestamp and the first time difference value as the target timestamp t.
For example, the current timestamp is 15:01:23, the first time difference value is 3s, and when the server-side timestamp is greater than the client-side timestamp, the target timestamp t is 15:01: 26; and when the server-side timestamp is less than the client-side timestamp, then the target timestamp t is 15:01: 20.
Then, the feature code S is determined according to formula (1) according to a preset time interval, where the preset time interval may be determined according to the requirement of the actual scene, for example, 2S, and then the first feature code S1 is the feature code calculated last before transmission:
S1=F(key,t) (1)
in formula (1), t is a target timestamp; the key is key information which is sent to the client by the server after the user successfully logs in, and each user has unique key information; f is a reversible hash algorithm or a one-way hash algorithm; the one-way hash algorithm may include: md5, sha-256, crc32 algorithm, etc.; the reversible encryption algorithm comprises: symmetric encryption algorithms and asymmetric encryption algorithms, such as encryption algorithms like RSA, DSA, etc.
Specifically, for example, the target timestamp is 1516070451, the key information is aiugpiagguiauhsdphausdasfhf, and when the signature code is determined by using the md5 algorithm, the following is implemented:
the feature code 5223e9b30065d3346de87 daeeaea 5f was obtained using S1 ═ md5(1516070451 aiugpiaagwpiuahsffifiusfafafdhf).
Similarly, if the target timestamp is 1516070451, for example, when the signature s is obtained by using the asymmetric encryption algorithm RSA, the following is implemented:
after the client successfully logs in, the server generates a pair of public key and private key for the user by using RSA encryption algorithm, the public key is issued to the client, and the private key is stored by the server. After the client receives the public key, the target timestamp 1516070451 is encrypted by using the RSA encryption algorithm, and the final encryption result is the feature code s.
For example, the target timestamp is 1516070451, and when the signature s is obtained by using a symmetric encryption algorithm DSA, the following is implemented:
after the client successfully logs in, the server generates a key message for the user by using a symmetric encryption algorithm (DSA), and sends the key message to the client. After receiving the key information, the client encrypts the target timestamp 1516070451 using a DSA encryption algorithm, and the final encryption result is the signature s.
After the feature code is generated, when the client sends a request to the server, the js page of the client writes the feature code into the first identity information cookie of the user, generates the current identity information of the user, and sends the current identity information to the server, so that the server can detect whether the user is a normal user or not based on the current identity information.
When the receiving unit 21 receives the current identity information, the obtaining unit 22 is configured to read a first feature code in the current identity information and a target timestamp of the client. And the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between the server-side timestamp and the client-side timestamp at any moment.
Here, since the client calculates the first feature code based on the preset time interval, the first feature code S1 read by the obtaining unit 22 is the first feature code calculated last time before the client sends the first feature code to the server.
After the first feature code and the target timestamp of the client are obtained, the first determining unit 23 is configured to obtain the server timestamp at the reading time, determine whether the second time difference satisfies a preset generation condition, and if so, obtain the key information.
If the client is the first feature code calculated by using the one-way hash algorithm, the client sends the target timestamp t to the server together when sending a request to the server. The server needs to determine a second time difference value P according to a first time stamp t' and a target time stamp of the client by using a formula (2), where the first time stamp is a time stamp corresponding to a time when the server reads the current identity information:
P=t'–t (2)
the first judging unit 23 judges whether the second time difference value P satisfies the detection condition | P | ≦ d, and if so, acquires the key information key; if not, directly rejecting the request sent by the user; d is a preset time threshold value, is generally different from 5 s to 30s, and can be set according to an actual application scene.
When the first judging unit 23 acquires the key information, the identity authentication identifier in the cookie is acquired; and searching the key information key issued for the user based on the identity authentication identifier.
When the client is the first feature code calculated by the reversible encryption algorithm, correspondingly, the first determining unit 23 analyzes the first feature code by using the reversible decryption algorithm to obtain the target timestamp of the client;
specifically, when the server receives the current identity information of the client, the first determining unit 23 extracts the first feature code from the current identity information according to the feature code extraction identifier. After the first feature code is extracted, analyzing the first feature code by using a reversible decryption algorithm to obtain a target timestamp, which specifically comprises the following steps:
firstly, key information needs to be acquired, and when the encryption algorithm used by the client is the RSA encryption algorithm, the first determining unit 23 also needs to acquire the identity authentication identifier in the cookie; searching key information key distributed for the user based on the identity authentication identifier in the cookie; here, since the RSA encryption algorithm is an asymmetric encryption algorithm, the server allocates public key information to the user, and then finds out private key information corresponding to the public key information, where the key information key is the private key information.
Then, the feature code is decrypted by using a corresponding decryption algorithm formula (3), and a target timestamp t of the client is obtained:
t=F'(key,S1) (3)
in formula (3), S1 is the first feature code, and F' is a reversible decryption algorithm corresponding to the RSA encryption algorithm.
Similarly, if the client is the first feature code calculated by using the reversible encryption algorithm DSA, the server decrypts the first feature code in the same manner as described above to obtain the target timestamp. Different from the decryption algorithm corresponding to the RSA encryption algorithm, the server searches the key information key allocated to the user based on the identity authentication identifier in the cookie by using the decryption algorithm corresponding to the DSA encryption algorithm, and the key information is shared by the server and the client.
After the key information and the target timestamp are obtained, the generating unit 24 is configured to generate a second feature code according to the key information and the target timestamp;
in generating the second feature code, the generating unit 24 may generate the second feature code S2 directly according to equation (4).
S2=F(key,t) (4)
Wherein S2 is a second feature code, F is a one-way hash algorithm, t is the target timestamp, and key is the key information.
The method for generating the second feature code by the generating unit 24 is completely the same as the method for generating the first feature code by the client, and is not described herein again.
After the second feature code is generated by the generating unit 24, the second determining unit 25 is configured to determine whether the second feature code is consistent with the first feature code, and if so, determine that the user is a normal user. And if not, determining that the user is an abnormal user.
In addition, after the second time difference P is determined, the second determining unit 25 may further detect the user identity information based on the second time difference and a preset detection condition.
Specifically, when the second judging unit 25 detects that the second time difference value satisfies the detection condition | P | ≦ d, it is determined that the user is a normal user; when the second determining unit 25 detects that the second time difference satisfies the detection condition | P | > d, it is determined that the user is an abnormal user.
Therefore, the identity information of the user can be detected, and if the user is determined to be an abnormal user, the request sent by the user is directly rejected, so that the order of the live broadcast platform is ensured.
Further, the validity period T of the feature code in this embodiment is determined by the time density k of the target timestamp T and the time threshold d, and may be specifically determined according to formula (5):
T=2*d/k (5)
for example, the preset time interval is 2s, that is, the client calculates the feature code every 2s, the time density k of T is 0.5, and if the time threshold d is set to 3s, the valid period T of the feature code is 2 × 5/0.5 at maximum, which is 12 seconds. That is, the signature is valid for 12s, i.e. after a hacker has stolen the signature, it may be accepted that the request was sent within 12s, but the request sent after 12s must be rejected.
If the signature is calculated at 1 st s and the request is sent at 3 rd s, then the signature on the request has actually passed 2 seconds. The server determines that the second difference is 2 seconds, less than 3, after checking, so the request is accepted. But a hacker can only use the signature in the 1 st second after stealing it.
If a request is sent with the signature code immediately after the signature code is calculated in the 1 st s, the hacker can use the signature code in the next 3 seconds after stealing the request.
In general, the client timestamp and the server timestamp are almost different, so that the value of P is always around 0. After the hacker steals the cookie, the validity period of the signature code will be only half of the above-mentioned case, i.e., T ═ d/k.
EXAMPLE III
The present embodiment further provides a computer device for detecting user identity information, as shown in fig. 3, the computer device includes: radio Frequency (RF) circuitry 310, memory 320, input unit 330, display unit 340, audio circuitry 350, WiFi module 360, processor 370, and power supply 380. Those skilled in the art will appreciate that the computer device configuration illustrated in FIG. 3 does not constitute a limitation of computer devices, and may include more or fewer components than those illustrated, or some components may be combined, or a different arrangement of components.
The following describes the components of the computer device in detail with reference to fig. 3:
RF circuitry 310 may be used for receiving and transmitting signals, and in particular, for receiving downlink information from base stations and processing the received downlink information to processor 370. In general, the RF circuit 310 includes, but is not limited to, at least one Amplifier, transceiver, coupler, Low Noise Amplifier (LNA), duplexer, and the like.
The memory 320 may be used to store software programs and modules, and the processor 370 may execute various functional applications of the computer device and data processing by operating the software programs and modules stored in the memory 320. The memory 320 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to use of the computer device, and the like. Further, the memory 320 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The input unit 330 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the computer apparatus. Specifically, the input unit 330 may include a keyboard 331 and other input devices 332. The keyboard 331 can collect the input operation of the user thereon and drive the corresponding connection device according to a preset program. The keyboard 331 collects the output information and sends it to the processor 370. The input unit 330 may include other input devices 332 in addition to the keyboard 331. In particular, other input devices 332 may include, but are not limited to, one or more of a touch panel, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The display unit 340 may be used to display information input by a user or information provided to the user and various menus of the computer device. The Display unit 340 may include a Display panel 341, and optionally, the Display panel 341 may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the keyboard 331 may cover the display panel 341, and when the keyboard 331 detects a touch operation on or near the keyboard 331, the keyboard 331 transmits the touch event to the processor 370 to determine the type of the touch event, and then the processor 370 provides a corresponding visual output on the display panel 341 according to the type of the input event. Although the keyboard 331 and the display panel 341 are shown in fig. 3 as two separate components to implement input and output functions of the computer device, in some embodiments, the keyboard 331 and the display panel 341 may be integrated to implement input and output functions of the computer device.
Audio circuitry 350, speaker 351, microphone 352 may provide an audio interface between a user and a computer device. The audio circuit 350 may transmit the electrical signal converted from the received audio data to the speaker 351, and the electrical signal is converted into a sound signal by the speaker 351 and output;
WiFi belongs to short-distance wireless transmission technology, and computer equipment can help a user to receive and send e-mails, browse webpages, access streaming media and the like through the WiFi module 360, and provides wireless broadband internet access for the user. Although fig. 3 shows the WiFi module 360, it is understood that it does not belong to the essential constitution of the computer device, and may be omitted entirely as needed within the scope not changing the essence of the invention.
The processor 370 is a control center of the computer device, connects various parts of the entire computer device using various interfaces and lines, performs various functions of the computer device and processes data by operating or executing software programs and/or modules stored in the memory 320 and calling data stored in the memory 320, thereby monitoring the computer device as a whole. Alternatively, processor 370 may include one or more processing units; preferably, the processor 370 may be integrated with an application processor, wherein the application processor primarily handles operating systems, user interfaces, application programs, and the like.
The computer device also includes a power supply 380 (such as a power adapter) for powering the various components, which may preferably be logically connected to the processor 370 through a power management system.
The method, the server and the computer equipment for detecting the user identity information provided by the embodiment of the invention have the following beneficial effects that:
the invention provides a method, a server and computer equipment for detecting user identity information, wherein the method comprises the following steps: receiving request information sent by a client, wherein the request information contains current identity information of the client; reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp corresponding to the moment when the first feature code is generated by the client and a first time difference value, wherein the first time difference value is a time difference value between the server-side timestamp and the client-side timestamp; acquiring a first time stamp of the server corresponding to the reading moment, judging whether a second time difference value meets a preset detection condition, and if so, acquiring key information; a second time difference value is determined according to the first time stamp and the target time stamp; generating a second feature code according to the key information and the target timestamp; judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user; therefore, after the server receives the request information sent by the client, the server decrypts the feature codes in the user identity information to obtain the target timestamp of the client, calculates the second feature codes according to the target timestamp and the key information, determines that the user is a normal user when the second feature codes are consistent with the first feature codes, and determines that the user is an abnormal user when the second feature codes are inconsistent with the first feature codes; after the server receives the request information sent by the client, a second time difference value between the target time stamp and the first time stamp corresponding to the server at the decryption time can be determined, and when the second time difference value meets a preset detection condition, the user is determined to be a normal user; when the second time difference does not meet the preset detection condition, determining that the user is an abnormal user; therefore, the abnormal user can be accurately identified, so that the request of the abnormal user is rejected, the client generates the feature code according to the timestamp and the key information, the feature code is written into the first identity information of the user, the current identity information cookie of the user is generated, the cracking difficulty is improved, and even if a hacker steals the cookie of the normal user, the hacker cannot forge a new cookie without acquiring the key information; even if the key information is cracked, the cookie is quickly invalidated due to the time relationship, so that the cookie cannot be disguised as a normal user to send some abnormal requests to the server, and the live broadcast order of the live broadcast platform is further ensured.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components of a gateway, proxy server, system according to embodiments of the present invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on a computer-readable storage medium or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The above description is only exemplary of the present invention and should not be taken as limiting the scope of the present invention, and any modifications, equivalents, improvements, etc. that are within the spirit and principle of the present invention should be included in the present invention.

Claims (10)

1. A method for detecting user identity information is applied to a live platform, and comprises the following steps:
receiving request information sent by a client, wherein the request information contains current identity information of the client, and the current identity information comprises: after the client logs in successfully, the server issues a first identity information cookie and a first feature code generated by the client to the client;
reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp and a first time difference value corresponding to the moment when the first feature code is generated by the client, the first time difference value is a time difference value between a server-side timestamp and a client-side timestamp, and the first feature code is generated by the client based on a preset time interval calculation, and the method comprises the following steps: after a user successfully logs in a live broadcast platform, a server sends key information to a client, a server-side timestamp corresponding to the key information sending time and a first identity information cookie of the user are sent to the client, after the client receives the server-side timestamp corresponding to the key information sending time, the client-side timestamp corresponding to the key information sending time is obtained, a first time difference value between the client-side timestamp and the server-side timestamp is determined, and after a current timestamp corresponding to the first feature code time generated by the client is obtained, a first feature code is generated according to the key information, the current timestamp corresponding to the first feature code time generated by the client and the first time difference value on the basis of a preset time interval;
acquiring a first time stamp of the server corresponding to the reading moment, judging whether a second time difference value meets a preset detection condition, and if so, acquiring key information; the second time difference value is determined according to the first time stamp and the target time stamp;
generating a second feature code according to the key information and the target timestamp;
and judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user.
2. The method of claim 1, wherein the determining whether the second time difference satisfies a predetermined detection condition, and if so, acquiring the key information comprises:
judging whether the second time difference value meets the detection condition | P-
Figure 266308DEST_PATH_IMAGE002
d, if yes, acquiring the key information; d is a preset time threshold value, and P is the second time difference value.
3. The method of claim 1, wherein generating a second feature code based on the key information and the target timestamp based on a preset time interval comprises:
determining the second signature S2 according to the formula S2= F (key, t); wherein, F is a reversible encryption algorithm or a one-way hash algorithm, t is the target timestamp, and key is the key information.
4. The method of claim 1, wherein the request message is rejected if the second time difference does not satisfy the predetermined detection condition.
5. A server, characterized in that the server comprises:
a receiving unit, configured to receive request information sent by a client, where the request information includes current identity information of the client, and the current identity information includes: after the client logs in successfully, the server issues a first identity information cookie and a first feature code generated by the client to the client;
the acquisition unit is used for reading a first feature code in the current identity information and a target timestamp of the client; the target timestamp is determined according to a current timestamp and a first time difference value corresponding to the moment when the first feature code is generated by the client, the first time difference value is a time difference value between a server-side timestamp and a client-side timestamp, and the first feature code is generated by the client based on a preset time interval calculation, and the method comprises the following steps: after a user successfully logs in a live broadcast platform, a server sends key information to a client, a server-side timestamp corresponding to the key information sending time and a first identity information cookie of the user are sent to the client, after the client receives the server-side timestamp corresponding to the key information sending time, the client-side timestamp corresponding to the key information sending time is obtained, a first time difference value between the client-side timestamp and the server-side timestamp is determined, and after a current timestamp corresponding to the first feature code time generated by the client is obtained, a first feature code is generated according to the key information, the current timestamp corresponding to the first feature code time generated by the client and the first time difference value on the basis of a preset time interval;
the first judging unit is used for acquiring a first timestamp of the server corresponding to the reading moment, judging whether the second time difference value meets a preset detection condition, and if so, acquiring key information; the second time difference value is determined according to the first time stamp and the target time stamp;
the generating unit is used for generating a second feature code according to the key information and the target timestamp;
and the second judging unit is used for judging whether the second feature code is consistent with the first feature code or not, and if so, determining that the user is a normal user.
6. The server according to claim 5, wherein the second obtaining unit is specifically configured to:
judging whether the second time difference value meets the detection condition | P-
Figure 714607DEST_PATH_IMAGE002
d, if yes, acquiring the key information; d is a preset time threshold value, and P is the second time difference value.
7. The server according to claim 5, wherein the generating unit is specifically configured to:
determining the second signature S2 according to the formula S2= F (key, t); wherein, F is a reversible encryption algorithm or a one-way hash algorithm, t is the target timestamp, and key is the key information.
8. The server according to claim 5, wherein the first determining unit is specifically configured to:
and if the second time difference value is judged not to meet the preset detection condition, rejecting the request information.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1 to 4.
10. A computer device for detecting user identity information, comprising:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein,
the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method of any of claims 1 to 4.
CN201810058231.6A 2018-01-22 2018-01-22 Method for detecting user identity information, server, computer-readable storage medium and computer equipment Active CN108306739B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810058231.6A CN108306739B (en) 2018-01-22 2018-01-22 Method for detecting user identity information, server, computer-readable storage medium and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810058231.6A CN108306739B (en) 2018-01-22 2018-01-22 Method for detecting user identity information, server, computer-readable storage medium and computer equipment

Publications (2)

Publication Number Publication Date
CN108306739A CN108306739A (en) 2018-07-20
CN108306739B true CN108306739B (en) 2021-03-12

Family

ID=62865765

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810058231.6A Active CN108306739B (en) 2018-01-22 2018-01-22 Method for detecting user identity information, server, computer-readable storage medium and computer equipment

Country Status (1)

Country Link
CN (1) CN108306739B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111614601B (en) * 2019-02-25 2022-07-12 阿里巴巴集团控股有限公司 Method, device and system for realizing information transmission
CN111262701B (en) * 2020-01-10 2023-05-23 普联国际有限公司 Replay attack detection method, system, equipment and storage medium
CN112632522A (en) * 2020-12-31 2021-04-09 深信服科技股份有限公司 Authorization method, authorization request method and related device
CN113271306B (en) * 2021-05-18 2023-03-24 上海星融汽车科技有限公司 Data request and transmission method, device and system
CN116782210B (en) * 2023-08-07 2024-04-30 数盾信息科技股份有限公司 Dynamic encryption key generation method of high-speed encryption algorithm

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546179A (en) * 2011-12-31 2012-07-04 珠海市君天电子科技有限公司 Identity authentication method applied between server side and client side
JP5612006B2 (en) * 2012-03-13 2014-10-22 株式会社東芝 Data transmitting apparatus, data receiving apparatus, and program
CN105681470B (en) * 2012-03-29 2018-12-28 北京奇虎科技有限公司 Communication means, server based on hypertext transfer protocol, terminal
CN102647461B (en) * 2012-03-29 2016-05-04 北京奇虎科技有限公司 Communication means based on HTTP, server, terminal
CN105516186B (en) * 2015-12-31 2019-07-23 华为技术有限公司 A kind of method preventing Replay Attack and server

Also Published As

Publication number Publication date
CN108306739A (en) 2018-07-20

Similar Documents

Publication Publication Date Title
CN108306739B (en) Method for detecting user identity information, server, computer-readable storage medium and computer equipment
US11206451B2 (en) Information interception processing method, terminal, and computer storage medium
JP6463269B2 (en) Method, system, and computer program product for determining the geographical location of a virtual disk image running on a data center server in a data center
CN110505065B (en) Trusted timestamp adding method and device and storage medium
US20160292678A1 (en) Signature verification method, apparatus, and system
EP2755157B1 (en) Detecting undesirable content
CN110417543B (en) Data encryption method, device and storage medium
KR20150036104A (en) Method, client, server and system of login verification
US20180097801A1 (en) Establishing a trusted login procedure
CN107154935B (en) Service request method and device
US20220123944A1 (en) Verifying user interactions on a content platform
CN108200180B (en) Method and device for limiting request frequency and computer equipment
CN104426835B (en) Login detection method, server, login detection device and system
CN107666470B (en) Verification information processing method and device
US11949688B2 (en) Securing browser cookies
US20150271186A1 (en) Method, client terminal device and system for verifying page information
CN110113351A (en) The means of defence and device, storage medium, computer equipment of CC attack
WO2018136087A1 (en) Multiple remote attestation service for cloud-based systems
EP3381166A1 (en) Systems and methods for cross-channel device binding
CN107959691B (en) Method for detecting user identity information, server, computer-readable storage medium and computer equipment
CN108055286B (en) Method, client, computer-readable storage medium and computer device for generating user identity information
US10178512B2 (en) Information broadcast
WO2017129068A1 (en) Event execution method and device and system therefor
CN114372801A (en) Biological characteristic information identification method and related device
KR102562178B1 (en) Prevention of data manipulation of communication network measurements and protection of user privacy

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant