CN108810894A - Authorization terminal method, apparatus, computer equipment and storage medium - Google Patents
Authorization terminal method, apparatus, computer equipment and storage medium Download PDFInfo
- Publication number
- CN108810894A CN108810894A CN201810546442.4A CN201810546442A CN108810894A CN 108810894 A CN108810894 A CN 108810894A CN 201810546442 A CN201810546442 A CN 201810546442A CN 108810894 A CN108810894 A CN 108810894A
- Authority
- CN
- China
- Prior art keywords
- server
- terminal
- private key
- sent
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
Abstract
This application involves a kind of authorization terminal method, apparatus, computer equipment and storage mediums.The method includes:Receive application start instruction;Private key and channel mark are read from the corresponding default file folder of application start instruction, current local time is obtained, private key, channel mark and current local time is spliced into checking request;Checking request is sent to server, and receives the authorization code corresponding with checking request of server transmission;Data interaction is carried out according to authorization code and server.It has to be adapted to the application program that server is supported without hardware vendor using this method, can support the third party device of all hardware manufacturer.
Description
Technical field
This application involves field of computer technology, more particularly to a kind of authorization terminal method, apparatus, computer equipment and
Storage medium.
Background technology
With modern network technology fast development, often need through application program between server and third party's hardware into
Row data interaction.
Traditionally, third party's hardware is all that the application program supported with server binds just can be used normally by force, so
And server support application program be difficult to accomplish all to be adapted to the hardware vendor of all third party devices, for some with
The third party device that application program is not adapted to, then can not be by server mandate, and then nothing causes application program that can not use.
Invention content
Based on this, it is necessary in view of the above technical problems, provide a kind of terminal that can ensure application program normal operation
Authorization method, device, computer equipment and storage medium.
A kind of authorization terminal method, the method includes:
Receive application start instruction;
Private key and channel mark are read from the corresponding default file folder of the application start instruction, is obtained currently originally
The private key, channel mark and the current local time are spliced into checking request by the ground time;
The checking request is sent to server, and receives the corresponding with the checking request of the server transmission
Authorization code;
Data interaction is carried out according to the authorization code and the server.
It is described in one of the embodiments, that data interaction is carried out according to the authorization code and the server, including:
Receive the data requesting instructions of input;
Data read request is generated according to the data requesting instructions and the authorization code;
The data read request is sent to the server, and obtains being read with the data for the server return
Take the corresponding data of request.
In one of the embodiments, it is described the data read request is sent to the server after, further include:
Receive the mandate thrashing message for the authorization code that the server returns;
When the re-examination for the mandate thrashing message for receiving input demonstrate,proves instruction, then the application program is continued to execute
Private key and channel mark are read in the corresponding default file folder of enabled instruction, and reads current local time.
The injection mode of the private key and channel mark in one of the embodiments, including:
Receive the injection request of hardware vendor;
Default file folder is created in the system folder of terminal according to injection request;
Obtaining the channel mark that the hardware vendor sends and the private key, the channel mark and the private key is
The server is generated according to the certification channel of the hardware vendor;
The channel mark and the private key are stored in the default file folder.
In one of the embodiments, it is described the checking request is sent to server after, further include:
The failed message that the server is sent is received, and shows the failed message.
It is described in one of the embodiments, that the checking request is sent to server, including:
The checking request is encrypted according to predetermined encryption rule;
The encrypted checking request is sent to server.
A kind of authorization terminal device, described device include:
Trigger module, for receiving application start instruction;
Module is requested to generate, for reading private key and canal from the corresponding default file folder of the application start instruction
Road identifies, and obtains current local time, the private key, channel mark and the current local time are spliced into checking request;
Authorization code acquisition module, for the checking request to be sent to server, and receive server transmission with institute
State the corresponding authorization code of checking request;
Data interaction module, for carrying out data interaction according to the authorization code and the server.
The data interaction module includes in one of the embodiments,:
Instruction reception unit, the data requesting instructions for receiving input;
Unit is requested to generate, for generating data read request according to the data requesting instructions and the authorization code;
Data interaction unit for the data read request to be sent to the server, and obtains the server
The data corresponding with the data read request returned.
A kind of computer equipment, including memory and processor, the memory are stored with computer program, the processing
The step of device realizes any of the above-described the method when executing the computer program.
A kind of computer readable storage medium, is stored thereon with computer program, and the computer program is held by processor
The step of method described in any one of the above embodiments is realized when row.
Above-mentioned authorization terminal method, apparatus, computer equipment and storage medium can pass through program after program unlatching
The private key and channel mark that the hardware vendor of terminal is previously implanted into automatic reading folder, by this content and current local time
It is spliced into checking request, and it is encrypted, server for services device is sent to and this terminal is authorized, allow this end
End carries out data interaction with server.The private key that is previously implanted by the hardware vendor of terminal in file and channel mark with work as
It is suitable to have to the application program supported with server without hardware vendor for generation foundation of the preceding local zone time as checking request
Match, can support the third party device of all hardware manufacturer.
Description of the drawings
Fig. 1 is the application scenario diagram of authorization terminal method in one embodiment;
Fig. 2 is the flow diagram of authorization terminal method in one embodiment;
Fig. 3 is the flow diagram of the injection mode of private key and terminal iidentification in one embodiment;
Fig. 4 is the structure diagram of authorization terminal device in one embodiment;
Fig. 5 is the internal structure chart of one embodiment Computer equipment.
Specific implementation mode
It is with reference to the accompanying drawings and embodiments, right in order to make the object, technical solution and advantage of the application be more clearly understood
The application is further elaborated.It should be appreciated that specific embodiment described herein is only used to explain the application, not
For limiting the application.
Authorization terminal method provided by the present application, can be applied in application environment as shown in Figure 1.Wherein, terminal with
Server is communicated by network.Terminal receives application start instruction, after starting application program, is read automatically by program
The private key and channel mark that the hardware vendor of terminal in file is previously implanted into are taken, this content is spliced into current local time
Checking request, and it is encrypted, it is sent to server for services device and this terminal is authorized, allow this terminal and clothes
Business device carries out data interaction.Wherein, it is various personal computers that terminal, which can be, but not limited to, laptop, smart mobile phone, is put down
Plate computer and portable wearable device, server can use the server of the either multiple server compositions of independent server
Cluster is realized.
In one embodiment, as shown in Fig. 2, providing a kind of authorization terminal method, it is applied in Fig. 1 in this way
It illustrates, includes the following steps for terminal:
S202 receives application start instruction.
Wherein, application start instruction is that the instruction of application program is run in terminal, can be the use of operating terminal
Family is referred to by clicking the instruction of the corresponding icon of terminal interface application program or notification bar, terminal according to this application program launching
Order starts application program in terminal.
Specifically, terminal receives instruction of the user by the corresponding icon of click terminal interface application program or notification bar
The application start instruction of input, terminal bring into operation corresponding application program.
S204 reads private key and channel mark from the corresponding default file folder of application start instruction, obtains current
Private key, channel mark and current local time are spliced into checking request by local zone time.
Wherein, default file folder is that the hardware vendor of terminal is preset for storing private key and terminal iidentification in the terminal
Address can be a file being locally stored in terminal in disk.
Private key is that server is dispatched to hardware vendor, for allowing the equipment of hardware vendor to carry out data friendship with server
Mutual information;Such as can be a string of character strings that server generates.
Terminal iidentification is the information of the channel for showing this terminal access server;Can be hardware vendor information and
Protocol type etc. between the system that hardware vendor and server represent.If terminal is the equipment for being sold drug, then
Terminal iidentification can be generated according to the hardware brand of this terminal with retail channel mark.
Verification information is the information that terminal to server request authorizes, and is according to private key, channel mark and current local
What the time was spliced.
Specifically, after terminal operating application program, the mandate by server is first needed, it just can be with server into line number
According to interaction, and terminal request server is to the method that it is authorized, from the corresponding default file of application start instruction
The private key and channel mark for reading hardware vendor's injection, then pass through the network equipment of terminal or other timing device reading terminals
On current local time, these three information are spliced into checking request, for request server according to this checking request to end
End is authorized.
Checking request is sent to server by S206, and receives the authorization code corresponding with checking request of server transmission.
Wherein, after authorization code is the authorization requests that server passes through terminal, it is sent to the letter for data interaction of terminal
Breath can be a string of character strings etc. for being directed to each terminal.
Specifically, the checking request generated in step S204 is sent to server by terminal, and request server is to this terminal
It is authorized, if server is verified the checking request of this terminal, then this terminal passes through the mandate of server, server
An authorization code for being used for data interaction is sent to terminal.
S208 carries out data interaction according to authorization code and server.
Specifically, after server is to authorization terminal, terminal can carry out data interaction with server, and terminal is defeated according to user
The request of data entered reads corresponding data from server.
This scheme terminal is the third party device needed through server mandate, such as needs to carry out data with medical server
Medicine equipment is sold in interactive outside, is only supplied in the specific applications such as fixed pharmacy, due to outside sell the terminals such as medicine equipment have make
With the restricted and specific aim of occasion, therefore need that injection server is dispatched in the default file folder of terminal by hardware vendor
The terminal iidentification of the information of the private key of hardware vendor and channel for showing this terminal access server ensures in said program
The specificity for the checking request that terminal generates.
Above-mentioned authorization terminal method can pass through the hardware of terminal in the automatic reading folder of program after program unlatching
This content and current local time are spliced into checking request, and are carried out to it by the private key and channel mark that manufacturer is previously implanted into
Encryption, is sent to server for services device and is authorized to this terminal, this terminal is allowed to carry out data interaction with server.It is logical
Private key and channel mark that the hardware vendor of terminal in file is previously implanted into are crossed with current local time as checking request
Foundation is generated, has to be adapted to the application program that server is supported without hardware vendor, can support all hardware manufacturer
Third party device.
Data interaction is carried out according to authorization code and server in one of the embodiments, including:Receive the data of input
Request instruction;Data read request is generated according to data requesting instructions and authorization code;Data read request is sent to server,
And obtain the data corresponding with data read request of server return.
Wherein, data requesting instructions are the reading of terminal to server transmission or the information of the data in download server;
Can be the information inputted by the input equipment of terminal using the user of this terminal, as the user of using terminal wishes from service
Device obtains the indication information of a certain drug, then can input the keywords such as title and " obtaining indication " of drug.
Data read request is the solicited message that terminal is generated according to data requesting instructions, such as will be in data requesting instructions
Hold to be stitched together with authorization code and generates the information that a server can identify.
Specifically, after mandate of the terminal by server, can with server carry out data interaction, terminal according to
Before the data requesting instructions reading service device corresponding data of family input, needs to first pass through application program by data requesting instructions and award
Weighted code combination producing data read request, after server receives the data read request of terminal transmission, if authorization code therein
Effectively, then server obtains data corresponding with data read request, and sends it to terminal, completes this data interaction.
Optionally, if after the returned data of terminal reception server, if server returned data is installable program
Packet, can by verifying the signing messages of this program bag, ensure this can the installation kit of installation procedure be not tampered with.Terminal can be from clothes
The signature that the installation kit of plug-in unit to be updated is obtained in business device, then calculates the cryptographic Hash of this signature according to cryptographic Hash calculation,
Then it is compared with the cryptographic Hash extracted in installation kit, if amount cryptographic Hash is identical, signing messages is proved to be successful, and illustrates this peace
Dress packet is not tampered with.
In above-described embodiment, when each terminal and server carry out data interaction, the data sent from terminal are required for
It is handled by application program, it is made to take authorization code, server needs after identifying authorization code, just returns the data of terminal request
Back to terminal.By this operation, it ensure that the safety of data interaction between terminal and server, avoid leaking data.
After data read request is sent to server in one of the embodiments, further include:Server is received to return
The mandate thrashing message of the authorization code returned;When the re-examination for mandate thrashing message for receiving input demonstrate,proves instruction, then continue to hold
Private key and channel mark are read in the corresponding default file folder of row application start instruction, and reads current local time.
Wherein, it is that server informs the no longer valid information of authorization terminal code to authorize thrashing message;As authorization code has surpassed
Go out the information of service life.
Re-examination card instruction is the instruction for starting terminal request server mandate again, can be that user is directed to authorization code
The instruction of the information input of failure verified again.
Specifically, server first verifies the authorization code in request of data, works as hair after receiving the data read request of terminal
When now this authorization code is no longer valid, then authorization failure message is sent to terminal, terminal is received after authorization failure message, needed
To after server again sub-authorization, this data interaction can be just continued to execute.Terminal shows this authorization failure message to user,
It chooses whether that request server is to this authorization terminal again by user, if user agrees to, inputs a re-examination card to terminal and refer to
It enables, terminal is demonstrate,proved according to this re-examination and instructed, and is executed to continue to execute again and be read in the corresponding default file folder of application start instruction
Private key and channel mark, and the step of reading current local time are taken, checking request is regenerated, until server is sent out to terminal
Send new authorization code, terminal that can carry out data interaction according to new authorization code and server.
Optionally, server allows the authorization code of terminal access to have timeliness in said program, when this authorization code exceeds
After service life, authorization code failure, server need to again authorize this terminal, and terminal just can be with server into line number
According to interaction.Alternatively, when a certain terminal has violation operation, server can by way of allowing the authorization code of this terminal to fail,
This terminal is avoided to continue violation operation.
In above-described embodiment, server can access the terminal of this server by authorization code management, improve server
Flexibility to all terminal managements connected to it.
In one embodiment, Fig. 3 is referred to, the injection mode of above-mentioned private key and channel mark, including:
S302 receives the injection request of hardware vendor.
Specifically, hardware vendor thinks that terminal sends injection request, and channel mark and private key, such as hardware are injected in terminal
Manufacturer sends the information for the local storage region for requiring modification terminal to terminal.
Optionally, terminal can verify the log-on message of hardware vendor, such as username and password, after being proved to be successful, just permit
Perhaps hardware vendor accesses the local storage region of terminal.
S304 creates default file folder according to injection request in the system folder of terminal.
Specifically, it after hardware vendor enters the local storage region of terminal, is created in the system folder of terminal default
File, this default file folder is for storing channel mark to be implanted and private key.Select system folder the reason of be, when
Terminal is not carried temporary, and the content in system file will not be changed, and only the user of using terminal is allowed to be visited in a manner of read-only
It asks, safety higher.
S306, the channel mark and private key that acquisition hardware vendor sends, channel mark and private key are servers according to hardware
What the certification channel of manufacturer generated.
Wherein, certification channel is the protocol type between hardware vendor and server, such as retail, direct selling.
Specifically, private key is that server is dispatched to hardware vendor, for allow the equipment of hardware vendor and server into
The information of row data interaction, terminal iidentification are according to the information such as hardware vendor's brand, unit type and hardware vendor and service
The information that protocol type between device generates.Private key and terminal iidentification are sent to terminal by hardware vendor.
Channel mark and private key are stored in default file folder by S308.
Specifically, it after terminal receives the private key and terminal iidentification that hardware vendor sends, stores it in system file
In newly-built default file folder, it to be used for authorization terminal.
In above-described embodiment, the hardware vendor of the local storage domain information of modification terminal is only had permission, it can be with
The above method injects channel mark and private key in the system folder of terminal, overcomes tradition and distributes registration letter by server
The randomness of the authorization terminal mode of breath improves the authorization terminal method of the application when being authorized to small-scale terminal
Safety.
After checking request is sent to server in one of the embodiments, further include:Receive what server was sent
Failed message, and show failed message.
Specifically, when the encrypted verification application that terminal is sent to server can not be by the verification of server, clothes
Device be engaged in the failed message of terminal transmission authentication failed, this failed message may include the related news of authentication failed, terminal
User can carry out carrying out corresponding processing to program, such as carry out upgrading operation to application program according to this failed message.
In above-described embodiment, if server fails to this authorization terminal according to the checking request that terminal is sent, terminal exists
Display interface shows this failed message so that the user of operating terminal can solve asking in authorization terminal according to failed message
Topic.
Checking request is sent to server in one of the embodiments, including:According to predetermined encryption rule to verification
Request is encrypted;Encrypted checking request is sent to server.
Wherein, predetermined encryption rule is for the encrypted algorithm of checking request, server to can recognize that this Encryption Algorithm, such as
RSA Algorithm (a kind of asymmetric cryptographic algorithm).
Specifically, before terminal to server sends checking request, first this checking request can be advised according to predetermined encryption
It is then encrypted, then encrypted checking request is sent to server.And for server end:Obtain the encryption that terminal is sent
Checking request afterwards after being decrypted to encrypted checking request according to decryption rule corresponding with predetermined encryption rule, then obtains
Authorization code is sent to terminal, the mandate of complete paired terminal by the corresponding authorization code of this terminal.
In above-described embodiment, terminal is encrypted the checking request of server to be sent to by predetermined encryption rule,
It avoids checking request from revealing or be tampered halfway, improves safety when authorization terminal.
For example, it is that retail that company A provides, operation Android operation system is set that the terminal in the above method, which is hardware vendor,
Standby, then the step of company A injects private key and terminal iidentification in the terminal, includes:The hardware of Android operation system is run, terminal
Acquiescence can create a file in internal storage device:System/etc/, the effect of this file are to be used for storage system
Hardware key message, operational attribute only allow to read.Terminal is using the permission of hardware vendor in this file of system/etc/
It is lower to create a default file folder.Two files are stored in this default file folder, and private key, i.e., one group are stored in first file
Password exists with character string forms;Second file stores terminal iidentification, the i.e. information of the channel of this terminal access server,
Exist with character string forms.
Company A provides one and authorizes SDK (Software Development Kit Software Development Kit), and terminal is at this
This SDK is installed on ground, and following steps are realized in terminal:Read the private key and terminal iidentification in default file, this read step
It can be realized by java (a kind of computer programming language) standard interface FileInputStream (file input stream);It reads
The hardware sequence number of this terminal, sequence number read method is taken to be:By Java reflex mechanisms, access
Android.os.SystemProperties (class in Android system for obtaining and being arranged system property), then passes through
Two character strings of ro.boot.serialno and ro.serialno (device number) filter out hardware sequence number;The sheet of reading terminals
The ground time can use java interfaces to obtain system time, and chronomere is millisecond;By the private key of acquisition, terminal iidentification and sheet
Three contents of ground time are combined splicing, form a new character string, i.e. checking request, and using RSA Algorithm to verification
Request is encrypted, and generates encrypted checking request, and send it to server, and the checking solicited message that terminal is sent is taken
With equipment Serial Number and log-on message.
The encrypted checking request that server receiving terminal is sent, and corresponding authorization code is generated, this step includes:Clothes
Business device receives encrypted checking request, it is decrypted based on RSA Algorithm;Verification private key simultaneously checks this terminal iidentification pair
The protocol type answered;If being all verified, server according to send checking request terminal equipment Serial Number, terminal mark
Know, the log-on message of local zone time and this terminal access server, generate the authorization code for this terminal, and by this authorization code
It is sent in the preset network address of company A.
Terminal accesses the preset network address of company A by SDK, and therefrom obtains authorization code, this authorization code is stored in terminal
SDK in.When each terminal needs to carry out data interaction with server, server will be sent in terminal by all first passing through SDK
Data on add authorization code, for identification.
It should be understood that although each step in the flow chart of Fig. 2 to Fig. 3 is shown successively according to the instruction of arrow,
But these steps are not the inevitable sequence indicated according to arrow to be executed successively.Unless expressly state otherwise herein, these
There is no stringent sequences to limit for the execution of step, these steps can execute in other order.Moreover, in Fig. 2 to Fig. 3
At least part step may include that either these sub-steps of multiple stages or stage are not necessarily same to multiple sub-steps
One moment executed completion, but can execute at different times, and the execution in these sub-steps or stage sequence is also not necessarily
Be carry out successively, but can with other steps either the sub-step of other steps or at least part in stage in turn or
Alternately execute.
In one embodiment, as shown in figure 4, providing a kind of authorization terminal device, including:Trigger module 100, request
Generation module 200, authorization code acquisition module 300, data interaction module 400, wherein:
Trigger module 100, for receiving application start instruction.
Module 200 is requested to generate, for reading private key and canal from the corresponding default file folder of application start instruction
Road identifies, and obtains current local time, private key, channel mark and current local time are spliced into checking request.
Authorization code acquisition module 300, for checking request to be sent to server, and receive server transmission with verification
Ask corresponding authorization code.
Data interaction module 400, for carrying out data interaction according to authorization code and server.
In one embodiment, the data interaction module 400 in above-mentioned authorization terminal device may include:
Instruction reception unit, the data requesting instructions for receiving input.
Unit is requested to generate, for generating data read request according to data requesting instructions and authorization code.
Data interaction unit for data read request to be sent to server, and obtains server returns and data
The corresponding data of read requests.
In one embodiment, above-mentioned authorization terminal device can also include:
Authorization failure module, the mandate thrashing message of the authorization code for receiving server return.
Weight authentication module is used to when receiving when being directed to the re-examination card instruction for authorizing thrashing message of input, then continue to execute
Private key and channel mark are read in the corresponding default file folder of application start instruction, and reads current local time.
In one embodiment, above-mentioned authorization terminal device can also include:
Request module is injected, the injection for receiving hardware vendor is asked.
Preparation module is injected, for creating default file folder in the system folder of terminal according to injection request.
Data obtaining module is injected, channel mark and private key, channel mark and private key for obtaining hardware vendor's transmission
It is that server is generated according to the certification channel of hardware vendor.
Memory module, for channel mark and private key to be stored in default file folder.
In one embodiment, above-mentioned authorization terminal device can also include:
Authentication failed module, the failed message for receiving server transmission, and show failed message.
In one embodiment, the authorization code acquisition module 300 of above-mentioned authorization terminal device may include:
Encryption unit, for checking request to be encrypted according to predetermined encryption rule.
Transmission unit, for encrypted checking request to be sent to server.
Specific about authorization terminal device limits the restriction that may refer to above for authorization terminal method, herein not
It repeats again.Modules in above-mentioned authorization terminal device can be realized fully or partially through software, hardware and combinations thereof.On
Stating each module can be embedded in or independently of in the processor in computer equipment, can also store in a software form in the form of hardware
In memory in computer equipment, the corresponding operation of the above modules is executed in order to which processor calls.
In one embodiment, a kind of computer equipment is provided, which can be terminal, internal structure
Figure can be as shown in Figure 5.The computer equipment includes the processor connected by system bus, memory, network interface, display
Screen and input unit.Wherein, the processor of the computer equipment is for providing calculating and control ability.The computer equipment is deposited
Reservoir includes non-volatile memory medium, built-in storage.The non-volatile memory medium is stored with operating system and computer journey
Sequence.The built-in storage provides environment for the operation of operating system and computer program in non-volatile memory medium.The calculating
The network interface of machine equipment is used to communicate by network connection with external terminal.When the computer program is executed by processor with
Realize a kind of authorization terminal method.The display screen of the computer equipment can be liquid crystal display or electric ink display screen,
The input unit of the computer equipment can be the touch layer covered on display screen, can also be to be arranged on computer equipment shell
Button, trace ball or Trackpad, can also be external keyboard, Trackpad or mouse etc..
It will be understood by those skilled in the art that structure shown in Fig. 5, is only tied with the relevant part of application scheme
The block diagram of structure does not constitute the restriction for the computer equipment being applied thereon to application scheme, specific computer equipment
May include either combining certain components than more or fewer components as shown in the figure or being arranged with different components
In one embodiment, a kind of computer equipment, including memory and processor are provided, which is stored with
Computer program, the processor realize following steps when executing computer program:Receive application start instruction;From using journey
Private key and channel mark are read in the corresponding default file folder of sequence enabled instruction, current local time is obtained, by private key, channel mark
Know and current local time is spliced into checking request;Checking request is sent to server, and receive server transmission with test
Card asks corresponding authorization code;Data interaction is carried out according to authorization code and server.
In one embodiment, that is realized when processor execution computer program carries out data according to authorization code and server
It is interactive, may include:Receive the data requesting instructions of input;Digital independent is generated according to data requesting instructions and authorization code to ask
It asks;Data read request is sent to server, and obtains the data corresponding with data read request of server return.
In one embodiment, that is realized when processor execution computer program is sent to server by data read request
Later, can also include:Receive the mandate thrashing message for the authorization code that server returns;Failure is authorized when receiving being directed to for input
When the re-examination card instruction of message, then continues to execute in the corresponding default file folder of application start instruction and read private key and channel
Mark, and read current local time.
In one embodiment, processor executes the injection mode of the private key and channel mark realized when computer program,
May include:Receive the injection request of hardware vendor;Default file is created in the system folder of terminal according to injection request
Folder;The channel mark and private key that hardware vendor sends are obtained, channel mark and private key are certification of the server according to hardware vendor
What channel generated;Channel mark and private key are stored in default file folder.
In one embodiment, processor execute computer program when realize checking request is sent to server it
Afterwards, can also include:The failed message that server is sent is received, and shows failed message.
In one embodiment, that is realized when processor execution computer program is sent to server by checking request, can
To include:Checking request is encrypted according to predetermined encryption rule;Encrypted checking request is sent to server.
In one embodiment, a kind of computer readable storage medium is provided, computer program is stored thereon with, is calculated
Machine program realizes following steps when being executed by processor:Receive application start instruction;It is corresponded to from application start instruction
Default file folder in read private key and channel mark, obtain current local time, by private key, channel mark and it is current local when
Between be spliced into checking request;Checking request is sent to server, and receives the awarding corresponding with checking request of server transmission
Weighted code;Data interaction is carried out according to authorization code and server.
In one embodiment, realized when computer program is executed by processor according to authorization code and server into line number
According to interaction, may include:Receive the data requesting instructions of input;Digital independent is generated according to data requesting instructions and authorization code to ask
It asks;Data read request is sent to server, and obtains the data corresponding with data read request of server return.
In one embodiment, that is realized when computer program is executed by processor is sent to data read request service
After device, can also include:Receive the mandate thrashing message for the authorization code that server returns;Mistake is authorized when receiving being directed to for input
When imitating the re-examination card instruction of message, then continues to execute in the corresponding default file folder of application start instruction and read private key and canal
Road identifies, and reads current local time.
In one embodiment, the injection side of the private key and channel mark realized when computer program is executed by processor
Formula may include:Receive the injection request of hardware vendor;Default text is created in the system folder of terminal according to injection request
Part presss from both sides;The channel mark and private key that hardware vendor sends are obtained, channel mark and private key are server recognizing according to hardware vendor
Demonstrate,prove what channel generated;Channel mark and private key are stored in default file folder.
In one embodiment, realized when computer program is executed by processor checking request is sent to server it
Afterwards, can also include:The failed message that server is sent is received, and shows failed message.
In one embodiment, that is realized when computer program is executed by processor is sent to server by checking request,
May include:Checking request is encrypted according to predetermined encryption rule;Encrypted checking request is sent to server.
One of ordinary skill in the art will appreciate that realizing all or part of flow in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the computer program can be stored in a non-volatile computer
In read/write memory medium, the computer program is when being executed, it may include such as the flow of the embodiment of above-mentioned each method.Wherein,
Any reference to memory, storage, database or other media used in each embodiment provided herein,
Including non-volatile and/or volatile memory.Nonvolatile memory may include read-only memory (ROM), programming ROM
(PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM) or flash memory.Volatile memory may include
Random access memory (RAM) or external cache.By way of illustration and not limitation, RAM is available in many forms,
Such as static state RAM (SRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate sdram (DDRSDRAM), enhancing
Type SDRAM (ESDRAM), synchronization link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM
(RDRAM), direct memory bus dynamic ram (DRDRAM) and memory bus dynamic ram (RDRAM) etc..
Each technical characteristic of above example can be combined arbitrarily, to keep description succinct, not to above-described embodiment
In each technical characteristic it is all possible combination be all described, as long as however, the combination of these technical characteristics be not present lance
Shield is all considered to be the range of this specification record.
Above example only expresses the several embodiments of the application, the description thereof is more specific and detailed, but can not
Therefore it is construed as limiting the scope of the patent.It should be pointed out that for those of ordinary skill in the art,
Under the premise of not departing from the application design, various modifications and improvements can be made, these belong to the protection domain of the application.
Therefore, the protection domain of the application patent should be determined by the appended claims.
Claims (10)
1. a kind of authorization terminal method, the method includes:
Receive application start instruction;
Private key and channel mark are read from the corresponding default file folder of the application start instruction, when obtaining current local
Between, the private key, channel mark and the current local time are spliced into checking request;
The checking request is sent to server, and receives the mandate corresponding with the checking request that the server is sent
Code;
Data interaction is carried out according to the authorization code and the server.
2. according to the method described in claim 1, it is characterized in that, it is described according to the authorization code and the server into line number
According to interaction, including:
Receive the data requesting instructions of input;
Data read request is generated according to the data requesting instructions and the authorization code;
The data read request is sent to the server, and obtains being asked with the digital independent for the server return
Seek corresponding data.
3. according to the method described in claim 1, it is characterized in that, described be sent to the service by the data read request
After device, further include:
Receive the mandate thrashing message for the authorization code that the server returns;
When the re-examination for the mandate thrashing message for receiving input demonstrate,proves instruction, then the application program launching is continued to execute
Private key and channel mark are read in instructing corresponding default file to press from both sides, and read current local time.
4. according to the method described in claim 1, it is characterized in that, the injection mode of the private key and channel mark, including:
Receive the injection request of hardware vendor;
Default file folder is created in the system folder of terminal according to injection request;
The channel mark and the private key that the hardware vendor sends are obtained, the channel mark and the private key are described
Server is generated according to the certification channel of the hardware vendor;
The channel mark and the private key are stored in the default file folder.
5. according to the method described in claim 1, it is characterized in that, it is described the checking request is sent to server after,
Further include:
The failed message that the server is sent is received, and shows the failed message.
6. according to the method described in claim 1, it is characterized in that, described be sent to server by the checking request, including:
The checking request is encrypted according to predetermined encryption rule;
The encrypted checking request is sent to server.
7. a kind of authorization terminal device, which is characterized in that described device includes:
Trigger module, for receiving application start instruction;
Module is requested to generate, for reading private key and channel mark from the corresponding default file folder of the application start instruction
Know, obtains current local time, the private key, channel mark and the current local time are spliced into checking request;
Authorization code acquisition module for the checking request to be sent to server, and receives being tested with described for server transmission
Card asks corresponding authorization code;
Data interaction module, for carrying out data interaction according to the authorization code and the server.
8. the method according to the description of claim 7 is characterized in that the data interaction module includes:
Instruction reception unit, the data requesting instructions for receiving input;
Unit is requested to generate, for generating data read request according to the data requesting instructions and the authorization code;
Data interaction unit for the data read request to be sent to the server, and obtains the server and returns
Data corresponding with the data read request.
9. a kind of computer equipment, including memory and processor, the memory are stored with computer program, feature exists
In when the processor executes the computer program the step of any one of realization claim 1 to 6 the method.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program
The step of method according to any one of claims 1 to 6 is realized when being executed by processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810546442.4A CN108810894B (en) | 2018-05-31 | 2018-05-31 | Terminal authorization method, device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810546442.4A CN108810894B (en) | 2018-05-31 | 2018-05-31 | Terminal authorization method, device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108810894A true CN108810894A (en) | 2018-11-13 |
| CN108810894B CN108810894B (en) | 2023-08-25 |
Family
ID=64089640
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810546442.4A Active CN108810894B (en) | 2018-05-31 | 2018-05-31 | Terminal authorization method, device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108810894B (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109740306A (en) * | 2018-12-27 | 2019-05-10 | 苏州思必驰信息科技有限公司 | The method and device that application software is authorized based on hybrid plan |
| CN109766316A (en) * | 2018-12-18 | 2019-05-17 | 深圳壹账通智能科技有限公司 | File acquisition method, device, computer equipment and storage medium |
| CN110097448A (en) * | 2019-03-19 | 2019-08-06 | 平安普惠企业管理有限公司 | Channel side cut-in method, device, equipment and storage medium based on open platform |
| CN110233857A (en) * | 2019-06-28 | 2019-09-13 | 深圳开立生物医疗科技股份有限公司 | A kind of ultrasonic device authorization method, system, equipment and computer storage medium |
| CN110543448A (en) * | 2019-07-22 | 2019-12-06 | 深圳壹账通智能科技有限公司 | data synchronization method, device, equipment and computer readable storage medium |
| CN110610360A (en) * | 2019-09-09 | 2019-12-24 | 飞天诚信科技股份有限公司 | Hardware wallet binding authorization method and device |
| CN110851805A (en) * | 2019-10-14 | 2020-02-28 | 深圳市非零无限科技有限公司 | Method, system and readable storage medium for verifying user access authorization by SDK |
| CN110990796A (en) * | 2019-11-26 | 2020-04-10 | 广州至真信息科技有限公司 | Application processing method and device, application server and storage medium |
| CN110990073A (en) * | 2019-11-13 | 2020-04-10 | 北京城市网邻信息技术有限公司 | Method and device for verifying customization requirements of application program |
| CN111125677A (en) * | 2019-12-24 | 2020-05-08 | 苏州思必驰信息科技有限公司 | Equipment authorization method and system |
| CN111159657A (en) * | 2019-11-22 | 2020-05-15 | 深圳智链物联科技有限公司 | Application program authentication method and system |
| CN111666564A (en) * | 2020-05-14 | 2020-09-15 | 平安科技(深圳)有限公司 | Application program safe starting method and device, computer equipment and storage medium |
| CN112200560A (en) * | 2020-09-30 | 2021-01-08 | 广东岭南通股份有限公司 | Virtual public transport one-card recharging method capable of being completed through single exchange |
| CN112887099A (en) * | 2021-01-11 | 2021-06-01 | 深圳市新国都支付技术有限公司 | Data signature method, electronic device and computer readable storage medium |
| CN112910867A (en) * | 2021-01-21 | 2021-06-04 | 四三九九网络股份有限公司 | Double verification method for trusted equipment to access application |
| CN113538777A (en) * | 2021-06-25 | 2021-10-22 | 合肥美的智能科技有限公司 | Authorization method, intelligent container, server and computer storage medium |
| CN114036491A (en) * | 2021-11-25 | 2022-02-11 | 京东方科技集团股份有限公司 | Software management method, system and storage medium |
| CN114357386A (en) * | 2021-11-30 | 2022-04-15 | 北京旷视科技有限公司 | Software authorization method and device |
| CN114386075A (en) * | 2022-01-14 | 2022-04-22 | 建信金融科技有限责任公司 | Data transmission channel establishing method, data transmission device, data transmission equipment and medium |
| CN115017478A (en) * | 2022-04-21 | 2022-09-06 | 江苏康众汽配有限公司 | Method and system for safely controlling login of company background application |
| CN115037521A (en) * | 2022-05-11 | 2022-09-09 | 广州小马智卡科技有限公司 | Service data verification method, device, computer equipment and storage medium |
| CN115859230A (en) * | 2023-02-27 | 2023-03-28 | 深圳市启明智显科技有限公司 | Authorization management system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104539589A (en) * | 2014-12-10 | 2015-04-22 | 华为软件技术有限公司 | Authorization method, server and client |
| US20160099941A1 (en) * | 2014-10-03 | 2016-04-07 | Gopro, Inc. | Authenticating a limited input device via an authenticated application |
| CN105635062A (en) * | 2014-10-31 | 2016-06-01 | 腾讯科技(上海)有限公司 | Network access equipment verification method and device |
| CN105897679A (en) * | 2015-12-04 | 2016-08-24 | 乐视致新电子科技(天津)有限公司 | Communication method and device |
| CN106096336A (en) * | 2016-06-13 | 2016-11-09 | 北京京东尚科信息技术有限公司 | Software anti-crack method and system |
| CN107707678A (en) * | 2017-11-22 | 2018-02-16 | 上海斐讯数据通信技术有限公司 | A kind of router realizes the method and system of remote data transmission |
-
2018
- 2018-05-31 CN CN201810546442.4A patent/CN108810894B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160099941A1 (en) * | 2014-10-03 | 2016-04-07 | Gopro, Inc. | Authenticating a limited input device via an authenticated application |
| CN105635062A (en) * | 2014-10-31 | 2016-06-01 | 腾讯科技(上海)有限公司 | Network access equipment verification method and device |
| CN104539589A (en) * | 2014-12-10 | 2015-04-22 | 华为软件技术有限公司 | Authorization method, server and client |
| CN105897679A (en) * | 2015-12-04 | 2016-08-24 | 乐视致新电子科技(天津)有限公司 | Communication method and device |
| CN106096336A (en) * | 2016-06-13 | 2016-11-09 | 北京京东尚科信息技术有限公司 | Software anti-crack method and system |
| CN107707678A (en) * | 2017-11-22 | 2018-02-16 | 上海斐讯数据通信技术有限公司 | A kind of router realizes the method and system of remote data transmission |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109766316A (en) * | 2018-12-18 | 2019-05-17 | 深圳壹账通智能科技有限公司 | File acquisition method, device, computer equipment and storage medium |
| CN109740306B (en) * | 2018-12-27 | 2021-03-16 | 苏州思必驰信息科技有限公司 | Method and device for authorizing application software based on mixed scheme |
| CN109740306A (en) * | 2018-12-27 | 2019-05-10 | 苏州思必驰信息科技有限公司 | The method and device that application software is authorized based on hybrid plan |
| CN110097448A (en) * | 2019-03-19 | 2019-08-06 | 平安普惠企业管理有限公司 | Channel side cut-in method, device, equipment and storage medium based on open platform |
| CN110233857A (en) * | 2019-06-28 | 2019-09-13 | 深圳开立生物医疗科技股份有限公司 | A kind of ultrasonic device authorization method, system, equipment and computer storage medium |
| CN110233857B (en) * | 2019-06-28 | 2022-04-15 | 深圳开立生物医疗科技股份有限公司 | Ultrasonic equipment authorization method, system, equipment and computer storage medium |
| CN110543448A (en) * | 2019-07-22 | 2019-12-06 | 深圳壹账通智能科技有限公司 | data synchronization method, device, equipment and computer readable storage medium |
| CN110610360A (en) * | 2019-09-09 | 2019-12-24 | 飞天诚信科技股份有限公司 | Hardware wallet binding authorization method and device |
| CN110610360B (en) * | 2019-09-09 | 2022-03-18 | 飞天诚信科技股份有限公司 | Hardware wallet binding authorization method and device |
| CN110851805A (en) * | 2019-10-14 | 2020-02-28 | 深圳市非零无限科技有限公司 | Method, system and readable storage medium for verifying user access authorization by SDK |
| CN110990073A (en) * | 2019-11-13 | 2020-04-10 | 北京城市网邻信息技术有限公司 | Method and device for verifying customization requirements of application program |
| CN110990073B (en) * | 2019-11-13 | 2023-09-29 | 北京城市网邻信息技术有限公司 | Method and device for verifying customization requirements of application program |
| CN111159657A (en) * | 2019-11-22 | 2020-05-15 | 深圳智链物联科技有限公司 | Application program authentication method and system |
| CN110990796B (en) * | 2019-11-26 | 2022-02-11 | 广州至真信息科技有限公司 | Application processing method and device, application server and storage medium |
| CN110990796A (en) * | 2019-11-26 | 2020-04-10 | 广州至真信息科技有限公司 | Application processing method and device, application server and storage medium |
| CN111125677A (en) * | 2019-12-24 | 2020-05-08 | 苏州思必驰信息科技有限公司 | Equipment authorization method and system |
| CN111666564A (en) * | 2020-05-14 | 2020-09-15 | 平安科技(深圳)有限公司 | Application program safe starting method and device, computer equipment and storage medium |
| CN111666564B (en) * | 2020-05-14 | 2024-02-02 | 平安科技(深圳)有限公司 | Application program safe starting method and device, computer equipment and storage medium |
| CN112200560A (en) * | 2020-09-30 | 2021-01-08 | 广东岭南通股份有限公司 | Virtual public transport one-card recharging method capable of being completed through single exchange |
| CN112887099A (en) * | 2021-01-11 | 2021-06-01 | 深圳市新国都支付技术有限公司 | Data signature method, electronic device and computer readable storage medium |
| CN112887099B (en) * | 2021-01-11 | 2023-05-16 | 深圳市新国都支付技术有限公司 | Data signing method, electronic device and computer readable storage medium |
| CN112910867B (en) * | 2021-01-21 | 2022-11-04 | 四三九九网络股份有限公司 | Double verification method for trusted equipment to access application |
| CN112910867A (en) * | 2021-01-21 | 2021-06-04 | 四三九九网络股份有限公司 | Double verification method for trusted equipment to access application |
| CN113538777A (en) * | 2021-06-25 | 2021-10-22 | 合肥美的智能科技有限公司 | Authorization method, intelligent container, server and computer storage medium |
| CN114036491A (en) * | 2021-11-25 | 2022-02-11 | 京东方科技集团股份有限公司 | Software management method, system and storage medium |
| CN114357386A (en) * | 2021-11-30 | 2022-04-15 | 北京旷视科技有限公司 | Software authorization method and device |
| CN114386075A (en) * | 2022-01-14 | 2022-04-22 | 建信金融科技有限责任公司 | Data transmission channel establishing method, data transmission device, data transmission equipment and medium |
| CN115017478A (en) * | 2022-04-21 | 2022-09-06 | 江苏康众汽配有限公司 | Method and system for safely controlling login of company background application |
| CN115037521A (en) * | 2022-05-11 | 2022-09-09 | 广州小马智卡科技有限公司 | Service data verification method, device, computer equipment and storage medium |
| CN115037521B (en) * | 2022-05-11 | 2024-02-02 | 广州小马智卡科技有限公司 | Service data verification method, device, computer equipment and storage medium |
| CN115859230A (en) * | 2023-02-27 | 2023-03-28 | 深圳市启明智显科技有限公司 | Authorization management system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108810894B (en) | 2023-08-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108810894A (en) | Authorization terminal method, apparatus, computer equipment and storage medium | |
| CN108898389B (en) | Content verification method and device based on block chain and electronic equipment | |
| CN103685138B (en) | The authentication method of the Android platform application software that mobile interchange is online and system | |
| US9871821B2 (en) | Securely operating a process using user-specific and device-specific security constraints | |
| EP3312756A1 (en) | Establishing cryptographic identity for an electronic device | |
| JP3753885B2 (en) | Host system elements of the international cryptosystem | |
| US7512802B2 (en) | Application authentication system, secure device, and terminal device | |
| US8417964B2 (en) | Software module management device and program | |
| CN110287654B (en) | Media client device authentication using hardware trust root | |
| CN105991287B (en) | A kind of generation of signed data and finger print identifying requesting method and device | |
| CN110011801A (en) | Remote certification method and device, the electronic equipment of trusted application | |
| AU2011318417B2 (en) | Application usage policy enforcement | |
| CN108845812A (en) | Update of plug-in method, apparatus, computer equipment and storage medium | |
| CN103051451A (en) | Encryption authentication of security service execution environment | |
| CN108200078B (en) | Downloading and installing method of signature authentication tool and terminal equipment | |
| CN108335105B (en) | Data processing method and related equipment | |
| CN109359977A (en) | Network communication method, device, computer equipment and storage medium | |
| KR20120080283A (en) | Otp certification device | |
| US20220327536A1 (en) | Account binding method and apparatus, computer device, and storage medium | |
| KR101504647B1 (en) | Portable mass storage with virtual machine activation | |
| Ahmad et al. | Enhancing the security of mobile applications by using TEE and (U) SIM | |
| CN111984936B (en) | Authorization distribution method, device, server and storage medium | |
| CN109150811A (en) | A kind of method and device that realizing credible session calculates equipment | |
| JP5781678B1 (en) | Electronic data utilization system, portable terminal device, and method in electronic data utilization system | |
| CN109460993A (en) | A kind of information processing method, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |