CN109274769A - A kind of method of File Transfer Protocol re-authentication - Google Patents
A kind of method of File Transfer Protocol re-authentication Download PDFInfo
- Publication number
- CN109274769A CN109274769A CN201811302107.6A CN201811302107A CN109274769A CN 109274769 A CN109274769 A CN 109274769A CN 201811302107 A CN201811302107 A CN 201811302107A CN 109274769 A CN109274769 A CN 109274769A
- Authority
- CN
- China
- Prior art keywords
- authentication
- resource
- user
- information
- transfer protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to a kind of methods of File Transfer Protocol re-authentication, a kind of method of File Transfer Protocol re-authentication is not necessarily to special resource administrator the account of typing resource, encrypted message, platform judges whether to need re-authentication according to typing resource information dynamic, and prompt user inputs re-authentication information during user uses client utility.The present invention reduces administrator's workload in special circumstances;Corresponding special confidential resources, increase re-authentication, increase information security on special resource;A possibility that reducing platform administrator leakage resource information.
Description
Technical field
The present invention relates to a kind of methods of re-authentication, more specifically to a kind of File Transfer Protocol re-authentication
Method.
Background technique
When user connects transfer by tool and services FTP/SFTP agreement, need to input the certification account of transfer service and close
Code.Required account and password when transfer service connects final resource, can only be serviced filling fixed value by transfer, or from configuration
Middle reading, and the corresponding account of final resource and password can not be inputted in real time by user again.Either filling fixed value, or from
It is read in configuration, requires the account and encrypted message of specifying or configure in advance the corresponding final resource of user by administrator.One
On the other hand aspect administrator's larger workload can not shield the possibility that information is revealed from administrator.
All users use identical final resource account, password.Platform can only control which user possesses which resource
Access right, but can not be controlled according to different user and possess different rights in resource, as long as all users have certain Taiwan investment source
Access right, identical operating right will be possessed, operate identical catalogue and file.Thus it is possible that different use
The case where family operates the same catalogue or file simultaneously loses so as to cause file or file content is incorrect.
Administrator shifts to an earlier date the multiple resource accounts of typing, encrypted message, and configures different user and correspond in resource using not
With account and password.Administrator need to mention the multiple resource accounts of typing in forward direction system and encrypted message, while also need for difference
User distributes corresponding different resource account, and administrator's workload is bigger.For certain special confidential resources, as long as administrator
Access right is distributed for user, user can directly use.Excessively trust administrator's operation, is unfavorable for letter in special circumstances
Breath protection.
Summary of the invention
The technical problem to be solved in the present invention is that for the defects in the prior art, providing a kind of File Transfer Protocol
The method of re-authentication in order to protect the information security in special resource solves that two can not be carried out when File Transfer Protocol forwarding
The problem of secondary certification.
The technical solution adopted by the present invention to solve the technical problems is: constructing a kind of File Transfer Protocol re-authentication
Method, account, encrypted message for special resource administrator without typing resource, platform are sentenced according to typing resource information dynamic
Disconnected whether to need re-authentication, prompt user inputs re-authentication information during user uses client utility.
In the method for File Transfer Protocol re-authentication of the present invention, the File Transfer Protocol re-authentication
Method flow are as follows:
When S1 administrator's typing resource information, the information such as resource type, I P address, serve port need only be filled in, resource
Account, password etc. are sky;
S2 administrator is that the user of access right is needed to distribute permission;
S3 user passes through client utility (such as Wi nSCP) threaded file transport protocol using information such as platform account number ciphers
Forwarding service;
S4 user checks the Resources list for oneself possessing permission, and selects resource;
S5 system prompts user to input the account and encrypted message of resource again by client utility, and uses this information
Connect final resource;
S6 user is really connected to corresponding resource by client utility, starts file transmission.
In the method for File Transfer Protocol re-authentication of the present invention, the platform is according to typing resource information
Dynamically judge whether to need re-authentication, prompt user inputs re-authentication information during user uses client utility.
The method for implementing a kind of File Transfer Protocol re-authentication of the invention, has the advantages that drop of the present invention
Low administrator's workload in special circumstances;Corresponding special confidential resources, increase re-authentication, increase information security on special resource
Property;A possibility that reducing platform administrator leakage resource information.
Detailed description of the invention
Present invention will be further explained below with reference to the attached drawings and examples, in attached drawing:
Fig. 1 is the method flow diagram of File Transfer Protocol re-authentication of the invention
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
As shown in Figure 1, the method flow of the File Transfer Protocol re-authentication are as follows:
When S1 administrator's typing resource information, the information such as resource type, I P address, serve port need only be filled in, resource
Account, password etc. are sky;
S2 administrator is that the user of access right is needed to distribute permission;
S3 user passes through client utility (such as Wi nSCP) threaded file transport protocol using information such as platform account number ciphers
Forwarding service;
S4 user checks the Resources list for oneself possessing permission, and selects resource;
S5 system prompts user to input the account and encrypted message of resource again by client utility, and uses this information
Connect final resource;
S6 user is really connected to corresponding resource by client utility, starts file transmission.
Further, the platform judges whether to need re-authentication according to typing resource information dynamic, makes in user
User is prompted to input re-authentication information with during client utility.
Although being disclosed by above embodiments to the present invention, scope of protection of the present invention is not limited thereto,
Under conditions of without departing from present inventive concept, deformation, the replacement etc. done to above each component will fall into right of the invention
In claimed range.
Claims (2)
1. a kind of method of File Transfer Protocol re-authentication, which is characterized in that the side of the File Transfer Protocol re-authentication
Method process are as follows:
S1 administrator's typing resource information;
S2 administrator is that the user of access right is needed to distribute permission;
S3 user passes through client utility (such as Wi nSCP) threaded file transport protocol forwarding clothes using platform account number cipher information
Business;
S4 user checks the Resources list for oneself possessing permission, and selects resource;
S5 system prompts user to input the account and encrypted message of resource again by client utility, and is connected using this information
Final resource;
S6 user is really connected to corresponding resource by client utility, starts file transmission.
2. the method for File Transfer Protocol re-authentication according to claim 1, which is characterized in that the platform according to
Typing resource information dynamic judges whether to need re-authentication, the prompt user input two during user uses client utility
Secondary authentication information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811302107.6A CN109274769A (en) | 2018-11-02 | 2018-11-02 | A kind of method of File Transfer Protocol re-authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811302107.6A CN109274769A (en) | 2018-11-02 | 2018-11-02 | A kind of method of File Transfer Protocol re-authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109274769A true CN109274769A (en) | 2019-01-25 |
Family
ID=65191216
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811302107.6A Pending CN109274769A (en) | 2018-11-02 | 2018-11-02 | A kind of method of File Transfer Protocol re-authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109274769A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114365451A (en) * | 2020-06-29 | 2022-04-15 | 微软技术许可有限责任公司 | Selective security enhancement in source controlled environments |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101989987A (en) * | 2010-11-05 | 2011-03-23 | 黄艺海 | Method for realizing transmission and tracking of encrypted files at the time of monitoring security terminal emulation protocol |
CN102035882A (en) * | 2010-11-29 | 2011-04-27 | 杭州思福迪信息技术有限公司 | FTP secondary logon system and method for transferring file and monitoring process |
CN102355480A (en) * | 2011-07-21 | 2012-02-15 | 中兴通讯股份有限公司 | File transmission method, system, client and server based on trivial file transfer protocol (TFTP) |
US8458780B1 (en) * | 2009-12-21 | 2013-06-04 | Emc Corporation | Pluggable login architecture and dynamic resource recognition |
CN105991613A (en) * | 2015-03-03 | 2016-10-05 | 北京神州泰岳信息安全技术有限公司 | Resource remote login method and system |
CN107172114A (en) * | 2016-03-08 | 2017-09-15 | 深圳市深信服电子科技有限公司 | Based on the method and proxy server that FTP resources are accessed in explicit proxy environment |
-
2018
- 2018-11-02 CN CN201811302107.6A patent/CN109274769A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8458780B1 (en) * | 2009-12-21 | 2013-06-04 | Emc Corporation | Pluggable login architecture and dynamic resource recognition |
CN101989987A (en) * | 2010-11-05 | 2011-03-23 | 黄艺海 | Method for realizing transmission and tracking of encrypted files at the time of monitoring security terminal emulation protocol |
CN102035882A (en) * | 2010-11-29 | 2011-04-27 | 杭州思福迪信息技术有限公司 | FTP secondary logon system and method for transferring file and monitoring process |
CN102355480A (en) * | 2011-07-21 | 2012-02-15 | 中兴通讯股份有限公司 | File transmission method, system, client and server based on trivial file transfer protocol (TFTP) |
CN105991613A (en) * | 2015-03-03 | 2016-10-05 | 北京神州泰岳信息安全技术有限公司 | Resource remote login method and system |
CN107172114A (en) * | 2016-03-08 | 2017-09-15 | 深圳市深信服电子科技有限公司 | Based on the method and proxy server that FTP resources are accessed in explicit proxy environment |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114365451A (en) * | 2020-06-29 | 2022-04-15 | 微软技术许可有限责任公司 | Selective security enhancement in source controlled environments |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7403020B2 (en) | System and method for second factor authentication of customer support calls | |
CA2771485C (en) | Authorized data access based on the rights of a user and a location | |
CN107026824A (en) | A kind of message encryption, decryption method and device | |
CN102209046A (en) | Network resource integration system and method | |
AU2007248903A1 (en) | Claim transformations for trust relationships | |
CN106161364A (en) | A kind of personal authentication's credential management method and system based on mobile terminal | |
CN110069909A (en) | It is a kind of to exempt from the close method and device for logging in third party system | |
Arias-Cabarcos et al. | Comparing password management software: toward usable and secure enterprise authentication | |
CN106888086A (en) | A kind of system and method for managing account number cipher | |
EP1517510B1 (en) | Moving principals across security boundaries without service interruptions | |
CN107846676A (en) | Safety communicating method and system based on network section security architecture | |
KR20230145009A (en) | Single sign on authentication method and system based on terminal using dynamic token generation agent | |
US10187360B2 (en) | Method, system, server, client, and application for sharing digital content between communication devices within an internet network | |
CN109274769A (en) | A kind of method of File Transfer Protocol re-authentication | |
CN106713228A (en) | Cloud platform key management method and system | |
CN105119916B (en) | A kind of authentication method and system based on http | |
CN103310138A (en) | Account managing device and a method thereof | |
Gao et al. | Scitokens ssh: Token-based authentication for remote login to scientific computing environments | |
US20200344224A1 (en) | User authentication system | |
US11611541B2 (en) | Secure method to replicate on-premise secrets in a cloud environment | |
CN111079109A (en) | Local security authorization login method and system compatible with multiple browsers | |
Small | Business and technical motivation for identity management | |
CN110098931A (en) | Data transmission method based on trusted " government and enterprises' connection connects " platform | |
Oogami et al. | Secure ID Transformation for Robust Pseudonymity against Backflow of Personal Information in SAML Federation | |
US20170366545A1 (en) | Sealed network external applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190125 |
|
RJ01 | Rejection of invention patent application after publication |