CN109842611A - Auth method, device, computer equipment and storage medium - Google Patents
Auth method, device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN109842611A CN109842611A CN201811532325.9A CN201811532325A CN109842611A CN 109842611 A CN109842611 A CN 109842611A CN 201811532325 A CN201811532325 A CN 201811532325A CN 109842611 A CN109842611 A CN 109842611A
- Authority
- CN
- China
- Prior art keywords
- service
- proof rule
- business
- information
- rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
This application involves a kind of auth method, device, computer equipment and storage mediums.The method is related to identity identifying technology, comprising: receives business request information, and extracts service identification information and user identity information from business request information;According to the user class of the type of service of business request information and user identity information, the first proof rule is determined;Each service propelling information in service identification information and preset service propelling table is subjected to service propelling matching;According to service propelling matching result, service propelling adjustment processing is carried out to the first proof rule, obtains the second proof rule;Authentication process is carried out according to the second proof rule, obtains authentication result.Authentication accuracy can be improved using this method.
Description
Technical field
This application involves field of computer technology, more particularly to a kind of auth method, device, computer equipment and
Storage medium.
Background technique
With the development of computer technology, various application programs emerge one after another, and can provide various business online
Service, such as Web conference, shopping online and other teleaction services etc..And corresponding clothes are provided by application program in operation system
It when business, needs to carry out verification verifying to the identity of terminal user, such as sign electronically, account password etc..However, current long-range body
Part verification mode, is easy to appear the problem of cheating by personation, limited to the authentication accuracy of terminal user.
Summary of the invention
Based on this, it is necessary in view of the above technical problems, provide a kind of identity that can be improved authentication accuracy and test
Demonstrate,prove method, apparatus, computer equipment and storage medium.
A kind of auth method, which comprises
Business request information is received, and extracts service identification information and user identity information from business request information;
According to the user class of the type of service of business request information and user identity information, the first proof rule is determined;
Each service propelling information in service identification information and preset service propelling table is subjected to service propelling matching;
According to service propelling matching result, service propelling adjustment processing is carried out to the first proof rule, obtains the second verifying
Rule;
Authentication process is carried out according to the second proof rule, obtains authentication result.
In one of the embodiments, according to the user class of the type of service of business request information and user identity information
Not, determine that the first proof rule includes:
The type of service of business request information is determined according to service identification information;
Inquire preset business proof rule table;
The corresponding business proof rule of type of service is determined according to business proof rule table;
According to the user class of user identity information more new business proof rule, the first proof rule is obtained.
In one of the embodiments, according to the user class of user identity information more new business proof rule, is obtained
One proof rule includes:
Inquire preset user identity rank table;
The corresponding user class of user identity information is determined according to user identity rank table;
Determine the corresponding user class verifying demand of user class;
The first proof rule for meeting user class verifying demand is extracted from business proof rule.
Believe in one of the embodiments, by each service propelling in service identification information and preset service propelling table
Breath carries out before service propelling matching, further includes:
Obtain the history service data of user identity information;
Business demand analysis is carried out to history service data, obtains business demand analysis result;
Result, which is analyzed, according to business demand generates service propelling table.
In one of the embodiments, according to service propelling matching result, service propelling tune is carried out to the first proof rule
Whole processing, obtaining the second proof rule includes:
Obtain service propelling matching result;
Preset push verifying demand corresponding with service propelling matching result is inquired, push verifying demand includes proof rule
Type demand and proof rule requirements of combination;
The type requirements verification rule for meeting proof rule type demand is extracted from the first proof rule;
Type requirements verification rule is combined according to proof rule requirements of combination, obtains the second proof rule.
Authentication process is carried out according to the second proof rule in one of the embodiments, obtains authentication result
Include:
Certificate message is generated according to the second proof rule, and it is corresponding to business request information to issue certificate message
Terminal;
The certificate data that terminal returns is received, certificate data is verified by terminal according to certificate message
Data collect;
Certificate data and preset identity reference data are subjected to data verification, obtain authentication result.
In one of the embodiments, after obtaining authentication result, further includes:
When authentication result is identity exception, authentication unexpected message is generated;
Issue authentication unexpected message.
A kind of authentication means, described device include:
Service request receiving module for receiving business request information, and extracts service identification from business request information
Information and user identity information;
First proof rule module, for according to the type of service of business request information and the user class of user identity information
Not, the first proof rule is determined;
Service propelling matching module, for believing each service propelling in service identification information and preset service propelling table
Breath carries out service propelling matching;
Second proof rule module, for carrying out service propelling to the first proof rule according to service propelling matching result
Adjustment processing, obtains the second proof rule;
Authentication process module obtains authentication knot for carrying out authentication process according to the second proof rule
Fruit.
A kind of computer equipment, including memory and processor, the memory are stored with computer program, the processing
Device performs the steps of when executing the computer program
Business request information is received, and extracts service identification information and user identity information from business request information;
According to the user class of the type of service of business request information and user identity information, the first proof rule is determined;
Each service propelling information in service identification information and preset service propelling table is subjected to service propelling matching;
According to service propelling matching result, service propelling adjustment processing is carried out to the first proof rule, obtains the second verifying
Rule;
Authentication process is carried out according to the second proof rule, obtains authentication result.
A kind of computer readable storage medium, is stored thereon with computer program, and the computer program is held by processor
It is performed the steps of when row
Business request information is received, and extracts service identification information and user identity information from business request information;
According to the user class of the type of service of business request information and user identity information, the first proof rule is determined;
Each service propelling information in service identification information and preset service propelling table is subjected to service propelling matching;
According to service propelling matching result, service propelling adjustment processing is carried out to the first proof rule, obtains the second verifying
Rule;
Authentication process is carried out according to the second proof rule, obtains authentication result.
Above-mentioned auth method, device, computer equipment and storage medium, according to the business request information received
Type of service and user class determine the first proof rule, and according in service identification information and preset service propelling table
The service propelling matching result of each service propelling information obtains the second proof rule after adjusting the first proof rule, further according to the
Two proof rules carry out authentication process, obtain authentication result.During authentication process, by combining industry
Be engaged in the type of service of request message, user identity information user class, and by service identification information and service propelling information
Service propelling matching result determine proof rule carry out authentication, proof rule it is with strong points, improve identity and test
Demonstrate,prove accuracy.
Detailed description of the invention
Fig. 1 is the application scenario diagram of auth method in one embodiment;
Fig. 2 is the flow diagram of auth method in one embodiment;
Fig. 3 is the flow diagram that service propelling table generates in one embodiment;
Fig. 4 is the flow diagram of auth method in another embodiment;
Fig. 5 is the structural block diagram of authentication means in one embodiment;
Fig. 6 is the internal structure chart of computer equipment in one embodiment.
Specific embodiment
It is with reference to the accompanying drawings and embodiments, right in order to which the objects, technical solutions and advantages of the application are more clearly understood
The application is further elaborated.It should be appreciated that specific embodiment described herein is only used to explain the application, not
For limiting the application.
Auth method provided by the present application can be applied in application environment as shown in Figure 1.Wherein, terminal 102
It is communicated with server 104 by network by network.Terminal 102 sends business request information to server 104, with request
Related service service, server 104 determine that first tests according to the type of service and user class of the business request information received
Card rule, and knot is matched with the service propelling of each service propelling information in preset service propelling table according to service identification information
Fruit obtains the second proof rule after adjusting the first proof rule, carries out authentication process further according to the second proof rule, obtains
Authentication result.Wherein, it is various personal computers that terminal 102, which can be, but not limited to, laptop, smart phone, is put down
Plate computer and portable wearable device, server 104 can use the clothes of the either multiple server compositions of independent server
Device cluster be engaged in realize.
In one embodiment, as shown in Fig. 2, providing a kind of auth method, it is applied in Fig. 1 in this way
It is illustrated for server 104, comprising the following steps:
Step S201: receiving business request information, and service identification information and user's mark are extracted from business request information
Know information.
Terminal 102 sends business request information to server 104, to request corresponding business service.Server 104 receives
To business request information, service identification information and user identity information are extracted from the business request information.Wherein, service identification
The information requested business service classification of terminal 102 for identification can specifically include the business letters such as Business Name, business number
Breath;User identity information can specifically include name, ID card No., phone number, business account for distinguishing each service-user
Family ID etc. can unique identification service-user identity information.
Step S203: according to the user class of the type of service of business request information and user identity information, first is determined
Proof rule.
Different authentication rules can be equipped with for different types of service, such as safety, confidentiality requirement
The requirement of high type of service, authentication rule can also be higher.Difference can also be equipped with for different service-users
Authentication rule, such as general service subscriber and important service user, different authentication rules can be set.
In the present embodiment, in the type of service for after obtaining user identity information in business request information, determining business request information, with
And the corresponding user class of user identity information, and the first proof rule is determined according to the type of service and user class.Wherein,
First proof rule can include but is not limited to various verification modes, as static password, dynamic password, digital certificate and biology are special
Sign identification etc., and for the combined authentication demand of various verification modes, as static password and the successive combination of dynamic password are tested
Card demand.
Step S205: service identification information is subjected to business with each service propelling information in preset service propelling table and is pushed away
Send matching.
Wherein, service propelling table records the various businesses pushed information for having the user identity information to correspond to service-user, industry
Business push table can carry out big data analysis according to the history service data of service-user and obtain.It, will be from business in the present embodiment
Each service propelling information in service identification information and service propelling table extracted in request message carries out service propelling matching.?
When specific implementation, the Business Name of each service propelling information, business in service identification information and service propelling table can be numbered
Etc. business information matched, to judge whether the corresponding type of service of service identification information is located according to service propelling matching result
It is adjusted accordingly in service propelling table, and to the first verification result, such as when industry in the business request information that terminal is sent
Business identification information and each service propelling information gap in service propelling table are larger, then can reinforce the intensity of authentication, such as
The complexity for increasing authentication obtains suitable authentication rule, to improve the accuracy of authentication.
Step S207: according to service propelling matching result, service propelling adjustment processing is carried out to the first proof rule, is obtained
Second proof rule.
After obtaining service propelling matching result, business is carried out to the first proof rule according to the service propelling matching result and is pushed away
It send adjustment to handle, further proof rule screening is such as carried out to the first proof rule according to service propelling matching result, from the
It is chosen in one proof rule and obtains the second proof rule.In addition it is also possible to the combination to each verification mode in the first proof rule
Demand is adjusted, and obtains the second proof rule.
Step S209: authentication process is carried out according to the second proof rule, obtains authentication result.
After obtaining the second proof rule, authentication process is carried out to terminal according to second proof rule.For example, when the
When two proof rules are static password+fingerprint recognition, the static password data and finger print data of terminal, and root can be successively obtained
Authentication process is carried out according to static password data and finger print data are comprehensive, obtains authentication result.In addition, working as authentication
As a result when normal for identity, business request information is responded, carries out corresponding business processing according to the business request information.
In above-mentioned auth method, according to the type of service and user class of the business request information received, determine
First proof rule, and according to the service propelling of each service propelling information in service identification information and preset service propelling table
Matching result obtains the second proof rule after adjusting the first proof rule, carries out at authentication further according to the second proof rule
Reason, obtains authentication result.During authentication process, by combining the type of service of business request information, using
The user class of family identification information, and determined by the service propelling matching result of service identification information and service propelling information
Proof rule carry out authentication, proof rule it is with strong points, improve authentication accuracy.
In one embodiment, according to the user class of the type of service of business request information and user identity information, really
Fixed first proof rule includes: the type of service that business request information is determined according to service identification information;Inquire preset business
Proof rule table;The corresponding business proof rule of type of service is determined according to business proof rule table;According to user identity information
User class more new business proof rule, obtain the first proof rule.
In the present embodiment, the user class of the type of service and user identity information of the first proof rule and business request information
It is not related.Specifically, the type of service of business request information is determined according to service identification information, can such as inquire preset business
Type list inquires corresponding type of service, the as industry of business request information according to service identification information from type of service table
Service type.Preset business proof rule table is inquired, business proof rule table record has the corresponding business of various businesses type to test
Card rule, business proof rule may include various authentication modes and corresponding verification mode requirements of combination, according to business
The type of service of request message inquires corresponding business proof rule from business proof rule table.Obtain business proof rule
Afterwards, according to the user class of user identity information, the business proof rule is updated from business user perspective, obtains the first verifying rule
Then.The first obtained proof rule combines the type of service of business request information and the user class of user identity information, point
Proof rule is not carried out from type of service angle and service-user angle to determine, can be improved the accuracy of authentication.
In one embodiment, it according to the user class of user identity information more new business proof rule, obtains first and tests
Card rule includes: the preset user identity rank table of inquiry;Determine that user identity information is corresponding according to user identity rank table
User class;Determine the corresponding user class verifying demand of user class;It is extracted from business proof rule and meets user class
First proof rule of verifying demand.
When being updated processing to obtained business proof rule according to the user class of user identity information, inquiry is pre-
If user identity rank table, user identity rank table records the corresponding user class of each user identity information, according to from business
The user identity information extracted in request message inquires corresponding user class from user identity rank table.It further determines that
The corresponding user class of user class verifies demand, and user class verifying demand can be configured according to practical application request,
As by user class be divided into it is high, high, in, and low five ranks, with the reduction of user class, user class verifying
Demand also reduces.Preset user class demand schedule can be specifically inquired, it is true from the user class demand schedule according to user class
Fixed corresponding user class verifies demand.After determining user class verifying demand, according to user class verifying demand to working
Business proof rule is screened, and the first proof rule for meeting user class verifying demand is obtained.
First proof rule may include various authentication modes, such as static password, dynamic password, digital certificate, life
Object feature identification etc., wherein living things feature recognition includes vocal print, fingerprint, palm shape, retina, iris, human scent, shape of face, hand
Blood vessel and the behavioural characteristics such as physical traits and signature, voice, walking step state such as DNA.
In one embodiment, as shown in figure 3, by each business in service identification information and preset service propelling table
Before pushed information carries out service propelling matching, further include the steps that service propelling table generates:
Step S301: the history service data of user identity information are obtained.
In the present embodiment, service propelling table carries out big data analysis according to the history service data of service-user and obtains,
Record the various businesses pushed information for thering is the user identity information to correspond to service-user.Specifically, the service propelling table is being generated
When, obtain the corresponding history service data of user identity information.History service data reflect user identity information and correspond to business
The historical requests business service in operation system of user, can be to the type of service of service-user according to the history service data
Selection is predicted.In specific application the corresponding history service number of the user identity information can be inquired from operation system
According to, including history service time, history service type, history service air control data and history service execution data etc..
Step S303: carrying out business demand analysis to history service data, obtains business demand analysis result.
Wherein, business demand analysis can unite according to type of service, corresponding business service time and business number
Type of service each in history service data, is such as ranked up according to business service time and business number, obtains industry by meter analysis
Business demand analysis result.Generally, long for history service service time in the history service data and business of business often
A possibility that type, the corresponding service-user of user identity information requests the business service of the type of service again, is maximum, with this
Service propelling table can be generated and carry out service propelling, to improve the specific aim of service propelling.
Step S305: result is analyzed according to business demand and generates service propelling table.
After obtaining business demand analysis result, result is analyzed according to the business demand and generates service propelling table.Specifically, industry
Demand analysis result of being engaged in may include the corresponding probability of demand of each type of service, which reflects service-user to correspondence
The desirability of type of service, probability of demand is higher, and demand of the surface service-user to corresponding type of service is bigger, service-user
It is more possible to select the business service of the type of service.When generating service propelling table, generated according to each type of service corresponding
Service propelling information, and each service propelling information is ranked up by the sequence of probability from high to low as desired.
In the present embodiment, the business demand that business demand is analyzed is carried out according to the history service data to service-user
Analysis keeps each service propelling information in service propelling table with strong points, pushes away using the business as a result, generation service propelling table
It send table to carry out traffic forecast verifying, i.e., carries out service identification information with each service propelling information in corresponding service propelling table
Service propelling matching, and matched according to service propelling and carry out service propelling adjustment, suitable authentication rule is obtained, to improve
The accuracy of authentication.
In one embodiment, according to service propelling matching result, the first proof rule is carried out at service propelling adjustment
Reason, obtaining the second proof rule includes: to obtain service propelling matching result;It inquires corresponding with service propelling matching result preset
Verifying demand is pushed, push verifying demand includes proof rule type demand and proof rule requirements of combination;From the first verifying rule
The type requirements verification rule for meeting proof rule type demand is extracted in then;According to proof rule requirements of combination by type demand
Proof rule is combined, and obtains the second proof rule.
Service propelling adjustment processing can be carried out to the first obtained proof rule according to service propelling matching result.Specifically
Ground obtains service propelling matching result, inquires the service propelling matching result and correspond to preset push verifying demand.Wherein, it pushes away
It send verifying demand that can be set according to practical business requirement, can such as be drawn according to the matching degree of service propelling matching result
The push of corresponding level is divided to verify demand, matching degree is higher, and push verifying demand is lower.Pushing verifying demand may include testing
Rule type demand and proof rule requirements of combination are demonstrate,proved, proof rule type demand is the restriction to verification mode, is such as limited to
It must have living things feature recognition;Proof rule requirements of combination is the restriction to verifying sequence between each verification mode, such as ancestor
Static password is verified again for face identification, or first dynamic password verification carries out fingerprint recognition etc. again.
After being verified rule type demand, according to the proof rule type demand to each authentication of the first proof rule
Formula is screened, and the type requirements verification rule for meeting sufficient proof rule type demand is retained.The type that screening is obtained again needs
It asks proof rule to be combined according to proof rule requirements of combination, obtains the second proof rule, the second proof rule is according to industry
Business push matching result obtains after carrying out service propelling adjustment processing to the first proof rule.
In one embodiment, authentication process is carried out according to the second proof rule, obtaining authentication result includes:
Certificate message is generated according to the second proof rule, and issues certificate message to the corresponding terminal of business request information;
The certificate data that terminal returns is received, certificate data carries out verify data acquisition according to certificate message by terminal
It obtains;Certificate data and preset identity reference data are subjected to data verification, obtain authentication result.
After obtaining the second proof rule, authentication process is carried out to terminal according to second proof rule.Specifically, root
Certificate message is generated according to the second proof rule, and the certificate message is issued to terminal, certificate message is used for
Instruction terminal carries out verify data acquisition, obtains and returns to certificate data.Server 104 receives the identity that terminal returns and tests
Data are demonstrate,proved, preset identity reference data is inquired, which is the identification criteria data that service-user is reserved, such as pre-
DNA information, finger print data, password and voice data for staying etc..Certificate data and preset identity reference data are carried out
Data verification obtains authentication result.Pass through if certificate data carries out data verification result with identity reference data,
Authentication result is also that identity is normal, and otherwise authentication result is that identity is abnormal.
In one embodiment, after obtaining authentication result, further includes: when authentication result is that identity is abnormal
When, generate authentication unexpected message;Issue authentication unexpected message.
After obtaining authentication result, if authentication result is that identity is abnormal, show the operator of present terminal not
It is service-user itself, does not pass through for illegal operation or authentication, generates authentication unexpected message at this time and will be under it
It is sent to terminal, re-starts authentication after stopping service request or adjustment with prompt terminal.
In one embodiment, as shown in figure 4, providing a kind of auth method, comprising:
Step S401: receiving business request information, and service identification information and user's mark are extracted from business request information
Know information.
Terminal 102 sends business request information to server 104, to request corresponding business service.Server 104 receives
To business request information, service identification information and user identity information are extracted from the business request information.Wherein, including business
Title and business number, user identity information includes name and account working ID.
Step S402: the type of service of business request information is determined according to service identification information;
Step S403: preset business proof rule table is inquired;
Step S404: the corresponding business proof rule of type of service is determined according to business proof rule table;
Step S405: preset user identity rank table is inquired;
Step S406: the corresponding user class of user identity information is determined according to user identity rank table;
Step S407: the corresponding user class verifying demand of user class is determined;
Step S408: the first proof rule for meeting user class verifying demand is extracted from business proof rule.
In the present embodiment, the user class of the type of service and user identity information of the first proof rule and business request information
It is not related.When being updated processing to obtained business proof rule according to the user class of user identity information, inquiry is pre-
If user identity rank table, user identity rank table records the corresponding user class of each user identity information, according to from business
The user identity information extracted in request message inquires corresponding user class from user identity rank table.First verifying rule
It then include various authentication modes: static password, dynamic password, digital certificate, living things feature recognition etc., wherein biological characteristic
Identification includes the behavioural characteristics such as physical traits and signature, voice such as fingerprint, palm shape, retina, iris, shape of face.
Step S409: service identification information is subjected to business with each service propelling information in preset service propelling table and is pushed away
Send matching;
Step S410: service propelling matching result is obtained;
Step S411: inquiry preset push verifying demand corresponding with service propelling matching result pushes verifying demand packet
Include proof rule type demand and proof rule requirements of combination;
Step S412: the type requirements verification rule for meeting proof rule type demand is extracted from the first proof rule;
Step S413: type requirements verification rule is combined according to proof rule requirements of combination, obtains the second verifying
Rule.
In the present embodiment, the various businesses push that service propelling table record has the user identity information to correspond to service-user is believed
Breath, by the business information such as the Business Name of each service propelling information, business number in service identification information and service propelling table into
Row matching, to judge whether the corresponding type of service of service identification information is in service propelling table according to service propelling matching result
In, and the first verification result is adjusted accordingly.
Step S414: authentication process is carried out according to the second proof rule, obtains authentication result;
Step S415: when authentication result is identity exception, authentication unexpected message is generated;
Step S416: authentication unexpected message is issued.
After obtaining the second proof rule, authentication process is carried out to terminal according to second proof rule.Specifically, body
Part verification processing includes: to generate certificate message according to the second proof rule, and issue certificate message to service request
The corresponding terminal of message;The certificate data that terminal returns is received, certificate data is by terminal according to certificate message
Verify data is carried out to collect;Certificate data and preset identity reference data are subjected to data verification, obtain identity
Verification result.
If authentication result is that identity is abnormal, show that the operator of present terminal is not service-user itself, is non-
Method operation or authentication do not pass through, generate authentication unexpected message at this time and are issued to terminal, with prompt terminal
Authentication is re-started after stopping service request or adjustment.When authentication result is that identity is normal, service request is responded
Message carries out corresponding business processing according to the business request information.
It should be understood that although each step in the flow chart of Fig. 2-4 is successively shown according to the instruction of arrow,
These steps are not that the inevitable sequence according to arrow instruction successively executes.Unless expressly stating otherwise herein, these steps
Execution there is no stringent sequences to limit, these steps can execute in other order.Moreover, at least one in Fig. 2-4
Part steps may include that perhaps these sub-steps of multiple stages or stage are not necessarily in synchronization to multiple sub-steps
Completion is executed, but can be executed at different times, the execution sequence in these sub-steps or stage is also not necessarily successively
It carries out, but can be at least part of the sub-step or stage of other steps or other steps in turn or alternately
It executes.
In one embodiment, as shown in figure 5, providing a kind of authentication means, comprising: service request receiving module
501, the first proof rule module 503, service propelling matching module 505, the second proof rule module 507 and authentication process
Module 509, in which:
Service request receiving module 501 for receiving business request information, and extracts business mark from business request information
Know information and user identity information;
First proof rule module 503, for according to the type of service of business request information and the use of user identity information
Family rank determines the first proof rule;
Service propelling matching module 505, for pushing away service identification information and each business in preset service propelling table
Breath of delivering letters carries out service propelling matching;
Second proof rule module 507, for carrying out business to the first proof rule and pushing away according to service propelling matching result
It send adjustment to handle, obtains the second proof rule;
Authentication process module 509 obtains authentication for carrying out authentication process according to the second proof rule
As a result.
In one embodiment, the first proof rule module 503 includes type of service unit, business rule table unit, industry
Business rule determination unit and the first proof rule unit, in which: type of service unit, for determining industry according to service identification information
The type of service of business request message;Business rule table unit, for inquiring preset business proof rule table;Business rule determines
Unit, for determining the corresponding business proof rule of type of service according to business proof rule table;First proof rule unit is used
According to the user class of user identity information more new business proof rule, the first proof rule is obtained.
In one embodiment, the first proof rule unit includes that rank table subelement, user class subelement, user test
Card demand subelement and the first proof rule subelement, in which: rank table subelement, for inquiring preset user identity rank
Table;User class subelement, for determining the corresponding user class of user identity information according to user identity rank table;User tests
Card demand subelement, for determining the corresponding user class verifying demand of user class;First proof rule subelement, for from
The first proof rule for meeting user class verifying demand is extracted in business proof rule.
It in one embodiment, further include that historical data obtains module, business demand module and service propelling table module,
In: historical data obtains module, for obtaining the history service data of user identity information;Business demand module, for going through
History business datum carries out business demand analysis, obtains business demand analysis result;Service propelling table module, for according to business need
Analysis result is asked to generate service propelling table.
In one embodiment, the second proof rule module 507 includes matching result unit, verifying requirement unit, type
Demand processing unit and the second proof rule unit, in which: matching result unit, for obtaining service propelling matching result;It tests
Requirement unit is demonstrate,proved, for inquiring preset push verifying demand corresponding with service propelling matching result, push verifying demand includes
Proof rule type demand and proof rule requirements of combination;Type demand processing unit, for being extracted from the first proof rule
Meet the type requirements verification rule of proof rule type demand;Second proof rule unit, for being combined according to proof rule
Type requirements verification rule is combined by demand, obtains the second proof rule.
In one embodiment, authentication process module 509 includes verifying message issuance unit, verify data reception list
Member and verification processing unit, in which: verifying message issuance unit, for generating certificate message according to the second proof rule,
And certificate message is issued to the corresponding terminal of business request information;Verify data receiving unit is returned for receiving terminal
Certificate data, certificate data by terminal according to certificate message carry out verify data collect;At verifying
Unit is managed, for certificate data and preset identity reference data to be carried out data verification, obtains authentication result.
It in one embodiment, further include that unexpected message generation module and unexpected message issue module, in which: unexpected message
Generation module, for generating authentication unexpected message when authentication result is identity exception;Unexpected message issues mould
Block, for issuing authentication unexpected message.
Specific about authentication means limits the restriction that may refer to above for auth method, herein not
It repeats again.Modules in above-mentioned authentication means can be realized fully or partially through software, hardware and combinations thereof.On
Stating each module can be embedded in the form of hardware or independently of in the processor in computer equipment, can also store in a software form
In memory in computer equipment, the corresponding operation of the above modules is executed in order to which processor calls.
In one embodiment, a kind of computer equipment is provided, which can be server, internal junction
Composition can be as shown in Figure 6.The computer equipment includes processor, memory and the network interface connected by system bus.
Wherein, the processor of the computer equipment is for providing calculating and control ability.The memory of the computer equipment includes non-easy
The property lost storage medium, built-in storage.The non-volatile memory medium is stored with operating system and computer program.The built-in storage
Operation for operating system and computer program in non-volatile memory medium provides environment.The network of the computer equipment connects
Mouth with external terminal by network connection for being communicated.To realize that a kind of identity is tested when the computer program is executed by processor
Card method.
It will be understood by those skilled in the art that structure shown in Fig. 6, only part relevant to application scheme is tied
The block diagram of structure does not constitute the restriction for the computer equipment being applied thereon to application scheme, specific computer equipment
It may include perhaps combining certain components or with different component layouts than more or fewer components as shown in the figure.
In one embodiment, a kind of computer equipment, including memory and processor are provided, which is stored with
Computer program, the processor perform the steps of when executing computer program
Business request information is received, and extracts service identification information and user identity information from business request information;
According to the user class of the type of service of business request information and user identity information, the first proof rule is determined;
Each service propelling information in service identification information and preset service propelling table is subjected to service propelling matching;
According to service propelling matching result, service propelling adjustment processing is carried out to the first proof rule, obtains the second verifying
Rule;
Authentication process is carried out according to the second proof rule, obtains authentication result.
In one embodiment, it also performs the steps of when processor executes computer program according to service identification information
Determine the type of service of business request information;Inquire preset business proof rule table;Industry is determined according to business proof rule table
The corresponding business proof rule of service type;According to the user class of user identity information more new business proof rule, first is obtained
Proof rule.
In one embodiment, inquiry preset user's body is also performed the steps of when processor executes computer program
Part rank table;The corresponding user class of user identity information is determined according to user identity rank table;Determine that user class is corresponding
User class verifies demand;The first proof rule for meeting user class verifying demand is extracted from business proof rule.
In one embodiment, acquisition user identity information is also performed the steps of when processor executes computer program
History service data;Business demand analysis is carried out to history service data, obtains business demand analysis result;According to business need
Analysis result is asked to generate service propelling table.
In one embodiment, it is also performed the steps of when processor executes computer program and obtains service propelling matching
As a result;Preset push verifying demand corresponding with service propelling matching result is inquired, push verifying demand includes proof rule class
Type demand and proof rule requirements of combination;The type demand that extraction meets proof rule type demand from the first proof rule is tested
Card rule;Type requirements verification rule is combined according to proof rule requirements of combination, obtains the second proof rule.
In one embodiment, it also performs the steps of when processor executes computer program according to the second proof rule
Certificate message is generated, and issues certificate message to the corresponding terminal of business request information;Receive the body that terminal returns
Part verify data, certificate data carry out verify data according to certificate message by terminal and collect;By authentication
Data and preset identity reference data carry out data verification, obtain authentication result.
In one embodiment, it also performs the steps of when processor executes computer program when authentication result is
When identity exception, authentication unexpected message is generated;Issue authentication unexpected message.
In one embodiment, a kind of computer readable storage medium is provided, computer program is stored thereon with, is calculated
Machine program performs the steps of when being executed by processor
Business request information is received, and extracts service identification information and user identity information from business request information;
According to the user class of the type of service of business request information and user identity information, the first proof rule is determined;
Each service propelling information in service identification information and preset service propelling table is subjected to service propelling matching;
According to service propelling matching result, service propelling adjustment processing is carried out to the first proof rule, obtains the second verifying
Rule;
Authentication process is carried out according to the second proof rule, obtains authentication result.
In one embodiment, it also performs the steps of when computer program is executed by processor and is believed according to service identification
Cease the type of service for determining business request information;Inquire preset business proof rule table;It is determined according to business proof rule table
The corresponding business proof rule of type of service;According to the user class of user identity information more new business proof rule, is obtained
One proof rule.
In one embodiment, inquiry preset user is also performed the steps of when computer program is executed by processor
Level of identity table;The corresponding user class of user identity information is determined according to user identity rank table;Determine that user class is corresponding
User class verify demand;The first proof rule for meeting user class verifying demand is extracted from business proof rule.
In one embodiment, it is also performed the steps of when computer program is executed by processor and obtains user identifier letter
The history service data of breath;Business demand analysis is carried out to history service data, obtains business demand analysis result;According to business
Demand analysis result generates service propelling table.
In one embodiment, it is also performed the steps of when computer program is executed by processor and obtains service propelling
With result;Preset push verifying demand corresponding with service propelling matching result is inquired, push verifying demand includes proof rule
Type demand and proof rule requirements of combination;The type demand for meeting proof rule type demand is extracted from the first proof rule
Proof rule;Type requirements verification rule is combined according to proof rule requirements of combination, obtains the second proof rule.
In one embodiment, it is also performed the steps of when computer program is executed by processor according to the second verifying rule
Certificate message is then generated, and issues certificate message to the corresponding terminal of business request information;Receive what terminal returned
Certificate data, certificate data carry out verify data according to certificate message by terminal and collect;Identity is tested
It demonstrate,proves data and preset identity reference data carries out data verification, obtain authentication result.
In one embodiment, it also performs the steps of when computer program is executed by processor when authentication result
When for identity exception, authentication unexpected message is generated;Issue authentication unexpected message.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the computer program can be stored in a non-volatile computer
In read/write memory medium, the computer program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein,
To any reference of memory, storage, database or other media used in each embodiment provided herein,
Including non-volatile and/or volatile memory.Nonvolatile memory may include read-only memory (ROM), programming ROM
(PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM) or flash memory.Volatile memory may include
Random access memory (RAM) or external cache.By way of illustration and not limitation, RAM is available in many forms,
Such as static state RAM (SRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate sdram (DDRSDRAM), enhancing
Type SDRAM (ESDRAM), synchronization link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM
(RDRAM), direct memory bus dynamic ram (DRDRAM) and memory bus dynamic ram (RDRAM) etc..
Each technical characteristic of above embodiments can be combined arbitrarily, for simplicity of description, not to above-described embodiment
In each technical characteristic it is all possible combination be all described, as long as however, the combination of these technical characteristics be not present lance
Shield all should be considered as described in this specification.
The several embodiments of the application above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously
It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art
It says, without departing from the concept of this application, various modifications and improvements can be made, these belong to the protection of the application
Range.Therefore, the scope of protection shall be subject to the appended claims for the application patent.
Claims (10)
1. a kind of auth method, which comprises
Business request information is received, and extracts service identification information and user identity information from the business request information;
According to the user class of the type of service of the business request information and the user identity information, determine that the first verifying is advised
Then;
Each service propelling information in the service identification information and preset service propelling table is subjected to service propelling matching;
According to service propelling matching result, service propelling adjustment processing is carried out to first proof rule, obtains the second verifying
Rule;
Authentication process is carried out according to second proof rule, obtains authentication result.
2. the method according to claim 1, wherein the type of service according to the business request information and
The user class of the user identity information determines that the first proof rule includes:
The type of service of the business request information is determined according to the service identification information;
Inquire preset business proof rule table;
The corresponding business proof rule of the type of service is determined according to the business proof rule table;
The business proof rule is updated according to the user class of the user identity information, obtains the first proof rule.
3. according to the method described in claim 2, it is characterized in that, updating institute according to the user class of the user identity information
Business proof rule is stated, obtaining the first proof rule includes:
Inquire preset user identity rank table;
The corresponding user class of the user identity information is determined according to the user identity rank table;
Determine the corresponding user class verifying demand of the user class;
First proof rule for meeting the user class verifying demand is extracted from the business proof rule.
4. the method according to claim 1, wherein described by the service identification information and preset business
Each service propelling information in push table carries out before service propelling matching, further includes:
Obtain the history service data of the user identity information;
Business demand analysis is carried out to the history service data, obtains business demand analysis result;
Result, which is analyzed, according to the business demand generates the service propelling table.
5. the method according to claim 1, wherein described according to service propelling matching result, to described first
Proof rule carries out service propelling adjustment processing, and obtaining the second proof rule includes:
Obtain service propelling matching result;
Preset push verifying demand corresponding with the service propelling matching result is inquired, the push verifying demand includes verifying
Rule type demand and proof rule requirements of combination;
The type requirements verification rule for meeting the proof rule type demand is extracted from first proof rule;
The type requirements verification rule is combined according to the proof rule requirements of combination, obtains the second proof rule.
6. the method according to claim 1, wherein described carry out authentication according to second proof rule
Processing, obtaining authentication result includes:
Certificate message is generated according to second proof rule, and issues the certificate message to the service request
The corresponding terminal of message;
The certificate data that the terminal returns is received, the certificate data is by the terminal according to the authentication
Message carries out verify data and collects;
The certificate data and preset identity reference data are subjected to data verification, obtain authentication result.
7. method described in -6 any one according to claim 1, which is characterized in that after obtaining authentication result, also
Include:
When the authentication result is identity exception, authentication unexpected message is generated;
Issue the authentication unexpected message.
8. a kind of authentication means, which is characterized in that described device includes:
Service request receiving module extracts service identification for receiving business request information, and from the business request information
Information and user identity information;
First proof rule module, for according to the type of service of the business request information and the use of the user identity information
Family rank determines the first proof rule;
Service propelling matching module, for believing each service propelling in the service identification information and preset service propelling table
Breath carries out service propelling matching;
Second proof rule module, for carrying out service propelling to first proof rule according to service propelling matching result
Adjustment processing, obtains the second proof rule;
Authentication process module obtains authentication knot for carrying out authentication process according to second proof rule
Fruit.
9. a kind of computer equipment, including memory and processor, the memory are stored with computer program, feature exists
In the step of processor realizes any one of claims 1 to 7 the method when executing the computer program.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program
The step of method described in any one of claims 1 to 7 is realized when being executed by processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811532325.9A CN109842611B (en) | 2018-12-14 | 2018-12-14 | Identity authentication method, identity authentication device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811532325.9A CN109842611B (en) | 2018-12-14 | 2018-12-14 | Identity authentication method, identity authentication device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109842611A true CN109842611A (en) | 2019-06-04 |
| CN109842611B CN109842611B (en) | 2023-04-18 |
Family
ID=66883286
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811532325.9A Active CN109842611B (en) | 2018-12-14 | 2018-12-14 | Identity authentication method, identity authentication device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109842611B (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110633642A (en) * | 2019-08-14 | 2019-12-31 | 深圳市天彦通信股份有限公司 | Identity information verification method and device, terminal equipment and storage medium |
| CN110633560A (en) * | 2019-09-20 | 2019-12-31 | 重庆洲雄科技有限责任公司 | Identity recognition method and device, computer equipment and storage medium |
| CN110636106A (en) * | 2019-08-15 | 2019-12-31 | 平安普惠企业管理有限公司 | Information pushing method and device, computer equipment and storage medium |
| CN110647641A (en) * | 2019-08-15 | 2020-01-03 | 平安科技(深圳)有限公司 | Identity authentication method, identity authentication device, computer equipment and storage medium |
| CN110704823A (en) * | 2019-09-10 | 2020-01-17 | 平安科技(深圳)有限公司 | Data request method, device, storage medium and electronic equipment |
| CN110909013A (en) * | 2019-10-12 | 2020-03-24 | 中国平安财产保险股份有限公司 | Service list generation method, device, equipment and computer readable storage medium |
| CN111242576A (en) * | 2020-01-10 | 2020-06-05 | 中国建设银行股份有限公司 | Method and device for processing request |
| CN111274560A (en) * | 2020-01-14 | 2020-06-12 | 支付宝(杭州)信息技术有限公司 | Identity authentication mode recommendation method, device and equipment |
| CN111709035A (en) * | 2020-06-12 | 2020-09-25 | 北京思特奇信息技术股份有限公司 | Business process security verification method and system |
| CN112989307A (en) * | 2021-04-21 | 2021-06-18 | 北京金和网络股份有限公司 | Service information processing method, device and terminal |
| CN113542201A (en) * | 2020-04-20 | 2021-10-22 | 上海云盾信息技术有限公司 | Access control method and device for Internet service |
| CN113537994A (en) * | 2021-06-25 | 2021-10-22 | 浙江吉利控股集团有限公司 | Resource transfer method, device, equipment and medium |
| CN114006749A (en) * | 2021-10-29 | 2022-02-01 | 平安银行股份有限公司 | Security verification method, device, equipment and storage medium |
| CN116208953A (en) * | 2022-09-07 | 2023-06-02 | 北京诚志北分机电技术有限公司 | Communication method, system, terminal and storage medium |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101127599A (en) * | 2006-08-18 | 2008-02-20 | 华为技术有限公司 | An identity and right authentication method and system and a biological processing unit |
| WO2015196908A1 (en) * | 2014-06-24 | 2015-12-30 | 华为技术有限公司 | Service processing method, terminal, server and system |
| CN106228054A (en) * | 2016-08-02 | 2016-12-14 | 北京小米移动软件有限公司 | Auth method and device |
| CN106534150A (en) * | 2016-11-29 | 2017-03-22 | 江苏通付盾科技有限公司 | Identity authentication method and system, user terminal and website server |
| WO2017067374A1 (en) * | 2015-10-22 | 2017-04-27 | 中兴通讯股份有限公司 | Message push method and push server |
| EP3200487A1 (en) * | 2014-11-28 | 2017-08-02 | Huawei Technologies Co., Ltd. | Message processing method and apparatus |
| CN107018119A (en) * | 2016-08-30 | 2017-08-04 | 阿里巴巴集团控股有限公司 | Authentication system, method and platform |
| CN108134791A (en) * | 2017-12-22 | 2018-06-08 | 郑州云海信息技术有限公司 | A kind of data center's total management system login validation method |
| CN108650098A (en) * | 2018-05-08 | 2018-10-12 | 阿里巴巴集团控股有限公司 | The method and device of User Defined verification mode |
| CN108810003A (en) * | 2018-06-21 | 2018-11-13 | 吉旗(成都)科技有限公司 | A kind of safety verification scheme of multi-service side's message access |
-
2018
- 2018-12-14 CN CN201811532325.9A patent/CN109842611B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101127599A (en) * | 2006-08-18 | 2008-02-20 | 华为技术有限公司 | An identity and right authentication method and system and a biological processing unit |
| WO2015196908A1 (en) * | 2014-06-24 | 2015-12-30 | 华为技术有限公司 | Service processing method, terminal, server and system |
| EP3200487A1 (en) * | 2014-11-28 | 2017-08-02 | Huawei Technologies Co., Ltd. | Message processing method and apparatus |
| WO2017067374A1 (en) * | 2015-10-22 | 2017-04-27 | 中兴通讯股份有限公司 | Message push method and push server |
| CN106228054A (en) * | 2016-08-02 | 2016-12-14 | 北京小米移动软件有限公司 | Auth method and device |
| CN107018119A (en) * | 2016-08-30 | 2017-08-04 | 阿里巴巴集团控股有限公司 | Authentication system, method and platform |
| CN106534150A (en) * | 2016-11-29 | 2017-03-22 | 江苏通付盾科技有限公司 | Identity authentication method and system, user terminal and website server |
| CN108134791A (en) * | 2017-12-22 | 2018-06-08 | 郑州云海信息技术有限公司 | A kind of data center's total management system login validation method |
| CN108650098A (en) * | 2018-05-08 | 2018-10-12 | 阿里巴巴集团控股有限公司 | The method and device of User Defined verification mode |
| CN108810003A (en) * | 2018-06-21 | 2018-11-13 | 吉旗(成都)科技有限公司 | A kind of safety verification scheme of multi-service side's message access |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110633642B (en) * | 2019-08-14 | 2021-11-16 | 深圳市天彦通信股份有限公司 | Identity information verification method and device, terminal equipment and storage medium |
| CN110633642A (en) * | 2019-08-14 | 2019-12-31 | 深圳市天彦通信股份有限公司 | Identity information verification method and device, terminal equipment and storage medium |
| CN110636106A (en) * | 2019-08-15 | 2019-12-31 | 平安普惠企业管理有限公司 | Information pushing method and device, computer equipment and storage medium |
| CN110647641A (en) * | 2019-08-15 | 2020-01-03 | 平安科技(深圳)有限公司 | Identity authentication method, identity authentication device, computer equipment and storage medium |
| CN110636106B (en) * | 2019-08-15 | 2023-04-07 | 平安普惠企业管理有限公司 | Information pushing method and device, computer equipment and storage medium |
| CN110704823A (en) * | 2019-09-10 | 2020-01-17 | 平安科技(深圳)有限公司 | Data request method, device, storage medium and electronic equipment |
| CN110633560A (en) * | 2019-09-20 | 2019-12-31 | 重庆洲雄科技有限责任公司 | Identity recognition method and device, computer equipment and storage medium |
| CN110909013A (en) * | 2019-10-12 | 2020-03-24 | 中国平安财产保险股份有限公司 | Service list generation method, device, equipment and computer readable storage medium |
| CN110909013B (en) * | 2019-10-12 | 2023-10-03 | 中国平安财产保险股份有限公司 | Service list generation method, device, equipment and computer readable storage medium |
| CN111242576A (en) * | 2020-01-10 | 2020-06-05 | 中国建设银行股份有限公司 | Method and device for processing request |
| CN111274560B (en) * | 2020-01-14 | 2022-11-18 | 支付宝(杭州)信息技术有限公司 | Identity authentication mode recommendation method, device and equipment |
| CN111274560A (en) * | 2020-01-14 | 2020-06-12 | 支付宝(杭州)信息技术有限公司 | Identity authentication mode recommendation method, device and equipment |
| CN113542201A (en) * | 2020-04-20 | 2021-10-22 | 上海云盾信息技术有限公司 | Access control method and device for Internet service |
| CN111709035B (en) * | 2020-06-12 | 2022-03-29 | 北京思特奇信息技术股份有限公司 | Business process security verification method and system |
| CN111709035A (en) * | 2020-06-12 | 2020-09-25 | 北京思特奇信息技术股份有限公司 | Business process security verification method and system |
| CN112989307A (en) * | 2021-04-21 | 2021-06-18 | 北京金和网络股份有限公司 | Service information processing method, device and terminal |
| CN113537994A (en) * | 2021-06-25 | 2021-10-22 | 浙江吉利控股集团有限公司 | Resource transfer method, device, equipment and medium |
| CN114006749A (en) * | 2021-10-29 | 2022-02-01 | 平安银行股份有限公司 | Security verification method, device, equipment and storage medium |
| CN116208953A (en) * | 2022-09-07 | 2023-06-02 | 北京诚志北分机电技术有限公司 | Communication method, system, terminal and storage medium |
| CN116208953B (en) * | 2022-09-07 | 2023-08-18 | 北京诚志北分机电技术有限公司 | Communication method, system, terminal and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109842611B (en) | 2023-04-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109842611A (en) | Auth method, device, computer equipment and storage medium | |
| ES2875930T3 (en) | Identity authentication using specific human biological characteristics collection algorithms | |
| CN103152318B (en) | A kind of identity identifying method, device and system thereof | |
| CN108733819A (en) | A kind of personnel's archives method for building up and device | |
| JP2004234627A (en) | Information-holding device | |
| CN109767240A (en) | Cloud customer service distribution method, device, computer equipment and storage medium | |
| US20080148375A1 (en) | Authentication system, authentication device, and authentication method | |
| CN109815803B (en) | Face examination risk control method and device, computer equipment and storage medium | |
| US8065662B1 (en) | Compatibility testing of an application programming interface | |
| CN107256387A (en) | Fingerprint verification method, system and computer-readable recording medium | |
| CN111428218A (en) | Seal authorization method and device and server | |
| JP2010049357A (en) | Authentication device, authentication system, and authentication method | |
| CN109829277A (en) | Terminal unlock method, device, computer equipment and storage medium | |
| CN108900536A (en) | Authentication method, device, computer equipment and storage medium | |
| CN109547503A (en) | Biological feather recognition method | |
| CN110266738A (en) | Identification authentication method and device based on multi-biological characteristic | |
| CN110162942A (en) | Auth method, device, equipment and storage medium based on timestamp | |
| CN109688121A (en) | Resource data acquisition methods, device, computer equipment and storage medium | |
| CN108959884A (en) | The testimony of a witness veritifies device and method | |
| KR102168164B1 (en) | Matching processing apparatus between user and a/s company based on condition and operating method thereof | |
| CN115208664A (en) | Method, device, equipment and storage medium for unified identification of multi-platform users | |
| CN107507288B (en) | Rapid attendance checking method and device | |
| CN111538967B (en) | Data management platform based on information resource library | |
| CN107273456A (en) | A kind of accurate recognition methods of multi dimensional analysis intelligent terminal feature | |
| CN112100604A (en) | Terminal equipment information processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |