CN109933974A - Cryptographic initialization method, apparatus, computer equipment and storage medium - Google Patents
Cryptographic initialization method, apparatus, computer equipment and storage medium Download PDFInfo
- Publication number
- CN109933974A CN109933974A CN201910115057.9A CN201910115057A CN109933974A CN 109933974 A CN109933974 A CN 109933974A CN 201910115057 A CN201910115057 A CN 201910115057A CN 109933974 A CN109933974 A CN 109933974A
- Authority
- CN
- China
- Prior art keywords
- identity
- information
- cryptographic initialization
- mobile terminal
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000011423 initialization method Methods 0.000 title claims abstract description 35
- 238000012795 verification Methods 0.000 claims abstract description 63
- 230000003542 behavioural effect Effects 0.000 claims abstract description 39
- 238000012550 audit Methods 0.000 claims description 102
- 230000005540 biological transmission Effects 0.000 claims description 22
- 238000004590 computer program Methods 0.000 claims description 16
- 238000003909 pattern recognition Methods 0.000 claims description 14
- 230000002159 abnormal effect Effects 0.000 claims description 7
- 238000000034 method Methods 0.000 description 32
- 230000008569 process Effects 0.000 description 16
- 238000010586 diagram Methods 0.000 description 11
- 230000006399 behavior Effects 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000010200 validation analysis Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 230000002708 enhancing effect Effects 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000012946 outsourcing Methods 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000010485 coping Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000029058 respiratory gaseous exchange Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Landscapes
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of cryptographic initialization method, apparatus, computer equipment and storage mediums, which comprises receives the cryptographic initialization request that mobile terminal is sent, wherein cryptographic initialization request includes identity type and identity;Daily record data table corresponding with identity is obtained, and judges whether the behavioural information of identity is normal according to daily record data table;If the behavioural information of identity is normal, the corresponding verification condition of identity type is obtained, and send mobile terminal for verification condition;Receive the authentication information that mobile terminal is sent according to verification condition;Authentication information is authenticated, authentication result is obtained;If authentication result is to authenticate successfully, the corresponding initial password of identity is obtained.Above-mentioned kind of cryptographic initialization method improves the efficiency and safety of cryptographic initialization.
Description
Technical field
The present invention relates to art of cryptography more particularly to a kind of cryptographic initialization method, apparatus, computer equipment and deposit
Storage media.
Background technique
With the fast development of network technology, internet has entered into the work and life of more and more people.People exist
During daily use network, such as office computer booting, mailbox certification or intra-company's platform, it usually needs carry out identity
Certification may require that employee is every generally for the safety for improving internal platform especially for the login etc. of intra-company's platform
A password is updated every a period of time, this will lead to usually have employee because of office account number cipher problem (such as lock, forget)
It dallies over one's work, also, when account locks, the case where employee can not open office computer, and under mobile office background, without
The user's situation that forgets Password for often logging in the end PC happens occasionally, and influences the working efficiency of employee.
Traditionally, employee carries out cryptographic initialization, the method meeting of this artificial cryptographic initialization by dialing service calls
The insecurity for increasing worker's information, influences the efficiency of cryptographic initialization.
Summary of the invention
The embodiment of the present invention provides a kind of cryptographic initialization method, apparatus, computer equipment and storage medium, to solve people
The problem that the method for work cryptographic initialization is inefficient and safety is not high.
A kind of cryptographic initialization method, comprising:
Receive the cryptographic initialization request that mobile terminal is sent, wherein cryptographic initialization request include identity type and
Identity;
Daily record data table corresponding with the identity is obtained, and the identity mark is judged according to the daily record data table
Whether the behavioural information of knowledge is normal;
If the behavioural information of the identity is normal, the corresponding verification condition of the identity type is obtained, and
The mobile terminal is sent by the verification condition;
Receive the authentication information that the mobile terminal is sent according to the verification condition;
The authentication information is authenticated, authentication result is obtained;
If the authentication result is to authenticate successfully, the corresponding initial password of the identity is obtained.
A kind of cryptographic initialization device, comprising:
Cryptographic initialization request module, for receiving the cryptographic initialization request of mobile terminal transmission, wherein described close
Code initialization requests include identity type and identity;
Behavioural information judgment module, for obtaining daily record data table corresponding with the identity, and according to the day
Will tables of data judges whether the behavioural information of the identity is normal;
Verification condition obtains module, for when the behavioural information of the identity is normal, then obtaining the body
The corresponding verification condition of part type, and the mobile terminal is sent by the verification condition;
Authentication information receiving module is believed for receiving the mobile terminal according to the authentication that the verification condition is sent
Breath;
Authentication result obtains module, authenticates to the authentication information, obtains authentication result;
Initial password obtains module, for when the authentication result is to authenticate successfully, then obtaining the identity pair
The initial password answered.
A kind of computer equipment, including memory, processor and storage are in the memory and can be in the processing
The computer program run on device, the processor realize above-mentioned cryptographic initialization method when executing the computer program.
A kind of computer readable storage medium, the computer-readable recording medium storage have computer program, the meter
Calculation machine program realizes above-mentioned cryptographic initialization method when being executed by processor.
In above-mentioned cryptographic initialization method, apparatus, computer equipment and storage medium, firstly, receiving what mobile terminal was sent
Cryptographic initialization request, wherein cryptographic initialization request includes identity type and identity;Then, acquisition and identity
Corresponding daily record data table, and judge whether the behavioural information of identity is normal according to daily record data table;If identity
Behavioural information is normal, then obtains the corresponding verification condition of identity type, and send mobile terminal for verification condition;Receive mobile terminal
The authentication information sent according to verification condition;Then, authentication information is authenticated, obtains authentication result;Finally,
If authentication result is to authenticate successfully, the corresponding initial password of identity is obtained, which is self-service process, section
Human-saving, and safety is more reliable, avoids the multiple interaction between leakage of personal information and client and user, simplifies
The authentication process of mobile terminal, and then effectively improve the efficiency of cryptographic initialization.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below by institute in the description to the embodiment of the present invention
Attached drawing to be used is needed to be briefly described, it should be apparent that, the accompanying drawings in the following description is only some implementations of the invention
Example, for those of ordinary skill in the art, without any creative labor, can also be according to these attached drawings
Obtain other attached drawings.
Fig. 1 is the application environment schematic diagram of cryptographic initialization method provided in an embodiment of the present invention;
Fig. 2 is one exemplary diagram of cryptographic initialization method provided in an embodiment of the present invention;
Fig. 3 is another exemplary diagram of cryptographic initialization method provided in an embodiment of the present invention;
Fig. 4 is another exemplary diagram of cryptographic initialization method provided in an embodiment of the present invention;
Fig. 5 is another exemplary diagram of cryptographic initialization method provided in an embodiment of the present invention;
Fig. 6 is another exemplary diagram of cryptographic initialization method provided in an embodiment of the present invention;
Fig. 7 is another exemplary diagram of cryptographic initialization method provided in an embodiment of the present invention;
Fig. 8 is a functional block diagram of cryptographic initialization device provided in an embodiment of the present invention;
Fig. 9 is a schematic diagram of computer equipment provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are some of the embodiments of the present invention, instead of all the embodiments.Based on this hair
Embodiment in bright, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, shall fall within the protection scope of the present invention.
Cryptographic initialization method provided by the present application, can be applicable in the application environment such as Fig. 1, which includes moving
Moved end and server-side.Wherein, mobile terminal is communicated by network with server-side.At the beginning of server-side receives the password that mobile terminal is sent
Beginningization request, then obtains daily record data table corresponding with identity, and the row of identity is judged according to daily record data table
It is whether normal for information, when the behavioural information of identity is normal, the corresponding verification condition of identity type is obtained, and will
Verification condition is sent to mobile terminal, receives the authentication information that mobile terminal is sent according to verification condition;Then to authentication
Information is authenticated, and authentication result is obtained;Finally when authentication result is to authenticate successfully, then it is corresponding initial to obtain identity
Password.Wherein, mobile terminal can be, but not limited to be various personal computers, laptop, smart phone, tablet computer and just
Take formula wearable device.Server-side can be with the server cluster of the either multiple server compositions of independent server come real
It is existing.
In one embodiment, as shown in Fig. 2, being applied to be illustrated for the server-side in Fig. 1 in this way, including
Following steps:
S10: receive mobile terminal send cryptographic initialization request, wherein cryptographic initialization request include identity type and
Identity.
Wherein, cryptographic initialization request is the request that initialization process is carried out to user password that mobile terminal is initiated.This is close
Code initialization requests include identity and identity type.Identity type refers to that is stored in client is used for the identity to user
The typonym that authentication mode distinguishes.Optionally, identity type type may include administrator's type, customer type and interior
Portion's employee's type etc..
Wherein, identity refers to the mark for distinguishing different user.In one embodiment, identity can be
User's work number, user's work number are the identiflication numbers that a platform, application program or system are identity distribution, optionally, should
User's work number can be made of at least one such as Chinese, number, letter or symbols.It should be noted that due to authentication
It also include sensitive information (such as password) in journey, therefore, server-side is after the certification request for receiving mobile terminal transmission, according to every
The corresponding each operation (such as identity information typing) of one identity increases log recording, forms each identity corresponding day
Will tables of data improves the safety of authentication information, and data are further processed according to daily record data table so as to subsequent, improves
Safety and accuracy to authentication information operation.
Specifically, user inputs corresponding instruction or information by mobile terminal to trigger cryptographic initialization request.It is mobile
Cryptographic initialization request is sent to server-side by end, and server-side gets cryptographic initialization request.Or from transmission configuration
The transmission port for establishing transmission connection with server-side is extracted in file;Transmission port is monitored, the monitoring of transmission port is passed through
Transmission connection is established with mobile terminal;It is connected by the transmission of foundation to server-side and sends cryptographic initialization request.
S20: obtaining daily record data table corresponding with identity, and the behavior of identity is judged according to daily record data table
Whether information is normal.
Wherein, daily record data table refers to the number of record user behavior information (such as password modification or account number log in behavior)
According to the table of formation.The corresponding daily record data table of each identity, identity-based mark, in pre-recorded daily record data table
In set, daily record data table corresponding with identity can be inquired, which reflects the behavior of identity
Information such as replaces the time interval of password, last time carries out the time of authentication, carries out the location information of authentication every time
Deng.Specifically, the behavioural information in daily record data table is compared server-side with preset specification information, if identity
Behavioural information is consistent with preset specification information, it is determined that the behavioural information of identity is normal, otherwise determines identity
Behavioural information is abnormal.Illustratively, an enterprise platform is in order to improve the safety that worker authenticates, by its preset specification
Information setting are as follows: it updates within 3 months a password and the number of password modification is not more than 3 times in one day, if daily record data table
With the behavioural information of identity are as follows: continuous 4 months not more new passwords, it is determined that the behavioural information of the identity is abnormal;
If the behavioural information with identity of daily record data table are as follows: 3 password modifications have been carried out in the same day, it is determined that the identity mark
The behavioural information of knowledge is abnormal;If the behavioural information with identity of daily record data table are as follows: the more new password in 3 months, then
Determine that the behavioural information of the identity is normal.
S30: if the behavioural information of identity is normal, the corresponding verification condition of identity type is obtained, and item will be verified
Part is sent to mobile terminal.
Wherein, verification condition refers to the necessary condition that user identity is verified, and as account number must be consistent with password, or tests
It is consistent etc. to demonstrate,prove code, for guaranteeing the condition of subscriber identity information correctness setting.Verification condition in this step refers to and identity
The corresponding condition of type, i.e. identity type have several classes, then verification condition also has several classes.In a specific embodiment, different
Identity type and different verification conditions are corresponding, i.e., the verification condition of corresponding types can be quickly found according to identity type.Example
Such as: record has this 4 kinds of identity types of interior employee, outsourcing employee, temporary workers and foreign employee in server-side, interior employee this
The corresponding verification condition of one identity type is the information one stored in employee's account number, name, type of credential and server database
It causes, and outsourcing, management account, casual user this corresponding verification condition of 3 kinds of identity types are as follows: employee's account number, name, cell-phone number
Code is consistent with the information stored in server database, and needs identifying code also consistent.Specifically, server-side obtains identity class
After type, that is, it can extract verification condition corresponding with identity type, movement sent by the network transmission protocol by the verification condition
End.Wherein, the network transmission protocol includes but is not limited to: Internet Control Message agreement (Internet Control Message
Protocol, ICMP), address resolution protocol (ARP Address Resolution Protocol, ARP) and file transmission association
Discuss (File Transfer Protocol, FTP) etc..
S40: the authentication information that mobile terminal is sent according to verification condition is received.
Wherein, authentication information refers to the information relevant to authentication that user fills in, such as account number, password and verifying
Code etc..For example, entrance provides an input dialogue frame in the page by mobile terminal, when user fills in the input dialogue frame
When authentication information, mobile terminal will be correspondingly made available authentication information according to filling in for user.Wherein, it fills in as user
The operation triggered to submit authentication information in the entrance.
Specifically, when receiving the verification condition of server-side transmission, mobile terminal shows the verification condition, thus
User can carry out authentication information according to the verification condition of display and fill in, and server-side gets the body of mobile terminal transmission in turn
Part authentication information.After showing verification condition on the Verify Your Identity page of server-side, user is i.e. on this page according to verifying
Condition fills in (input) oneself authentication information.In a specific embodiment, user clicks login page and chooses identity
Type is interior employee, and the verification condition for receiving server-side transmission is employee's account number, name, type of credential and service end data
The information stored in library is consistent, and then fills in employee's account, name and card in the corresponding control in identity page face (such as text box)
Part type etc..
S50: authenticating authentication information, obtains authentication result.
Wherein, authentication refers in the pre-stored identity information database of server-side, according to authentication information
Matched and searched is carried out, if there is the identity information being mutually matched with authentication information, then authentication success, conversely, such as
The identity information being mutually matched with authentication information is not present in fruit, then authentication fails.Wherein authentication result refers to service
Hold to authentication information carry out authentication as a result, as authenticated successfully or the authentication result of authentification failure.
It should be noted that after server-side authenticates authentication information, in order to guarantee response rate, no matter server-side
Whether find the authentication information to match with authentication information, will all return to the authentication result of form of message to movement
End, so as to subsequent raising authentication efficiency.Message therein refers to server-side by receiving the request of client and sending out to client
Http response data, the data that the authentication result namely server-side of form of message are sent are sent, if authentication result is to authenticate successfully,
The message is the data that confirms user and can log in, such as startup password, if authentication result is authentification failure, which is
The reason of to prompt user authentication failure, such as account number are locked.
S60: if authentication result is to authenticate successfully, the corresponding initial password of identity is obtained.
Wherein, initial password refers to after authentication passes through, the login password of client corresponding with identity, into
One step, the initial password be randomly assigned by server-side namely initial password be random code, for promoting safety
Property.Client therein refers to the client managed by server-side corresponding with identity, can pass through the initial password pair
It is managed by the client of service end pipe control, such as booting, monitoring or audit operation.Specifically, when the certification of server-side
As a result for when authenticating successfully, after authenticating successful message, server-side obtains the corresponding initial password of identity.Further,
After the mobile-terminated certification for receiving server-side transmission successful message, extracted from the successful message of the certification initial close
Code.Authentication can be directly carried out by initial password, the intelligent identity identification to user in mobile terminal is realized, is conducive to
Improve the working efficiency of user.Meanwhile the cryptographic initialization is self-service process, saves manpower, and safety is more reliable, avoids
Multiple interaction between leakage of personal information and client and user, simplifies the authentication process of mobile terminal, in turn
Effectively improve the efficiency of cryptographic initialization.
In the present embodiment, firstly, receiving the cryptographic initialization request that mobile terminal is sent, wherein cryptographic initialization request packet
Include identity type and identity;Then, daily record data table corresponding with identity is obtained, and is judged according to daily record data table
Whether the behavioural information of identity is normal;If the behavioural information of identity is normal, the corresponding verifying of identity type is obtained
Condition, and mobile terminal is sent by verification condition;Receive the authentication information that mobile terminal is sent according to verification condition;Then,
Authentication information is authenticated, authentication result is obtained;Finally, obtaining identity if authentication result is to authenticate successfully
Corresponding initial password, the cryptographic initialization are self-service processes, save manpower, and safety is more reliable, avoids personal letter
Breath leakage and the multiple interaction between client and user, simplify the authentication process of mobile terminal, and then effectively mention
The high efficiency of cryptographic initialization.
In one embodiment, as shown in figure 3, after step S20, i.e., identity is being judged according to daily record data table
After whether behavioural information is normal, the cryptographic initialization method further include:
S81: it if the behavioural information of identity is abnormal, obtains cryptographic initialization and requests corresponding location information, sentence
Whether disconnected location information has reasonability.
Wherein, location information refers to locating address information of the user when cryptographic initialization request is initiated in mobile terminal, packet
Include but be not limited to the IP address etc. of geographical location or mobile terminal.Specifically, when corresponding position letter is requested in cryptographic initialization
When ceasing within a preset range, then confirm that the location information has reasonability, otherwise, confirms that the location information does not have reasonability.
S82: if location information has reasonability, the corresponding user of identity is carried out by the way of pattern-recognition
Certification.
Wherein, the mode of pattern-recognition refer to exactly by computer with mathematical technique method come the automatic place of research mode
The mode of reason and interpretation, for carrying out secondary verification to behavioural information and then enhancing safety.Including but not limited to gesture identification,
Iris recognition, recognition of face and fingerprint recognition etc..It is to be appreciated that it is by mobile terminal that the mode of pattern-recognition, which carries out certification,
The identity characteristic of user is acquired, and collection result is sent to server-side, server-side receives the identity characteristic, and with it is pre-
If each identity characteristic information stored in database compares verifying, determine whether user identity feature is legal.Pass through this
Kind method, may be implemented the re-authentication to the corresponding user of identity, promotes the security performance of verification process, save simultaneously
Authentication operation.
S83: it if the certification of pattern-recognition passes through, returns to execution and obtains the corresponding verification condition of identity type, and will test
The step of card condition is sent to mobile terminal.
Specifically, when the corresponding user of identity is carried out by the way of pattern-recognition when certification passes through namely password
The corresponding location information of initialization requests has reasonability, and therefore the certification by way of pattern-recognition continues
The operation of step S30, namely return to execute and obtain the corresponding verification condition of identity type, and send mobile terminal for verification condition
The step of.It ensures the response of the request to authentication, reduces period of reservation of number (such as 3 seconds), and sufficiently ensure
The safety of user password initialization.
In the present embodiment, when the behavioural information of identity is abnormal, then obtains cryptographic initialization and request corresponding position
Confidence breath, judges whether location information has reasonability;When location information has reasonability, then to the corresponding use of identity
Family is authenticated by the way of pattern-recognition, and the re-authentication to the corresponding user of identity may be implemented, and promotes certification
The security performance of process, while saving authentication operation;If the certification of pattern-recognition passes through, returns to execution and obtain identity type
Corresponding verification condition, and the step of sending mobile terminal for verification condition, it is ensured that the response to the request of authentication, and
And the safety of user password initialization is sufficiently ensured.
In one embodiment, after step S60, after obtaining the corresponding initial password of identity, password is initial
Change method further include:
It is encrypted using preset key pair initial password, obtains service password, service password is sent to mobile terminal,
Key is sent to corresponding target audit end.
Wherein, preset key refers to the preset parameter for being encrypted to sensitive information, is one kind to original
There are data to be modified to the parameter of assuring data security, key acquisition modes therein include but is not limited to algorithm for encryption,
The modes such as digital certificate encryption, digital signature encryption, can according to practical application scene to security requirement it is different neatly
Setting, is not limited thereto.For example, server-side, which can use data summarization algorithm, calculates initial password initial data abstract, and
Base64 code conversion is carried out, the data summarization namely key of initial password are formed.It is encrypted using key provided by server-side
Initial data summarization generates the digital signature of initial password, and the encryption of initial password is completed with this.Server-side is to initial password
It is encrypted, guarantees the safety of password, avoid authentication information by the attack from internet, while ensure that just
The transmission security of beginning password.
Wherein, service password refers to the initial password after having carried out encryption, can be startup password, is also possible to cloud
Desktop password, specifically with no restriction.
Wherein, audit end is for secondary audit in turn to be decrypted to service password, and audit end passes through network and service
End is communicated.Audit end can be, but not limited to be various personal computers, laptop, smart phone, tablet computer and
Portable wearable device.Target audit end is the association end of mobile terminal, for example, it may be the client being closer with mobile terminal
End perhaps has permission the client audited to mobile terminal and facilitates the personnel of target audit end or mobile terminal that can quickly pacify
Password after obtaining decryption entirely.Specifically, service password is sent to mobile terminal, sends audit end for key, audits end
It is sent to mobile terminal after mobile terminal progress identity validation, then by key, mobile terminal receives the key, and uses default script
With the key, service password is decrypted.Optionally, audit end, which can be the identity validation of mobile terminal, passes through password authentification
Or the mode to confirm password, it is also possible to audit end and video link is first established in mobile terminal, audits end again by establishing video
Video image after connection to carry out identity validation to mobile terminal, passes through the body to the corresponding user in mobile terminal in video image
Part is confirmed.Alternatively, matching an audit end being closer for mobile terminal, audit end is facilitated to carry out mobile terminal face-to-face
Audit, better ensure that safety.Further, identity is also sent to audit end by server-side, facilitates audit end true
Surely corresponding mobile terminal is arrived.Mobile terminal receives the key that audit end is sent, then root after the identity validation by audit end
It is decrypted according to the key pair service password, the initial password after being decrypted.It is obtained after being decrypted by key initial close
Code, realizes intelligent identity identification, ensure that the safety of cryptographic initialization.
In the present embodiment, is encrypted using preset key pair initial password, obtain service password, service password is sent out
It send to mobile terminal, key is sent to corresponding target and audits end, realizes cryptographic initialization, which is self-service mistake
Journey simplifies the cryptographic initialization of mobile terminal, and by the multiple interaction between mobile terminal, avoids personal information and let out
Dew, so that safety is higher, and then effectively improves cryptographic initialization efficiency and safety.
In one embodiment, as shown in figure 4, in step S70, key is sent to corresponding target and audits end, it is specific to wrap
Include following steps:
S71: it obtains cryptographic initialization and requests corresponding location information, target area is determined according to location information.
Wherein, target area refers to the region for needing to carry out password where the audit end of initialization process.Specifically, base
Corresponding location information is requested in cryptographic initialization, it will be where the location information that preset range met with location information regional scope
Region is as target area.The preset range can be preset according to actual needs.For example, cryptographic initialization is requested
Corresponding location information is the center of circle, is determined as target area by the region of radius of pre-determined distance.Specifically, which can
With the positioning tool (for example, GPS) by mobile terminal come automatically obtain or mobile terminal send cryptographic initialization request when master
The current position of dynamic input is as location information.Further, the current position that mobile terminal is actively entered includes floor, room
Number or the details such as office.
S72: the corresponding location information in each default audit end in target area is obtained.
It specifically, in the target area, include multiple default audit ends, each corresponding location information in default audit end.
Optionally, it presets audit end to be pre-existing in the preset database with corresponding location information, passes through step S71
Determining target area obtains the location information at each default audit end for including in the target area.
Optionally, it to determine the current location information in audit end, and can also be obtained by obtaining each IP address for auditing end
Current location information is taken to be in each audit end in target area.It specifically, can be corresponding with pre-recorded each IP address
Substantive location information.For example, the IP address for getting an audit end is 219.134.237.237, inquired according to third party IP
Interface or pre-set IP address correspond to table and inquire, and the corresponding physical address of the IP address is Eight Diagrams ridge Futian District Eight Diagrams
Ridge belongs to target area range, thus, the location information at the corresponding audit end the IP is obtained, as one in target area
It is default to audit the corresponding location information in end.
S73: calculate between the corresponding location information in each default audit end location information corresponding with identity away from
From.
Wherein, distance is to reflect the index of the distance of two location informations.Specifically, first by the corresponding movement of identity
The location information at end is converted to reference coordinate information (such as origin (0,0)), then respectively by the corresponding position in each default audit end
Confidence manner of breathing location information corresponding for identity is converted into relative co-ordinate information, each pre- if any N number of default audit end
If the relative co-ordinate information for auditing end is respectively (x1,y1)、(x2,y2)…(xn,yn).Then, each default audit is directly calculated
Hold the distance value of the relative co-ordinate information of corresponding location informationN number of distance
Value is the distance between the location information of the corresponding location information in each default audit end mobile terminal corresponding with identity.
S74: the corresponding default audit end of preset threshold distance will be less than or equal in as target and audits end.
Wherein, preset threshold distance refers to preset for choosing the default audit end being closer with server-side
Apart from critical value.For example, if preset threshold distance is 500 meters (m), when the corresponding location information in default audit end and identity
Identifying the distance between corresponding location information is 300m, then end is audited as target in the default audit end.It should be noted that
When there are multiple default audit ends corresponding less than or equal to preset threshold distance, it is default that any one can be randomly selected
End is audited as target and audits end, can also will audit end as target apart from the smallest corresponding default audit end.
S75: key is sent to target audit end.
Specifically, key is sent to target audit end, it can be fast to audit end with the closer target of server-side distance
Speed is decrypted according to key, to improve the efficiency of cryptographic initialization.
In the present embodiment, firstly, obtaining cryptographic initialization requests corresponding location information, target is determined according to location information
Region;Then, the corresponding location information in each default audit end in target area is obtained;Then, each default audit is calculated
Hold the distance between corresponding location information location information corresponding with identity;Next, will be less than or wait in
End is audited as target in the corresponding default audit end of preset threshold distance;Finally, key is sent to target audit end, with
Just it quick obtaining key and can be decrypted according to key with the target audit closer mobile terminal of end distance, to improve close
The efficiency of code initialization.
In one embodiment, as shown in figure 5, in step S70, by key be sent to target audit end, specifically include as
Lower step:
S71 ': it obtains cryptographic initialization and requests corresponding location information, target area, target area are determined according to location information
Domain includes interior zone and perimeter.In a specific embodiment, target area includes interior zone and perimeter.
Wherein, interior zone, which is represented, requests the corresponding closer region of location information, specific regional scope from cryptographic initialization
It can be set according to actual needs.And perimeter represents the farther region in relative interior region.Illustratively, if
Target area is a circle, then interior zone can be requests corresponding location information as the center of circle using cryptographic initialization, with the
One pre-determined distance is a round region of radius, and perimeter is then one and requests corresponding position letter with cryptographic initialization
Breath is the center of circle, and an annulus of interior zone is subtracted using the second pre-determined distance bigger than the first pre-determined distance as the circle of radius
Domain.
S72 ': the corresponding location information in each default audit end in target area is obtained.
Specifically, each default method for auditing the corresponding location information in end obtained in target area in the present embodiment
Consistent with the method in step S72, details are not described herein again.
S73 ': if default audit end in interior zone, obtains the corresponding detailed location information in default audit end.
Wherein, detailed location information is further more specific location information, it may for example comprise floor, office or room
Between number equal details, detailed location information can be bound according to the IP address at each default audit end in advance.
In this embodiment, it is mobile terminal active when sending cryptographic initialization request that corresponding location information is requested in cryptographic initialization
Current position is inputted as location information, guarantees the accuracy of the location information of mobile terminal, preferably to audit end with default
Detailed location information matched.In this way, the corresponding position in each default audit end can be calculated in more detail in step S73
Confidence ceases the distance between location information corresponding with identity, to better ensure that the accuracy of distance between the two.
S74 ': it calculates between the corresponding detailed location information in each default audit end location information corresponding with identity
Distance.
Specifically, the coordinate points on vertical direction can be constructed according to specific floor information, in the basis of step S73
On calculate the corresponding location information in each default audit end position corresponding with identity by building space coordinates again
The distance between information.
S75 ': the corresponding default audit end of preset threshold distance will be less than or equal in and will be audited as target
End.
Specifically, each default method for auditing the corresponding location information in end obtained in target area in the present embodiment
Consistent with the method in step S74, details are not described herein again.
S76 ': key is sent to target audit end.
Specifically, after getting target audit end according to distance, key is sent to audit end by server-side, is not only guaranteed
The accuracy of the location information of mobile terminal also adds the safety of key transmission.
In the present embodiment, firstly, obtaining cryptographic initialization requests corresponding location information, target is determined according to location information
Region, target area include interior zone and perimeter;Then, each default audit end obtained in target area is corresponding
Location information;When default audit end is in interior zone, then the corresponding detailed location information in default audit end, Jin Erji are obtained
Calculate the distance between the corresponding detailed location information in each default audit end location information corresponding with the identity;
Next, will be less than or equal to the corresponding default audit end of preset threshold distance in as target audits end;Finally,
The key is sent to target audit end, the accuracy of the location information of mobile terminal is not only ensure that, also adds key biography
The safety sent.
In one embodiment, as shown in fig. 6, authenticating in step S50 to authentication information, authentication result is obtained,
Specifically comprise the following steps:
S51: employee is obtained from authentication information and registers cell-phone number information and identifying code.
Wherein, employee's registration cell-phone number information refers to the letters such as the phone number used when employee's registration and corresponding name
Breath, identifying code is referred to by being registered the phone number in cell-phone number information based on employee, is used by what operator returned for verifying
The identifying code of family information.Specifically, employee can be got in the authentication information tables of data of the background data base of system
Register cell-phone number information and identifying code.
S52: employee is searched in preset database and registers cell-phone number information, if there are employee's notes in preset database
Volume cell-phone number information, then verify identifying code by third party's interface, obtain authentication result.
Wherein, third party's interface is for registering the interface that cell-phone number information is verified to employee, and such as mobile verifying connects
Mouth or telecommunications verifying interface etc..It is readily appreciated that ground, employee is searched in preset database and registers cell-phone number information, if default
Database in there is no employees to register cell-phone number information, illustrate there is no the authentication information, and then termination is to the identity
The certification of authentication information improves the safety of authentication information to reduce subsequent authentication process.Therefore, to preset data
Employee present in library registers cell-phone number information and is verified by third party's interface to identifying code, obtains authentication result, this is recognized
Card result may include authenticating successfully or authentification failure.
In the present embodiment, employee is obtained from authentication information and registers cell-phone number information and identifying code;In preset number
Cell-phone number information is registered according to employee is searched in library, if there are employees to register cell-phone number information in preset database, passes through the
Tripartite's interface verifies identifying code, obtains authentication result.So that verification process more highly effective and safe.
In one embodiment, it as shown in fig. 7, being authenticated to authentication information after step S50, obtains
After authentication result, the cryptographic initialization method further include:
S91: if authentication result is authentification failure, the number of authentification failure is counted, if the number of authentification failure is not up to
Preset frequency threshold value then returns and executes the step of receiving the authentication information that mobile terminal is sent according to verification condition.
Wherein, preset frequency threshold value refers to the critical of the authentification failure number for judging authentication information correctness
Value.Specifically, the number that authentication result is authentification failure is counted, when the number of authentification failure is not up to preset number
When threshold value, then returns and execute the step of receiving the authentication information that mobile terminal is sent according to verification condition, mobile terminal is according to testing
Card condition sends new authentication information, and continues the authentication operation of authentication information, and server-side is weighed
Authentication information newly new to user authenticates, and realizes the intelligent authentication to authentication information.
S92: if the number of authentification failure reaches preset frequency threshold value, identity is locked.
Specifically, when the number of authentification failure reaches preset frequency threshold value, identity is locked, that is, is terminated
Operation of the user to authentication, to sufficiently ensure the safety of cryptographic initialization.
In the present embodiment, if authentication result is authentification failure, the number of authentification failure is counted, if the number of authentification failure
Not up to preset frequency threshold value then returns to the step for executing and receiving the authentication information that mobile terminal is sent according to verification condition
Suddenly, enabling server-side, the authentication information new to user authenticates again, realizes the intelligence to authentication information
It can certification;If the number of authentification failure reaches preset frequency threshold value, identity is locked, to sufficiently ensure close
The safety of code initialization.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in above-described embodiment, each process
Execution sequence should be determined by its function and internal logic, the implementation process without coping with the embodiment of the present invention constitutes any limit
It is fixed.
In one embodiment, a kind of cryptographic initialization device is provided, the cryptographic initialization device with it is close in above-described embodiment
Code initial method corresponds.As shown in figure 8, the cryptographic initialization device include cryptographic initialization request module 10,
Behavioural information judgment module 20, verification condition obtain module 30, authentication information receiving module 40, authentication result and obtain 50 and of module
Initial password obtains module 60.Detailed description are as follows for each functional module:
Cryptographic initialization request module 10, for receiving the cryptographic initialization request of mobile terminal transmission, wherein password
Initialization requests include identity type and identity;
Behavioural information judgment module 20, for obtaining daily record data table corresponding with identity, and according to daily record data
Table judges whether the behavioural information of identity is normal;
Verification condition obtains module 30, corresponding for when the behavioural information of identity is normal, then obtaining identity type
Verification condition, and send mobile terminal for verification condition;
Authentication information receiving module 40, the authentication information sent for receiving mobile terminal according to verification condition;
Authentication result obtains module 50 and obtains authentication result for authenticating to authentication information;
Initial password obtains module 60, for when authentication result is to authenticate successfully, then it is corresponding just to obtain identity
Beginning password.
Preferably, which further includes location information judgment module, pattern-recognition authentication module and identity
Authentication module.
Location information judgment module is asked for when the behavioural information of identity is abnormal, then obtaining cryptographic initialization
Corresponding location information is sought, judges whether location information has reasonability;
Pattern-recognition authentication module, for when location information has reasonability, then being adopted to the corresponding user of identity
It is authenticated with the mode of pattern-recognition;
Authentication module, it is corresponding for when the certification of pattern-recognition passes through, then returning to execution acquisition identity type
Verification condition, and the step of sending mobile terminal for verification condition.
Preferably, which further includes password sending module, for initially close using preset key pair
Code is encrypted, and obtains service password, service password is sent to mobile terminal, and key is sent to corresponding target and audits end.
Preferably, password sending module includes target area determination unit, audit end position information acquisition unit, distance meter
Calculate unit, target audit end determination unit and password transmission unit.
Target area determination unit requests corresponding location information for obtaining cryptographic initialization, true according to location information
Set the goal region;
End position information acquisition unit is audited, the corresponding position in each default audit end for obtaining in target area is believed
Breath;
Metrics calculation unit, for calculating the corresponding location information in each default audit end position corresponding with identity
The distance between information;
Target audits end determination unit, corresponding default careful for that will be less than or equal to preset threshold distance in
End is audited as target in core end;
Password transmission unit, for key to be sent to target audit end.
Preferably, password sending module further includes target area acquiring unit, location information acquiring unit, detail location letter
Cease acquiring unit, location information metrics calculation unit, target audit end acquiring unit and password acquiring unit.
Target area acquiring unit requests corresponding location information for obtaining cryptographic initialization, true according to location information
Set the goal region, and target area includes interior zone and perimeter;
Location information acquiring unit, for obtaining the corresponding location information in each default audit end in target area;
Detailed location information acquiring unit, for when default audit end is in interior zone, then obtaining default audit end
Corresponding detailed location information;
Location information metrics calculation unit, for calculating the corresponding detailed location information in each default audit end and identity mark
Know the distance between corresponding location information;
Target audits end acquiring unit, corresponding default careful for that will be less than or equal to preset threshold distance in
End is audited as target in core end;
Password acquiring unit, for key to be sent to target audit end.
Preferably, it includes registration information acquiring unit and authentication result acquiring unit that authentication result, which obtains module,.
Registration information acquiring unit registers cell-phone number information and identifying code for obtaining employee from authentication information;
Authentication result acquiring unit registers cell-phone number information for searching employee in preset database, if preset
There are employees to register cell-phone number information in database, then is verified by third party's interface to identifying code, obtain authentication result.
Preferably, which further includes authentification failure processing module and certification locking module
Authentification failure processing module, for when authentication result is authentification failure, then the number of authentification failure being counted, if recognizing
The number of card failure is not up to preset frequency threshold value, then returns to execution reception mobile terminal and recognized according to the identity that verification condition is sent
The step of demonstrate,proving information;
Authenticate locking module, for when the number of authentification failure reaches preset frequency threshold value, then to identity into
Row locking.
Specific about cryptographic initialization device limits the restriction that may refer to above for cryptographic initialization method,
This is repeated no more.The above-mentioned modules based in cryptographic initialization device can be fully or partially through software, hardware and its group
It closes to realize.Above-mentioned each module can be embedded in the form of hardware or independently of in the processor in computer equipment, can also be with
Software form is stored in the memory in computer equipment, executes the corresponding behaviour of the above modules in order to which processor calls
Make.
In one embodiment, a kind of computer equipment is provided, which can be server, internal junction
Composition can be as shown in Figure 9.The computer equipment include by system bus connect processor, memory, network interface and
Database.Wherein, the processor of the computer equipment is for providing calculating and control ability.The memory packet of the computer equipment
Include non-volatile memory medium, built-in storage.The non-volatile memory medium is stored with operating system, computer program and data
Library.The built-in storage provides environment for the operation of operating system and computer program in non-volatile memory medium.The calculating
The database of machine equipment is for storing the data that cryptographic initialization method uses.The network interface of the computer equipment is used for
It is communicated with external terminal by network connection.To realize a kind of cryptographic initialization side when the computer program is executed by processor
Method.
In one embodiment, a kind of computer equipment is provided, including memory, processor and storage are on a memory
And the computer program that can be run on a processor, processor realizes the password in above-described embodiment when executing computer program at the beginning of
Beginning method.
In one embodiment, a kind of computer readable storage medium is provided, computer program is stored thereon with, is calculated
Machine program realizes the cryptographic initialization method in above-described embodiment when being executed by processor.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the computer program can be stored in a non-volatile computer
In read/write memory medium, the computer program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein,
To any reference of memory, storage, database or other media used in each embodiment provided herein,
Including non-volatile and/or volatile memory.Nonvolatile memory may include read-only memory (ROM), programming ROM
(PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM) or flash memory.Volatile memory may include
Random access memory (RAM) or external cache.By way of illustration and not limitation, RAM is available in many forms,
Such as static state RAM (SRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate sdram (DDRSDRAM), enhancing
Type SDRAM (ESDRAM), synchronization link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM
(RDRAM), direct memory bus dynamic ram (DRDRAM) and memory bus dynamic ram (RDRAM) etc..
It is apparent to those skilled in the art that for convenience of description and succinctly, only with above-mentioned each function
Can unit, module division progress for example, in practical application, can according to need and by above-mentioned function distribution by different
Functional unit, module are completed, i.e., the internal structure of described device is divided into different functional unit or module, more than completing
The all or part of function of description.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although referring to aforementioned reality
Applying example, invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each
Technical solution documented by embodiment is modified or equivalent replacement of some of the technical features;These modification or
Person's replacement, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution should all wrap
Containing within protection scope of the present invention.
Claims (10)
1. a kind of cryptographic initialization method characterized by comprising
Receive the cryptographic initialization request that mobile terminal is sent, wherein the cryptographic initialization request includes identity type and identity
Mark;
Daily record data table corresponding with the identity is obtained, and the identity is judged according to the daily record data table
Whether behavioural information is normal;
If the behavioural information of the identity is normal, the corresponding verification condition of the identity type is obtained, and by institute
It states verification condition and is sent to the mobile terminal;
Receive the authentication information that the mobile terminal is sent according to the verification condition;
The authentication information is authenticated, authentication result is obtained;
If the authentication result is to authenticate successfully, the corresponding initial password of the identity is obtained.
2. cryptographic initialization method as described in claim 1 judges the identity mark according to the daily record data table described
After whether the behavioural information of knowledge is normal, the cryptographic initialization method further include:
If the behavioural information of the identity is abnormal, obtains the cryptographic initialization and request corresponding position letter
Breath, judges whether the location information has reasonability;
If the location information has reasonability, the corresponding user of the identity is carried out by the way of pattern-recognition
Certification;
If the certification of the pattern-recognition passes through, returns and execute the corresponding verification condition of the acquisition identity type, and
The step of sending the mobile terminal for the verification condition.
3. cryptographic initialization method as described in claim 1, it is described obtain the corresponding initial password of the identity it
Afterwards, the cryptographic initialization method further include:
It is encrypted using initial password described in preset key pair, obtains service password, the service password is sent to shifting
The key is sent to corresponding target and audits end by moved end.
4. cryptographic initialization method as claimed in claim 3, which is characterized in that described that the key is sent to corresponding mesh
Mark audit end, comprising:
It obtains the cryptographic initialization and requests corresponding location information, determine target area according to the positional information;
Obtain the corresponding location information in each default audit end in the target area;
Calculate between the corresponding location information in each default audit end location information corresponding with the identity away from
From;
End is audited using the corresponding default audit end of preset threshold distance is less than or equal in the distance as target;
The key is sent to target audit end.
5. cryptographic initialization method as claimed in claim 3, which is characterized in that it is described that key is sent to target audit end,
Include:
It obtains the cryptographic initialization and requests corresponding location information, determine target area, the mesh according to the positional information
Marking region includes interior zone and perimeter;
Obtain the corresponding location information in each default audit end in the target area;
If the default audit end in the interior zone, obtains the corresponding detailed location information in default audit end;
It calculates between the corresponding detailed location information in each default audit end location information corresponding with the identity
Distance;
End is audited using the corresponding default audit end of preset threshold distance is less than or equal in the distance as target;
The key is sent to target audit end.
6. cryptographic initialization method as described in claim 1, which is characterized in that described to recognize the authentication information
Card, obtains authentication result, comprising:
The employee is obtained from the authentication information registers cell-phone number information and identifying code;
The employee is searched in preset database and registers cell-phone number information, if there are employee notes in preset database
Volume cell-phone number information, then verify the identifying code by third party's interface, obtain the authentication result.
7. cryptographic initialization method as described in claim 1, which is characterized in that carried out described to the authentication information
Certification, after obtaining authentication result, the cryptographic initialization method further include:
If the authentication result is authentification failure, the number of authentification failure is counted, if the number of the authentification failure is not up to
Preset frequency threshold value then returns and executes the authentication information for receiving the mobile terminal and sending according to the verification condition
The step of;
If the number of the authentification failure reaches preset frequency threshold value, the identity is locked.
8. a kind of cryptographic initialization device, which is characterized in that the cryptographic initialization device includes:
Cryptographic initialization request module, for receiving the cryptographic initialization request of mobile terminal transmission, wherein at the beginning of the password
Beginningization request includes identity type and identity;
Behavioural information judgment module, for obtaining daily record data table corresponding with the identity, and according to the log number
Judge whether the behavioural information of the identity is normal according to table;
Verification condition obtains module, for when the behavioural information of the identity is normal, then obtaining the identity class
The corresponding verification condition of type, and the mobile terminal is sent by the verification condition;
Authentication information receiving module, the authentication information sent for receiving the mobile terminal according to the verification condition;
Authentication result obtains module, authenticates to the authentication information, obtains authentication result;
Initial password obtains module, for when the authentication result is to authenticate successfully, then it is corresponding to obtain the identity
Initial password.
9. a kind of computer equipment, including memory, processor and storage are in the memory and can be in the processor
The computer program of upper operation, which is characterized in that the processor realized when executing the computer program as claim 1 to
Any one of 7 cryptographic initialization methods.
10. a kind of computer readable storage medium, the computer-readable recording medium storage has computer program, and feature exists
In realization cryptographic initialization method as described in any one of claim 1 to 7 when the computer program is executed by processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910115057.9A CN109933974B (en) | 2019-02-14 | 2019-02-14 | Password initialization method, device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910115057.9A CN109933974B (en) | 2019-02-14 | 2019-02-14 | Password initialization method, device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109933974A true CN109933974A (en) | 2019-06-25 |
| CN109933974B CN109933974B (en) | 2024-06-18 |
Family
ID=66985569
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910115057.9A Active CN109933974B (en) | 2019-02-14 | 2019-02-14 | Password initialization method, device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109933974B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110807181A (en) * | 2019-11-14 | 2020-02-18 | 北京融易做科技有限公司 | Method, device and system for logging in and verifying database in enterprise |
| CN115033297A (en) * | 2022-05-16 | 2022-09-09 | 阿里巴巴(中国)有限公司 | Method and device for realizing startup and logging in cloud desktop based on one-time fingerprint touch |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2011239123A (en) * | 2010-05-10 | 2011-11-24 | Mitsubishi Electric Corp | Information processing device and encryption key management method and program |
| CN104219664A (en) * | 2013-05-31 | 2014-12-17 | 上海一键通信科技有限公司 | Identity verification method based on geographic-location coordinate information of equipment |
| KR20150123672A (en) * | 2014-04-25 | 2015-11-04 | 삼성전자주식회사 | Method of encrypting/decrypting content |
| US20160080154A1 (en) * | 2014-09-11 | 2016-03-17 | Seung-ho Lee | Method of controlling electronic device using wearable device and method of operating electronic device |
| US20160352605A1 (en) * | 2015-05-29 | 2016-12-01 | Qualcomm Incorporated | Systems and methods for distance bounding to an authenticated device |
| CN107124420A (en) * | 2017-05-10 | 2017-09-01 | 北京潘达互娱科技有限公司 | Auth method and device |
| CN107682336A (en) * | 2017-09-30 | 2018-02-09 | 北京梆梆安全科技有限公司 | A kind of auth method and device based on geographical position |
| CN107864144A (en) * | 2017-11-20 | 2018-03-30 | 珠海市魅族科技有限公司 | Obtain method and device, computer installation and the storage medium of dynamic password |
| CN107872433A (en) * | 2016-09-27 | 2018-04-03 | 腾讯科技(深圳)有限公司 | A kind of auth method and its equipment |
| CN107895239A (en) * | 2017-12-08 | 2018-04-10 | 平安科技(深圳)有限公司 | Video face dispatch work method, apparatus, equipment and readable storage medium storing program for executing |
| CN108076018A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | Identity authorization system, method, apparatus and account authentication method |
| CN108492429A (en) * | 2018-05-23 | 2018-09-04 | 上海弘目智能科技有限公司 | Double mode personal identity authentication process and system |
-
2019
- 2019-02-14 CN CN201910115057.9A patent/CN109933974B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2011239123A (en) * | 2010-05-10 | 2011-11-24 | Mitsubishi Electric Corp | Information processing device and encryption key management method and program |
| CN104219664A (en) * | 2013-05-31 | 2014-12-17 | 上海一键通信科技有限公司 | Identity verification method based on geographic-location coordinate information of equipment |
| KR20150123672A (en) * | 2014-04-25 | 2015-11-04 | 삼성전자주식회사 | Method of encrypting/decrypting content |
| US20160080154A1 (en) * | 2014-09-11 | 2016-03-17 | Seung-ho Lee | Method of controlling electronic device using wearable device and method of operating electronic device |
| US20160352605A1 (en) * | 2015-05-29 | 2016-12-01 | Qualcomm Incorporated | Systems and methods for distance bounding to an authenticated device |
| CN107872433A (en) * | 2016-09-27 | 2018-04-03 | 腾讯科技(深圳)有限公司 | A kind of auth method and its equipment |
| CN108076018A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | Identity authorization system, method, apparatus and account authentication method |
| CN107124420A (en) * | 2017-05-10 | 2017-09-01 | 北京潘达互娱科技有限公司 | Auth method and device |
| CN107682336A (en) * | 2017-09-30 | 2018-02-09 | 北京梆梆安全科技有限公司 | A kind of auth method and device based on geographical position |
| CN107864144A (en) * | 2017-11-20 | 2018-03-30 | 珠海市魅族科技有限公司 | Obtain method and device, computer installation and the storage medium of dynamic password |
| CN107895239A (en) * | 2017-12-08 | 2018-04-10 | 平安科技(深圳)有限公司 | Video face dispatch work method, apparatus, equipment and readable storage medium storing program for executing |
| CN108492429A (en) * | 2018-05-23 | 2018-09-04 | 上海弘目智能科技有限公司 | Double mode personal identity authentication process and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110807181A (en) * | 2019-11-14 | 2020-02-18 | 北京融易做科技有限公司 | Method, device and system for logging in and verifying database in enterprise |
| CN115033297A (en) * | 2022-05-16 | 2022-09-09 | 阿里巴巴(中国)有限公司 | Method and device for realizing startup and logging in cloud desktop based on one-time fingerprint touch |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109933974B (en) | 2024-06-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108989346B (en) | Third-party valid identity escrow agile authentication access method based on account hiding | |
| US8041954B2 (en) | Method and system for providing a secure login solution using one-time passwords | |
| US10491588B2 (en) | Local and remote access apparatus and system for password storage and management | |
| KR101589192B1 (en) | Identity authentication and management device and method thereof | |
| US20170109751A1 (en) | System and method for carrying strong authentication events over different channels | |
| CN110401655A (en) | Access control right management system based on user and role | |
| US20080184349A1 (en) | System and method for identity consolidation | |
| CN109325342A (en) | Identity information management method, apparatus, computer equipment and storage medium | |
| CN107733861A (en) | It is a kind of based on enterprise-level intranet and extranet environment without password login implementation method | |
| CN102664903A (en) | Network user identifying method and system | |
| WO2014135409A1 (en) | Computer implemented multi-factor authentication | |
| CN101714918A (en) | Safety system for logging in VPN and safety method for logging in VPN | |
| SG178726A1 (en) | Method and system for generating digital fingerprint | |
| CN109034816A (en) | User information verification method, device, computer equipment and storage medium | |
| CN104469736B (en) | A kind of data processing method, server and terminal | |
| CN109831310A (en) | A kind of auth method, system and relevant apparatus | |
| CN110995661B (en) | Network card platform | |
| US20120066750A1 (en) | User authentication and provisioning method and system | |
| CN109933974A (en) | Cryptographic initialization method, apparatus, computer equipment and storage medium | |
| CN111161454A (en) | Intelligent lock safety networking and control method | |
| KR101996317B1 (en) | Block chain based user authentication system using authentication variable and method thereof | |
| JP4643313B2 (en) | Relief method when biometric authentication is impossible for client / server system with biometric authentication function | |
| CN117376000A (en) | Block chain-based data processing method, device, equipment and storage medium | |
| CA2611549C (en) | Method and system for providing a secure login solution using one-time passwords | |
| KR20160116660A (en) | Phone number security certification apparatus using qr code and system thereof and metrhod thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |