CN109995774A - Cipher key authentication method, system, equipment and storage medium based on part decryption - Google Patents
Cipher key authentication method, system, equipment and storage medium based on part decryption Download PDFInfo
- Publication number
- CN109995774A CN109995774A CN201910223236.4A CN201910223236A CN109995774A CN 109995774 A CN109995774 A CN 109995774A CN 201910223236 A CN201910223236 A CN 201910223236A CN 109995774 A CN109995774 A CN 109995774A
- Authority
- CN
- China
- Prior art keywords
- authorization
- client
- configuration information
- access request
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Abstract
The present invention provides cipher key authentication method, system, equipment and storage mediums based on part decryption, wherein, authentication method includes: to receive the authorization requests of at least client transmission, the authorization message and authorization configuration information of corresponding client are generated, and authorization configuration information is sent to client;Receive the access request of client transmission, access request is encrypted after being merged by authorization configuration information and transmission information and is obtained, after only the authorization configuration information being encrypted in access request is decrypted, and keep the encrypted state of transmission information, it is authenticated in conjunction with authorization message, authenticates and successfully then business service corresponding with access request is called to access for client.The present invention can be avoided artificial operation, enhance the stability of system, and by way of by authorization configuration information and the decryption of transmission information strange land, further ensures the safety of information transmission, decrease the workload of authentication device.
Description
Technical field
The present invention relates to key authentication fields, specifically, be related to based on part decryption cipher key authentication method, system,
Equipment and storage medium.
Background technique
It is Internet era now, can all has interaction regardless of system, all there can be data transmitting when interactive, wrap
Include the transmission of sensitive data.When each system mutually transmits, needed to configure between system and system corresponding key and
Sensitive data, which will also be encrypted, to be prevented from revealing.Every time in raw cloth production, server will be gone artificially to go typing by hand for the first time
Key specifies the corresponding relationship of each system, and such manual operation will lead to many problems, corresponding relationship configuration error will affect
The interaction of system can seriously affect the operating condition of system, cause to produce the Resolving probiems big influence of bring tool not in time.
Therefore, the present invention provides a kind of cipher key authentication method, system, equipment and storage mediums based on part decryption.
Summary of the invention
For the problems of the prior art, the purpose of the present invention is to provide based on part decryption cipher key authentication method,
System, equipment and storage medium can be avoided artificial operation, enhance the stability of system, and match by that will authorize
The mode of confidence breath and the decryption of transmission information strange land, further ensures the safety of information transmission, decreases authentication device
Workload.
The embodiment of the present invention provides a kind of cipher key authentication method based on part decryption, is applied to mobile terminal, including
Following steps:
The authorization requests of at least client transmission are received, the authorization message and authorization for generating the corresponding client are matched
Confidence breath, and the authorization configuration information is sent to the client;
The access request that the client is sent is received, the access request is by the authorization configuration information and transmission information
Encryption obtains after merging, after only the authorization configuration information being encrypted in access request is decrypted, and the transmission is kept to believe
The encrypted state of breath;And
It is authenticated in conjunction with the authorization message, authenticates and successfully then call described in business service confession corresponding with access request
Client access.
Optionally, it is authenticated according to authorization configuration information in conjunction with the authorization message, if authenticating successfully, by access request
It is sent to service server, it is described that business service corresponding with access request in the service server is called to supply the client
Access.
Optionally, it is authenticated according to authorization configuration information in conjunction with the authorization message, if failed authentication, described in refusal
Access request.
Optionally, the type for calling the business service includes reading data, in write-in data and deletion data at least
One.
Optionally, the authorization configuration information includes the key of cipher mode and the corresponding cipher mode, and the access is asked
It asks after being merged by the authorization configuration information and transmission information by being obtained after the cipher mode and key encryption.
Optionally, the authorization message is stored, and establishes the mapping relations of the authorization message Yu the client.
Optionally, the authorization message is stored, the client stores the authorization configuration information.
Optionally, according to by the transmission information after service server decryption, corresponding business service is called to supply
The client access.
The embodiment of the present invention also provide it is a kind of based on part decryption key authentication system, for realizing it is above-mentioned based on
The cipher key authentication method of part decryption, comprising:
Authentication module receives the authorization requests of at least client transmission, generates the authorization message of the corresponding client
And authorization configuration information, and the authorization configuration information is sent to the client;
Deciphering module receives the access request that the client is sent, and the access request is by the authorization configuration information
It encrypts and obtains after merging with transmission information, after only the authorization configuration information being encrypted in access request is decrypted, and keep
The encrypted state of the transmission information;And
Authentication module is authenticated in conjunction with the authorization message, is authenticated and is successfully then called business corresponding with access request
Service is accessed for the client.
The embodiment of the present invention also provides a kind of key authentication equipment based on part decryption, comprising:
Processor;
Memory, wherein being stored with the executable instruction of the processor;
Wherein, the processor is configured to execute via the executable instruction is executed above-mentioned based on the close of part decryption
The step of key authentication method.
The embodiment of the present invention also provides a kind of computer readable storage medium, and for storing program, described program is held
The step of above-mentioned cipher key authentication method based on part decryption is realized when row.
Cipher key authentication method, system, equipment and storage medium based on part decryption of the invention can be avoided artificial
Operation, the stability of system is enhanced, and by way of by authorization configuration information and the decryption of transmission information strange land, into one
Step ensure that the safety of information transmission, decrease the workload of authentication device.
Detailed description of the invention
Upon reading the detailed description of non-limiting embodiments with reference to the following drawings, other feature of the invention,
Objects and advantages will become more apparent upon.
Fig. 1 is the flow chart of the cipher key authentication method of the invention based on part decryption;
Fig. 2 is the timing flow chart of the cipher key authentication method of the invention based on part decryption;
Fig. 3 is a kind of mode for implementing the cipher key authentication method of the invention based on part decryption;
Fig. 4 is a kind of timing flow chart for implementing the cipher key authentication method of the invention based on part decryption;
Fig. 5 is the configuration diagram of the key authentication system of the invention based on part decryption;
Fig. 6 is the structural schematic diagram of the key authentication equipment of the invention based on part decryption;And
Fig. 7 is the structural schematic diagram of the computer readable storage medium of one embodiment of the invention.
Specific embodiment
Example embodiment is described more fully with reference to the drawings.However, example embodiment can be with a variety of shapes
Formula is implemented, and is not understood as limited to embodiment set forth herein.On the contrary, thesing embodiments are provided so that the present invention will
Fully and completely, and by the design of example embodiment comprehensively it is communicated to those skilled in the art.It is identical attached in figure
Icon note indicates same or similar structure, thus will omit repetition thereof.
Fig. 1 is the flow chart of the cipher key authentication method of the invention based on part decryption.As shown in Figure 1, base of the invention
In the cipher key authentication method of part decryption, it is applied to server, comprising the following steps:
Server receives the authorization requests of at least client transmission, generates the authorization message and authorization of corresponding client
Configuration information, and authorization configuration information is sent to client.
Server receives the access request of client transmission, after access request is merged by authorization configuration information and transmission information
Encryption obtains, and after only the authorization configuration information being encrypted in access request is decrypted, and keeps the encryption shape of transmission information
State.And
Server combination authorization message is authenticated, and is authenticated and is successfully then called business service corresponding with access request for visitor
The access of family end.After the present invention is only decrypted authorization configuration information, without transmission information is decrypted, to ensure that biography
Defeated information, by meaningless leakage, ensure that the safety of information transmission not in authentication process.
In one alternate embodiment, server is authenticated according to authorization configuration information combination authorization message, if authentication
Access request is sent service server by success, and business service corresponding with access request is for visitor in calling service server
The access of family end.
In one alternate embodiment, server is authenticated according to authorization configuration information combination authorization message, if authentication
Failure, then denied access is requested.
In one alternate embodiment, the type of server calls business service includes reading (read) data, write-in
(write) at least one in data and deletion (delete) data, but not limited to this.
In one alternate embodiment, authorization configuration information includes the key of cipher mode and the corresponding cipher mode, is visited
Ask request by obtaining after passing through cipher mode and key encryption after authorization configuration information and transmission information merging.
In one alternate embodiment, server stores authorization message, and the mapping for establishing authorization message and client is closed
System.
In one alternate embodiment, client stores authorization configuration information, so as in subsequent authentication, by awarding for storage
Power information is compared with authorization configuration information, time limit authentication functions.
In one alternate embodiment, it according to by the transmission information after service server decryption, calls and corresponds to
Business service for the client access.It can know that specific access object since information must be transmitted, authenticating successfully
After, service server can just be decrypted the transmission information in access request, and the transmission information tune obtained according to decryption
Client access is supplied to corresponding business service, and by business service.
The present invention is in authentication process, after only authorization configuration information is decrypted, without transmission information is decrypted,
To ensure that transmission information is not leaked in authentication process, pass through decrypt authorization configuration information and transmission information strange land
Mode controls the privacy degrees of transmission information to the maximum extent, ensure that the safety of information transmission.
Fig. 2 is the timing flow chart of the cipher key authentication method of the invention based on part decryption.As shown in Fig. 2, in this reality
It applies in example, the timing process of the data management-control method of the invention based on user right is as follows:
S201, authentication device receive the authorization requests of at least client transmission.Server receives the visitor in a mobile phone
The authorization requests that family end is sent.
S202, authentication device generate the authorization message and authorization configuration information of corresponding client.After receiving authorization requests,
Server generates the authorization message of client and authorization configuration information in corresponding mobile phone.Authorization configuration information includes encryption side
The key of formula and the corresponding cipher mode, access request merged by authorization configuration information and transmission information after by cipher mode and
It is obtained after key encryption.Server stores authorization message, and establishes the mapping relations of authorization message and client.S203, certification
Authorization configuration information is sent to client by device.Server sends authorization configuration information to the client in mobile phone.
S204, client store the authorization configuration information received.The authorization that client storage in mobile phone receives is matched
Confidence breath
S205, client encrypt after merging authorization configuration information and transmission information obtains access request.Access request by
Authorization configuration information and transmission information are encrypted after merging and are obtained.
Access request is sent authentication device by S206, client.Encrypted access request is sent after mobile phone will merge
To server.
S207, authentication device are only decrypted the authorization configuration information being encrypted in access request.Server is only to visit
After asking that the authorization configuration information being encrypted in request is decrypted, and keep the encrypted state of transmission information.The present invention is only to awarding
After power configuration information is decrypted, without transmission information is decrypted, to ensure that transmission information not in authentication process
By meaningless leakage, the safety of information transmission ensure that.
S208, authentication device combination authorization message authenticate authorization configuration information.Server can match according to authorization
Confidence breath combines authorization message to be authenticated.
If S209, authenticating successfully, send service server for access request, call in service server with access request
Corresponding business service is accessed for client.The transmission information in access request is decrypted in service server, according to decryption
Transmission information afterwards calls corresponding business service to access for client.If authenticating successfully, server receives cell phone client
Access request, call service server in business service corresponding with access request in mobile phone client access.
If S210, failed authentication, the request of authentication device denied access, but not limited to this.If failed authentication services
The access request of device rejection cell phone client.
Cipher key authentication method based on part decryption of the invention can be avoided artificial operation, enhance the steady of system
It is qualitative, and by way of by authorization configuration information and the decryption of transmission information strange land, further ensure the peace of information transmission
Quan Xing decreases the workload of authentication device.
Fig. 3 is a kind of mode for implementing the cipher key authentication method of the invention based on part decryption.As shown in figure 3, this hair
The bright cipher key authentication method based on part decryption can also carry out in the following manner, include interface the distribution server and more
A system server.Interface the distribution server read from configuration file the service to be accessed correspond to configuration information and with to transmit
Information merge, then the information to be transmitted is encrypted by encryption technology.It is between system server plus a intermediate automatic
Decryption portion data and the service for being distributed to corresponding server, interface the distribution server interface automatic butt are distributed authentication key side
Method and realization access.Wherein, interface the distribution server configures each server and corresponds to configuration information.It is one of initiate access be
System server merges and is encrypted with interactive information after reading configuration information, and is sent to interface the distribution server.Interface point
Automatically the service of distribution is decrypted partial information and connects corresponding accessed system server hair server calls.Interface distribution
Server use is connected remotely to access server and obtains respective encrypted information.Interface the distribution server calls automatic distribution service
Partial information is decrypted and whether Auto-matching and decryption information before are consistent.If unanimously carrying out information connection transmission, hair
Play the service of the accessible accessed system server of system server of access.Since with automatic interface assignment of the invention
After this service, artificial participation is just eliminated, efficiency of the practice is increased.
Fig. 4 is a kind of timing flow chart for implementing the cipher key authentication method of the invention based on part decryption.Such as Fig. 4 institute
Show, another implementation process of the cipher key authentication method of the invention based on part decryption is as follows:
301, developer carries out configuring the information of corresponding access system in database, saves database configuration information
302, reading database configuration information is incorporated as access information with to transmit information encryption.
303, using network transmission calling interface, the service of distributing automatically carries out partial information decryption, only in access information
Database configuration information is decrypted, and individually obtains database configuration information, without information to be transmitted is decrypted, guarantees to want
Transmission information is still unknowable in this step, to strengthen the confidentiality of information to be transmitted.
304, the corresponding service information after decrypting is obtained to match the server to be accessed, and is matched by the database after decryption
Confidence ceases to search the server to be accessed.
305, the encryption information of access server and decryption are obtained, after authenticating successfully, to not decrypting also for access information
Transmission information be decrypted.
306, information carries out matching and loads key after two decryption of automatic progress.By to the data decrypted completely
It library configuration information and to transmit information and matched, and load association key.
307, successful match is transmitted.It, can be with if the key of load is consistent with the preset-key of server is accessed
Transmission channel is established, is transmitted.
Fig. 5 is the configuration diagram of the key authentication system 10 of the invention based on part decryption.As shown in figure 5, this hair
Bright embodiment also provide it is a kind of based on part decryption key authentication system 10, for realizing it is above-mentioned based on part decryption
Cipher key authentication method, the key authentication system 10 based on part decryption include:
Authentication module 101 receives the authorization requests of at least client transmission, generate the authorization message of corresponding client with
And authorization configuration information, and authorization configuration information is sent to client.
Deciphering module 102 receives the access request of client transmission, and access request is by authorization configuration information and transmission information
Encryption obtains after merging, after only the authorization configuration information being encrypted in access request is decrypted, and keeps transmission information
Encrypted state.
Authentication module 103, is authenticated in conjunction with authorization message, is authenticated and is successfully then called service server 2 and access request
Corresponding business service is accessed for client.
Key authentication system 10 based on part decryption of the invention is in authentication process, and deciphering module 102 is only to authorization
After configuration information is decrypted, without transmission information is decrypted, to ensure that the transmission information not quilt in authentication process
Leakage (is not decrypted module 102 to be decrypted), and after authentication module 103 authenticates successfully, service server 2 just can be to access
Transmission information in request is decrypted, and calls corresponding business service according to the obtained transmission information of decryption, and by business
Service is supplied to client access.The present invention is by way of by authorization configuration information and the decryption of transmission information strange land, maximum limit
The privacy degrees for controlling to degree transmission information, ensure that the safety of information transmission.
The embodiment of the present invention also provides a kind of key authentication equipment based on part decryption, including processor.Memory,
In be stored with the executable instruction of processor.Wherein, processor is configured to be performed via execution executable instruction based on portion
The step of decomposing close cipher key authentication method.
As it appears from the above, the embodiment can be avoided artificial operation, the stability of system is enhanced, and by that will award
It weighs configuration information and transmits the mode of information strange land decryption, further ensure the safety of information transmission, decrease certification
The workload of device.
Person of ordinary skill in the field it is understood that various aspects of the invention can be implemented as system, method or
Program product.Therefore, various aspects of the invention can be embodied in the following forms, it may be assumed that complete hardware embodiment, complete
The embodiment combined in terms of full Software Implementation (including firmware, microcode etc.) or hardware and software, can unite here
Referred to as " circuit ", " module " or " platform ".
Fig. 6 is the structural schematic diagram of the key authentication equipment of the invention based on part decryption.It is described referring to Fig. 6
The electronic equipment 600 of this embodiment according to the present invention.The electronic equipment 600 that Fig. 6 is shown is only an example, is not answered
Any restrictions are brought to the function and use scope of the embodiment of the present invention.
As shown in fig. 6, electronic equipment 600 is showed in the form of universal computing device.The component of electronic equipment 600 can be with
Including but not limited to: at least one processing unit 610, at least one storage unit 620, connection different platform component (including are deposited
Storage unit 620 and processing unit 610) bus 630, display unit 640 etc..
Wherein, storage unit is stored with program code, and program code can be executed with unit 610 processed, so that processing is single
Member 610 executes various exemplary implementations according to the present invention described in this specification above-mentioned electronic prescription circulation processing method part
The step of mode.For example, processing unit 610 can execute step as shown in fig. 1.
Storage unit 620 may include the readable medium of volatile memory cell form, such as Random Access Storage Unit
(RAM) 6201 and/or cache memory unit 6202, it can further include read-only memory unit (ROM) 6203.
Storage unit 620 can also include program/utility with one group of (at least one) program module 6205
6204, such program module 6205 includes but is not limited to: operating system, one or more application program, other program moulds
It may include the realization of network environment in block and program data, each of these examples or certain combination.
Bus 630 can be to indicate one of a few class bus structures or a variety of, including storage unit bus or storage
Cell controller, peripheral bus, graphics acceleration port, processing unit use any bus structures in a variety of bus structures
Local bus.
Electronic equipment 600 can also be with one or more external equipments 700 (such as keyboard, sensing equipment, bluetooth equipment
Deng) communication, can also be enabled a user to one or more equipment interact with the electronic equipment 600 communicate, and/or with make
The electronic equipment 600 any equipment (such as the router, modulatedemodulate that can be communicated with one or more of the other calculating equipment
Adjust device etc.) communication.This communication can be carried out by input/output (I/O) interface 650.Also, electronic equipment 600 may be used also
To pass through network adapter 660 and one or more network (such as local area network (LAN), wide area network (WAN) and/or public network
Network, such as internet) communication.Network adapter 660 can be communicated by bus 630 with other modules of electronic equipment 600.It answers
When understanding, although not shown in the drawings, other hardware and/or software module can be used in conjunction with electronic equipment 600, including but unlimited
In: microcode, device driver, redundant processing unit, external disk drive array, RAID system, tape drive and number
According to backup storage platform etc..
The embodiment of the present invention also provides a kind of computer readable storage medium, and for storing program, program is performed reality
The step of existing cipher key authentication method based on part decryption.In some possible embodiments, various aspects of the invention
It is also implemented as a kind of form of program product comprising program code, when program product is run on the terminal device, journey
Sequence code is for executing terminal device described in this specification above-mentioned electronic prescription circulation processing method part according to this hair
The step of bright various illustrative embodiments.
As it appears from the above, the embodiment can be avoided artificial operation, the stability of system is enhanced, and by that will award
It weighs configuration information and transmits the mode of information strange land decryption, further ensure the safety of information transmission, decrease certification
The workload of device.
Fig. 7 is the structural schematic diagram of computer readable storage medium of the invention.Refering to what is shown in Fig. 7, describing according to this
The program product 800 for realizing the above method of the embodiment of invention can use the read-only storage of portable compact disc
Device (CD-ROM) and including program code, and can be run on terminal device, such as PC.However, journey of the invention
Sequence product is without being limited thereto, and in this document, readable storage medium storing program for executing can be any tangible medium for including or store program, the journey
Sequence can be commanded execution system, device or device use or in connection.
Program product can be using any combination of one or more readable mediums.Readable medium can be readable signal Jie
Matter or readable storage medium storing program for executing.Readable storage medium storing program for executing for example can be but be not limited to electricity, magnetic, optical, electromagnetic, infrared ray or partly lead
System, device or the device of body, or any above combination.More specific example (the non exhaustive column of readable storage medium storing program for executing
Table) it include: the electrical connection with one or more conducting wires, portable disc, hard disk, random access memory (RAM), read-only storage
Device (ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc read only memory (CD-
ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.
Computer readable storage medium may include in a base band or as carrier wave a part propagate data-signal,
In carry readable program code.The data-signal of this propagation can take various forms, including but not limited to electromagnetic signal,
Optical signal or above-mentioned any appropriate combination.Readable storage medium storing program for executing can also be any readable Jie other than readable storage medium storing program for executing
Matter, the readable medium can send, propagate or transmit for by instruction execution system, device or device use or and its
The program of combined use.The program code for including on readable storage medium storing program for executing can transmit with any suitable medium, including but not
It is limited to wireless, wired, optical cable, RF etc. or above-mentioned any appropriate combination.
The program for executing operation of the present invention can be write with any combination of one or more programming languages
Code, programming language include object oriented program language-Java, C++ etc., further include conventional process
Formula programming language-such as " C " language or similar programming language.Program code can be calculated fully in user
It executes in equipment, partly execute on a user device, executing, as an independent software package partially in user calculating equipment
Upper part executes on a remote computing or executes in remote computing device or server completely.It is being related to remotely counting
In the situation for calculating equipment, remote computing device can pass through the network of any kind, including local area network (LAN) or wide area network
(WAN), it is connected to user calculating equipment, or, it may be connected to external computing device (such as utilize ISP
To be connected by internet).
To sum up, the purpose of the present invention is to provide cipher key authentication method, system, equipment and storages based on part decryption to be situated between
Matter can be avoided artificial operation, enhance the stability of system, and by the way that authorization configuration information and transmission information is different
The mode of ground decryption, further ensures the safety of information transmission, decreases the workload of authentication device.
The above content is a further detailed description of the present invention in conjunction with specific preferred embodiments, and it cannot be said that
Specific implementation of the invention is only limited to these instructions.For those of ordinary skill in the art to which the present invention belongs, exist
Under the premise of not departing from present inventive concept, a number of simple deductions or replacements can also be made, all shall be regarded as belonging to of the invention
Protection scope.
Claims (10)
1. a kind of cipher key authentication method based on part decryption, which comprises the following steps:
The authorization requests of at least client transmission are received, the authorization message and authorization configuration letter of the corresponding client are generated
Breath, and the authorization configuration information is sent to the client;
The access request that the client is sent is received, the access request is merged by the authorization configuration information and transmission information
Encryption obtains afterwards, after only the authorization configuration information being encrypted in access request is decrypted, and keeps the transmission information
Encrypted state;And
It is authenticated in conjunction with the authorization message, authenticates and successfully then call business service corresponding with access request for the client
End access.
2. the cipher key authentication method as described in claim 1 based on part decryption, it is characterised in that: according to authorization configuration information
It is authenticated in conjunction with the authorization message, if authenticating successfully, sends service server for access request, the business is called to take
Business service corresponding with access request in device of being engaged in is accessed for the client.
3. the cipher key authentication method as described in claim 1 based on part decryption, it is characterised in that: according to authorization configuration information
It is authenticated in conjunction with the authorization message, if failed authentication, refuses the access request.
4. the cipher key authentication method as described in claim 1 based on part decryption, it is characterised in that: call the business service
Type include read data, write-in data and delete data at least one of.
5. the cipher key authentication method as described in claim 1 based on part decryption, it is characterised in that: the authorization configuration information
Key including cipher mode and the corresponding cipher mode, the access request are closed by the authorization configuration information and transmission information
And afterwards by being obtained after the cipher mode and key encryption.
6. the cipher key authentication method as described in claim 1 based on part decryption, it is characterised in that: the storage authorization letter
Breath, and establish the mapping relations of the authorization message Yu the client.
7. the cipher key authentication method as claimed in claim 2 based on part decryption, it is characterised in that: taken according to by the business
The transmission information after business device decryption, calls corresponding business service to access for the client.
8. a kind of key authentication system based on part decryption characterized by comprising
Authentication module receives the authorization requests of at least client transmission, generate the corresponding client authorization message and
Authorization configuration information, and the authorization configuration information is sent to the client;
Deciphering module receives the access request that the client is sent, and the access request is by the authorization configuration information and biography
Defeated information is encrypted after merging and is obtained, after only the authorization configuration information being encrypted in access request is decrypted, and described in holding
Transmit the encrypted state of information;And
Authentication module is authenticated in conjunction with the authorization message, is authenticated and is successfully then called business service corresponding with access request
It is accessed for the client.
9. a kind of key authentication equipment based on part decryption characterized by comprising
Processor;
Memory, wherein being stored with the executable instruction of the processor;
Wherein, the processor is configured to come any one of perform claim requirement 1 to 7 institute via the execution executable instruction
The step of stating the cipher key authentication method based on part decryption.
10. a kind of computer readable storage medium, for storing program, which is characterized in that described program is performed realization power
Benefit require any one of 1 to 7 described in based on part decryption cipher key authentication method the step of.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910223236.4A CN109995774B (en) | 2019-03-22 | 2019-03-22 | Key authentication method, system, device and storage medium based on partial decryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910223236.4A CN109995774B (en) | 2019-03-22 | 2019-03-22 | Key authentication method, system, device and storage medium based on partial decryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109995774A true CN109995774A (en) | 2019-07-09 |
| CN109995774B CN109995774B (en) | 2021-10-08 |
Family
ID=67130921
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910223236.4A Active CN109995774B (en) | 2019-03-22 | 2019-03-22 | Key authentication method, system, device and storage medium based on partial decryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109995774B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112579998A (en) * | 2019-09-30 | 2021-03-30 | 北京京东尚科信息技术有限公司 | Webpage access method, management system and electronic equipment in information interaction platform |
| CN113779598A (en) * | 2021-08-27 | 2021-12-10 | 北京达佳互联信息技术有限公司 | Data processing method, device, server and storage medium |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030084304A1 (en) * | 2001-10-26 | 2003-05-01 | Henry Hon | System and method for validating a network session |
| CN102436830A (en) * | 2011-08-31 | 2012-05-02 | 武汉光谷高清科技发展有限公司 | Internet connection sharing (ICS) authentication system and authentication method thereof |
| CN103345609A (en) * | 2013-06-06 | 2013-10-09 | 深圳市大成天下信息技术有限公司 | Method and device for text encryption and decryption |
| CN103701611A (en) * | 2013-12-30 | 2014-04-02 | 天地融科技股份有限公司 | Method for accessing and uploading data in data storage system |
| CN106534176A (en) * | 2016-12-08 | 2017-03-22 | 西安交大捷普网络科技有限公司 | Data safety storage method in cloud environment |
| CN107277017A (en) * | 2017-06-22 | 2017-10-20 | 北京洋浦伟业科技发展有限公司 | Purview certification method, apparatus and system based on encryption key and device-fingerprint |
| CN108900479A (en) * | 2018-06-12 | 2018-11-27 | 泰康保险集团股份有限公司 | Short message verification code acquisition methods and device |
| CN109194673A (en) * | 2018-09-20 | 2019-01-11 | 江苏满运软件科技有限公司 | Authentication method, system, equipment and storage medium based on authorized user message |
| CN109218307A (en) * | 2018-09-13 | 2019-01-15 | 中通国脉物联科技南京有限公司 | A kind of method of client identity certification |
| CN109274653A (en) * | 2018-08-31 | 2019-01-25 | 江苏满运软件科技有限公司 | Data management-control method, system, equipment and storage medium based on user right |
| CN109409133A (en) * | 2018-11-12 | 2019-03-01 | 泰康保险集团股份有限公司 | Call method, device and electronic equipment |
-
2019
- 2019-03-22 CN CN201910223236.4A patent/CN109995774B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030084304A1 (en) * | 2001-10-26 | 2003-05-01 | Henry Hon | System and method for validating a network session |
| CN102436830A (en) * | 2011-08-31 | 2012-05-02 | 武汉光谷高清科技发展有限公司 | Internet connection sharing (ICS) authentication system and authentication method thereof |
| CN103345609A (en) * | 2013-06-06 | 2013-10-09 | 深圳市大成天下信息技术有限公司 | Method and device for text encryption and decryption |
| CN103701611A (en) * | 2013-12-30 | 2014-04-02 | 天地融科技股份有限公司 | Method for accessing and uploading data in data storage system |
| CN106534176A (en) * | 2016-12-08 | 2017-03-22 | 西安交大捷普网络科技有限公司 | Data safety storage method in cloud environment |
| CN107277017A (en) * | 2017-06-22 | 2017-10-20 | 北京洋浦伟业科技发展有限公司 | Purview certification method, apparatus and system based on encryption key and device-fingerprint |
| CN108900479A (en) * | 2018-06-12 | 2018-11-27 | 泰康保险集团股份有限公司 | Short message verification code acquisition methods and device |
| CN109274653A (en) * | 2018-08-31 | 2019-01-25 | 江苏满运软件科技有限公司 | Data management-control method, system, equipment and storage medium based on user right |
| CN109218307A (en) * | 2018-09-13 | 2019-01-15 | 中通国脉物联科技南京有限公司 | A kind of method of client identity certification |
| CN109194673A (en) * | 2018-09-20 | 2019-01-11 | 江苏满运软件科技有限公司 | Authentication method, system, equipment and storage medium based on authorized user message |
| CN109409133A (en) * | 2018-11-12 | 2019-03-01 | 泰康保险集团股份有限公司 | Call method, device and electronic equipment |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112579998A (en) * | 2019-09-30 | 2021-03-30 | 北京京东尚科信息技术有限公司 | Webpage access method, management system and electronic equipment in information interaction platform |
| CN112579998B (en) * | 2019-09-30 | 2023-09-26 | 北京京东尚科信息技术有限公司 | Webpage access method, management system and electronic equipment in information interaction platform |
| CN113779598A (en) * | 2021-08-27 | 2021-12-10 | 北京达佳互联信息技术有限公司 | Data processing method, device, server and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109995774B (en) | 2021-10-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10277591B2 (en) | Protection and verification of user authentication credentials against server compromise | |
| US10412061B2 (en) | Method and system for encrypted communications | |
| EP3916604A1 (en) | Method and apparatus for processing privacy data of block chain, device, storage medium and coputer program product | |
| JP6335280B2 (en) | User and device authentication in enterprise systems | |
| CN109194673A (en) | Authentication method, system, equipment and storage medium based on authorized user message | |
| CN109587101B (en) | Digital certificate management method, device and storage medium | |
| CN108566381A (en) | A kind of security upgrading method, device, server, equipment and medium | |
| US20130232336A1 (en) | Method and system for user authentication for computing devices utilizing pki and other user credentials | |
| CN112039826B (en) | Login method and device applied to applet end, electronic equipment and readable medium | |
| CN111737366A (en) | Private data processing method, device, equipment and storage medium of block chain | |
| CN109274653A (en) | Data management-control method, system, equipment and storage medium based on user right | |
| US11750590B2 (en) | Single sign-on (SSO) user techniques using client side encryption and decryption | |
| US11652640B2 (en) | Systems and methods for out-of-band authenticity verification of mobile applications | |
| CN113422679B (en) | Key generation method, device and system, encryption method, electronic device and computer readable storage medium | |
| CN109995774A (en) | Cipher key authentication method, system, equipment and storage medium based on part decryption | |
| CN114240347A (en) | Business service secure docking method and device, computer equipment and storage medium | |
| US20210216620A1 (en) | System, method, and computer-readable recording medium of creating, accessing, and recovering a user account with single sign on password hidden authentication | |
| CN109711178A (en) | A kind of storage method of key-value pair, device, equipment and storage medium | |
| CN112687363A (en) | Health code public service method and platform | |
| US10756899B2 (en) | Access to software applications | |
| US20220217000A1 (en) | Attribute-based encryption keys as key material for key-hash message authentication code user authentication and authorization | |
| CN110493236B (en) | Communication method, computer equipment and storage medium | |
| US10313315B2 (en) | Ensuring information security in data transfers by utilizing proximity keys | |
| US20230224713A1 (en) | Systems and methods for authenticating a subscriber within the network core | |
| JP2018073052A (en) | Device management system, management object device, device management server, control method, and control program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |