CN110032414A - Apparatus and method for secure user authentication in remote console mode - Google Patents
Apparatus and method for secure user authentication in remote console mode Download PDFInfo
- Publication number
- CN110032414A CN110032414A CN201910169027.6A CN201910169027A CN110032414A CN 110032414 A CN110032414 A CN 110032414A CN 201910169027 A CN201910169027 A CN 201910169027A CN 110032414 A CN110032414 A CN 110032414A
- Authority
- CN
- China
- Prior art keywords
- user
- change
- information processing
- processing unit
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/451—Execution arrangements for user interfaces
- G06F9/452—Remote windowing, e.g. X-Window System, desktop virtualisation
Abstract
A method for authenticating a user of an information processing apparatus before applying a change to a setting of the information processing apparatus is disclosed. The user is the party that initiates the change. The method includes the steps of determining whether a user is judged to be safe; if the user is determined to be safe, creating a flag for the change before applying the change; if the flag of the change is found, the change is applied to the setting of the information processing apparatus. The present invention provides a simple and effective solution for authenticating users and providing them with different access rights/roles when changing settings of an information processing apparatus.
Description
Technical field
The present invention relates to the remote accesses for calculating equipment, more particularly to calculate with change and recognize needed for the setting of equipment
Remote operation in the calculating equipment of card.
Background technique
Nowadays, some information processing units provide local operation mode and long-range (virtual) operation mode.For example, general
Server there is local console (display) and local keyboard/mouse, and also there is support remote console and key
The long-range KVM of disk/mouse (virtual machine based on kernel).In addition, Modern server provides remote control function, such as remotely
Check the video with graphics resolution and remotely accessed using dummy keyboard/mouse, and some servers support from
Multiple client accesses long-range KVM simultaneously.
On the other hand, the information processing unit of such as server has security setting in the firmware of information processing unit,
Enable or disable onboard safety chip (for example, credible platform module-TPM), enable and disable clean boot etc..For
It supports information processing unit and fully controls local the console even user of information processing unit hardware, they should have
Full access right.However, due to attempting to carry out operation information processing unit using remote console and remote keyboard/mouse
The access that remote user can be carried out, this results in security risks because and not all remote user should all be allowed to change
Each setting in information processing unit, especially security setting.Some users with long-range KVM access authority even can
Secret security setting can be changed using other people statement.
Summary of the invention
Therefore, it is necessary to control the access of at least some settings of the remote user to information processing unit.
In one aspect, the present invention provides a kind of for before it will change the setting applied to information processing unit
The method of the user of authentication information processing unit.User is the side for initiating change.This method includes to determine whether user is safe
The step of;It is change creation mark before application change if user security;It, will if finding the mark of the change
The change is applied to the setting of information processing unit.
On the other hand, the present invention provides a kind of information processing units comprising primary processor and is equipped with processor
Mainboard.If user security, firmware is suitable for mark of the creation for change before application change.If can find
For the mark of change, then firmware is further adapted for that change is then applied to the setting of information processing unit.
Therefore, the present invention provides simple but safe for the key safety setting that remote user changes information processing unit
Solution.All operations are all transparent to remote user, once and they start to operate on remote console,
Access authority/the role that can may be had according to user automatically provides a user Virtual User input equipment appropriate.
Then, the user with enough permissions can change the security setting of information processing unit, without the user of enough permissions
Non-security setting can be changed and security setting cannot be changed.Therefore, this solution provides good body for remote user
It tests.
In addition, solution provided by the invention is simple and effective because do not need specific hardware distinguish secured user and
Insecure user.Traditionally, some to realize that the similar technology distinguished needs specific hardware circuit the physics of chip is arranged and jumps
Line (for example, by drawing high the voltage at pin) then can adjust safe or non-security setting according to the state of wire jumper.But
Be, rely on hardware entire mechanism can be made extremely complex, and with the safety test of modern operating system require it is incompatible.It compares
Under, solution provided by the invention does not need special hardware, because it is based primarily upon software module, it is only necessary to such as
The service processor of the firmware of UEFI and such as BMC.Therefore, solution provided by the invention can be commonly used in difference
Operating system, it might even be possible to for the hardware from different suppliers.
Detailed description of the invention
From the description of preferred embodiment below, aforementioned and further feature of the invention be will become obvious, institute
Preferred embodiment is stated only to provide in conjunction with attached drawing by way of example, in which:
Fig. 1 a is server and remote console with local console and local user's input equipment and long-range
The diagram of user input equipment.
Fig. 1 b shows the block diagram of a part of the component on mainboard and mainboard in the server of Fig. 1 a.
Fig. 2 shows the services connecting with the keyboard driver for enabling UEFI according to another embodiment of the present invention
The schematic diagram of the BMC of device and the BMC for providing a user setting screen.
Fig. 3 is the process for showing the method for authenticating user before the setting to the server in Fig. 2 is modified
Figure.
Fig. 4 illustrates the secured user of the server according to an embodiment of the invention for remote console mode
Authentication method.
In the accompanying drawings, in several embodiments described herein, the identical component of identical digital representation.
Specific embodiment
Turning now to Fig. 1 a, 1b, the server 20 as a kind of information processing unit includes local console 22, local
Keyboard 24 and local mouse 26.Local console 22 is display equipment, is suitable for showing to the local user of 20 front of server
The user interface (not shown) of setting including server 20.Local console 22, local keyboard 24 and local mouse 26 all objects
Reason the mainboard 29 of server 20 is connected to execute their own function.Local keyboard 24 and local mouse 26 are local
The type of user input equipment, such as allow local user to provide user and input with the operation of control server 20, such as
Change above-mentioned setting.
Be also connected to server 20 is remote console 32, remote keyboard 34 and remote mouse 36, they are respectively provided with
The function similar with local console 22, local keyboard 24 and local mouse 26.But remote console 32, remote keyboard 34
The mainboard 29 or cabinet (not shown) of server 20 are not physically attached to remote mouse 36.But they geographically with
Server 20 is spaced apart or separate.Remote console 32, remote keyboard 34 and remote mouse 36 pass through the communication of such as internet
Network (not shown) is connected to server 20.Remote keyboard 34 and local mouse 36 are the types of remote user input device.
Remote console 32, remote keyboard 34 and remote mouse 36 are suitable for working together under KVM mode with server 20.
As shown in Figure 1 b, server 20 is equipped with primary processor 21, service processor 23, memory on its mainboard 29
25.Primary processor 21 is, for example, the central processor unit (CPU) of one or more servers 20, undertakes calculating task.Separately
On the one hand, service processor 23 is the processor different from primary processor, and provides and be such as directly realized by server admin
The function of autonomic monitoring and recovery in system.For example, service processor 23 can be base band Management Controller (BMC).Storage
Device 25 is the hardware of permanently or temporarily data of the storage for running the server 20 including firmware 27.The example packet of firmware 27
Unified Extensible Firmware Interface (UEFI) is included, further comprises the UEFI setting for changing the setting of information processing unit
Module and UEFI keyboard/mouse driver.
Turning now to Fig. 2-4, another embodiment of the invention is the safety for the server of remote console mode
User authen method.This method can be applied to the server in Fig. 1 a-1b.Initially from Fig. 4, this method is from user
Start when the setting of trial/request change server.It note that the user there are three types of possible type carries out such change request,
And they show in step 60 to 62 respectively.For each specific request from the user, will only apply in 60 to 62
One in three steps.It should be appreciated that different types of user input equipment can be used in different types of user, such as
Local user's input equipment or remote user input device similar to those discussed above.Specifically, in step 60,
Remote user attempts to change setting by standard (non-security) Virtual User input equipment.In a step 61, telesecurity is used
The Virtual User input equipment by safety is attempted to change setting in family.In step 62, local user attempts to use by local
The change setting of family input equipment.Insecure user input equipment and secured user's input equipment are all remote user input devices
Type.Note that either long-range or local, user input equipment may include keyboard, mouse and/or other kinds of
User input equipment.In this embodiment, server includes as the BMC 54 of service processor and as the UEFI of firmware.
Safety or non-security Virtual User input equipment must be distributed to long-range use by the BMC 54 before above-mentioned steps 60 and 61
Family account, this will be described in further detail below.
Next step after step 60 to any one of 62 will be identical, i.e. UEFI keyboard/mouse driver
48, a part of the UEFI as the firmware for serving as information processing unit checks the position of request change setting.This is in two steps
It carries out.Firstly, UEFI keyboard/mouse driver 48 is based on the information obtained from the mainboard of server come really in step 63
Whether fixed change is from local keyboard/mouse.The local keyboard/mouse of physical connection can be by the mainboard of information processing unit
Detection.If the request of change setting comes from local keyboard/mouse, user is local user, and this method directly carries out
To step 66, wherein UEFI keyboard/mouse driver 48 is the local user's wound operated on local physical keyboard/mouse
Build the safety sign (that is, operation of the setting of change server) for expected change.Server is always with native client
The local user of account is held to provide highest access authority, as mentioned above, the local that can physically contact with server is used
Family is considered all settings of qualified change server.Therefore, local user is a kind of secured user.
However, if UEFI keyboard/mouse driver 48 determines that the request of change setting is not from step 63
Local physical keyboard/mouse, then user is remote user, and this method proceeds to step 65.In step 65, UEFI key
Disk/mouse driver 48 further determine that change whether dummy keyboard/mouse from safety.Dummy keyboard/mouse of safety
Mark means that user behind is secured user 52, and the security setting of server is changed with higher access authority.
Non-security dummy keyboard/mouse means that subsequent user is the insecure user 50 not having secure access to.UEFI keyboard/
Mouse driver 48 is determined in step 63 and 65 based on the device id of keyboard/mouse, because of local keyboard/mouse
Device id be different from dummy keyboard/mouse device id for create by BMC, and secure virtual keyboard/mouse will have and
The different device id of non-security dummy keyboard/mouse.
Either from step 63, or from the branch of step 65, method is advanced further to step 66, wherein UEFI key
Disk/mouse driver 48 is the expection that local user's (not shown) and safety long-distance user 52 create Client-initiated setting
The safety sign of change.However, from another branch of step 65, the expection for the setting that do not initiated for insecure user 50
Change creation safety sign.Under any circumstance, this method then proceedes to step 68, and wherein UEFI setup module sets this
It sets and is classified as security type (for example, setting that is crucial and should not being changed by ordinary user) or non-security type.If the setting
It is the security setting determined by UEFI setup module, then this method proceeds to step 72 to check whether and can find above-mentioned mark
Expected change of the will for setting.If there is mark, then it represents that expected change is the long-range use by local user or safety
What family was initiated, these users or server all have enough access authority to server, including carry out expected change.So
This method goes to the change that step 76 is arranged with application server afterwards, and then this method terminates.However, if in step 72
Do not find mark, then the change (that is, " skipping ") will not be applied to the setting in step 74 by UEFI setup module, and
This method will terminate later.
If determining the setting not instead of security setting in the step 68, being only can be by all user security more
The normal setting changed, then this method is directly entered the change of setting of the step 76 with application server, and then this method will be tied
Beam.
As described above, BMC 54 passes through non-security (standard) dummy keyboard/mouse or secure virtual keyboard/mouse point
Dispensing Terminal Server Client account for different Terminal Server Client accounts provides different role/access authority.BMC 54 only distributes void
Quasi- keyboard/mouse is primary, and distributes when creating new remote user account.The distribution of dummy keyboard/mouse is in Fig. 3
It illustrates in greater detail, and this is carried out as before being pre-configured step method shown in Fig. 4.In Fig. 3, BMC 54 is not right
Local user takes movement, therefore in step 86, and local user will use only local physical keyboard/mouse and carry out to server
Any operation.But if user is remote user, BMC 54 creates remote user's account in step 78 for remote user
Family.Then, in step 80, BMC 54 further determines that whether remote user account is secured user account.The determination is based on
Whether remote user belongs to the fact that trust group.Trust group includes all secured users.If BMC 54 determines long-range use
Family account is secured user account, then this method proceeds to step 84, and wherein BMC 54 distributes secure virtual keyboard/mouse
To remote user account.Alternatively, if BMC 54 determines that remote user account is insecure user account (i.e. ordinary user),
Then this method proceeds to step 82, and wherein non-security dummy keyboard/mouse is distributed to remote user by BMC 54.It note that
In either case, remote user always uses identical remote keyboard/mouse, therefore virtual key only in server
The definition of disk/mouse and attribute according to user are safety and change.
Fig. 2 shows by UEFI keyboard/mouse driver 48 (such as the secure virtual keyboard 44 determined by BMC) and
How non-security dummy keyboard 42 classifies to different types of remote keyboard.For be directly connected to the mainboard of server/
The local physical keyboard 46 of cabinet using 48 Direct Recognition of UEFI keyboard/mouse driver and loads them.For difference
The remote keyboard of type, UEFI keyboard/mouse driver 48 also provide support for their running.Include the peace to be changed
The screen 58 being arranged entirely is provided to local physical keyboard 46 and secure virtual keyboard 44 because they have by UEFI keyboard/
The mark that mouse driver 48 is arranged.Screen 56 is provided to non-security remote user 50.In screen 56, due to long-range
User 50 does not have secure access permission but only has non-security dummy keyboard 42, therefore cannot change any security setting.
Therefore, exemplary embodiment of the present invention is fully described.Although the description is related to specific embodiment,
It will be apparent to one skilled in the art that the present invention can be practiced by changing these details.Therefore, the present invention should not be by
It is interpreted as being limited to embodiments set forth here.
Although illustrating and describing the present invention in detail in the drawings and the preceding description, similarly it is considered
It is illustrative and be not restrictive, it should be understood that exemplary embodiment only has shown and described, and does not limit any side
The scope of the present invention of formula.It is appreciated that any feature described herein can be used together with any embodiment.It is illustrative
Embodiment is not excluded for each other or other embodiments not enumerated herein.Therefore, the present invention also provides include said one or more
The combined embodiment of a illustrative embodiment.It without departing from the spirit and scope of the present invention, can be to this
The present invention described in text modifies and changes, and therefore, should only apply these limits as shown in appended claims
System.
For example, in the above-described embodiments, server is used as the example of information processing equipment to be described.However, this
Field technical staff is it should be appreciated that other kinds of information processing unit also can be applied to the present invention, such as personal desktop
Computer, laptop, mobile phone or tablet computer etc..
In addition, UEFI is used as the example of the firmware of information processing unit, for authenticating different types of user.However, such as
Other kinds of firmware in the various information processing units of fruit can provide driver to remote user input device and be
Mark needed for expected operation addition, then they can be used for the purpose of the present invention.
In addition, in the above-described embodiments, keyboard and mouse are described as the user input equipment of Local or Remote by ground.It answers
This is recognized, other kinds of user input equipment can also be similarly used to change the setting of information processing equipment, such as
Trackpad, touch tablet, trace ball etc..
It shall yet further be noted that variant of the invention can provide identical or different user interface for different types of user.Example
Such as, for secure and non-secure user, be presented to their screen can be it is identical, but will not be using by non-security use
Any user input for the change security setting that family is made.Alternatively, different screens can be provided to unsafe user,
In some screen elements it is disabled, prevent insecure user is from activating them to change security setting.Further alternatively,
Compared with secured user, it can be presented to insecure user and simplify screen, and simplified screen and only show general/non-security set
It sets.
In addition, above-described embodiment refers to UEFI keyboard/mouse driver, with reference to keyboard/mouse device id with
Identify whether keyboard/mouse is safe.Device id is a kind of identifier of keyboard/mouse.However, those skilled in the art should
It recognizes, also can be used between service processor (such as BMC) and firmware (such as UEFI) dependent on keyboard/mouse
The other kinds of identification of identifier is shaken hands/method, without departing from spirit of that invention.For example, the sub- equipment of keyboard/mouse
ID or device path may be used as identifier, and can be obtained by UEFI keyboard/mouse driver, so as to determine keyboard/
Whether mouse is safe.
Claims (19)
1. a kind of method for the user of authentication information processing unit before the setting to information processing unit is modified,
The user initiates change, the described method comprises the following steps:
Determine whether the user is safe;
It is change creation mark before the application change if the user security;And
If finding the mark of the change, by the setting applied to the information processing unit.
2. the method for claim 1, wherein the determining step further includes detecting the change request from the user
It is derived from local user's input equipment or remote user input device.
3. method according to claim 2, wherein in the determining step, if the request to the change is originated from institute
State local user's input equipment, then it is assumed that the user security.
4. method according to claim 2, wherein in the determining step, if the request to the change is originated from peace
Full Virtual User input equipment, then it is assumed that the user security;If be originated to the request of the change non-security virtual
User input equipment, then it is assumed that the user is non-security.
5. method as claimed in claim 4, further includes: before the determining step, the safe Virtual User is defeated
Enter equipment or the step of the non-security Virtual User input equipment distributes to remote user account.
6. method as claimed in claim 4, wherein the identifier for being used for the remote user input device is obtained, as true
The fixed remote user input device is that the safe Virtual User input equipment or the non-security Virtual User are defeated
Enter the basis of equipment.
7. the method as described in claim 1, further includes: the step of before applying step:
The setting is classified as security type or non-security type;
If the setting is non-security type, the change of the setting to the information processing unit is realized, and at the same time around
Cross the applying step;
If the setting is security type, enter the applying step.
8. method according to claim 2, wherein the foundation step is by local user's input equipment or described long-range
The device driver of the information processing unit of user input equipment executes.
9. the method for claim 7, wherein the device driver can be expanded by the unification of the information processing unit
Firmware interface (UEFI) is opened up to provide.
10. method as claimed in claim 5, wherein the allocation step by the information processing unit service processor
It carries out.
11. a kind of information processing unit, comprising:
Primary processor;
Mainboard, the processor are mounted thereto;The mainboard further includes firmware;The firmware is provided to be set suitable for what is changed manually
It sets;
Wherein, if the user security, the firmware is suitable for the creation before the application change and is used for the change
Mark;If the mark for the change can be found, the firmware is further adapted for then being applied to the change described
The setting of information processing unit.
12. information processing unit as claimed in claim 11 further includes the service processor for being connected to the mainboard;The clothes
Business processor is suitable for the Virtual User input equipment of safety or non-security Virtual User input equipment distributing to remote user
Account.
13. information processing unit as claimed in claim 11, wherein the firmware is further adapted for based on to from the user's
Change request is derived from local user's input equipment or remote user input device to determine the user security also be non-peace
Entirely.
14. information processing unit as claimed in claim 13, wherein if being originated from the local use to the request of the change
Family input equipment, then the firmware is suitable for the user being determined as safety.
15. information processing unit as claimed in claim 10, wherein if the request to the change is originated from the virtual of safety
User input equipment, then the firmware is suitable for the user being determined as safety, if the request to the change is originated from non-peace
The user is then determined as non-security by full Virtual User input equipment.
16. information processing unit as claimed in claim 15, wherein the firmware is suitable for obtaining defeated for the remote user
The identifier for entering equipment is the safe Virtual User input equipment or institute as the determination remote user input device
State the basis of non-security Virtual User input equipment.
17. information processing unit as claimed in claim 13, wherein the firmware further includes inputting for the local user
The device driver of equipment or the remote user input device.
18. information processing unit as claimed in claim 17, wherein the service processor is base band Management Controller
(BMC), and the device driver is provided by the unified Extensible Firmware Interface (UEFI) of the information processing unit.
19. information processing unit as claimed in claim 12, wherein the service processor is further adapted for classifying the setting
For security type or non-security type;If the setting is non-security type, the firmware is further adapted for directly affecting to institute
The change of the setting of information processing unit is stated without considering the mark.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910169027.6A CN110032414B (en) | 2019-03-06 | 2019-03-06 | Apparatus and method for secure user authentication in remote console mode |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910169027.6A CN110032414B (en) | 2019-03-06 | 2019-03-06 | Apparatus and method for secure user authentication in remote console mode |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110032414A true CN110032414A (en) | 2019-07-19 |
CN110032414B CN110032414B (en) | 2023-06-06 |
Family
ID=67235075
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910169027.6A Active CN110032414B (en) | 2019-03-06 | 2019-03-06 | Apparatus and method for secure user authentication in remote console mode |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110032414B (en) |
Citations (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1592197A (en) * | 2003-09-01 | 2005-03-09 | 台均实业有限公司 | Method of identification between user device and local client use or remote-network service |
CN1917686A (en) * | 2005-08-18 | 2007-02-21 | Lg电子株式会社 | Apparatus and method for authenticating a telematics terminal in vehicle |
US20090101552A1 (en) * | 2007-09-25 | 2009-04-23 | Fulkerson Barry N | Manifolds for Use in Conducting Dialysis |
CN101765996A (en) * | 2007-05-31 | 2010-06-30 | 威斯科数据安全国际有限公司 | Remote Authentication And Transaction Signatures |
US20120103885A1 (en) * | 2007-11-29 | 2012-05-03 | Thomas Patrick Robinson | Disposable apparatus and kit for conducting dialysis |
CN102819427A (en) * | 2005-09-09 | 2012-12-12 | 微软公司 | Plug and play device redirection method and system for remote systems |
CN102904869A (en) * | 2011-07-25 | 2013-01-30 | 福特全球技术公司 | Method and apparatus for remote authentication |
CN103563346A (en) * | 2011-03-31 | 2014-02-05 | 索尼移动通信公司 | System and method for establishing a communication session |
CN103647766A (en) * | 2013-12-05 | 2014-03-19 | 青岛海尔软件有限公司 | High-security remote access system |
CN103701608A (en) * | 2013-12-25 | 2014-04-02 | 金蝶软件(中国)有限公司 | Enterprise resource planning (ERP) system-based user right authentication method and system |
CN103716160A (en) * | 2012-09-28 | 2014-04-09 | 哈曼贝克自动系统股份有限公司 | Method and apparatus for authenticated access to automotive telematic services |
CN103944913A (en) * | 2014-04-28 | 2014-07-23 | 浪潮电子信息产业股份有限公司 | Server-oriented safe firmware designing method |
CN104012132A (en) * | 2011-10-25 | 2014-08-27 | 拓普合公司 | Two-factor authentication systems and methods |
CN104205144A (en) * | 2012-04-17 | 2014-12-10 | 英特尔公司 | Trusted service interaction |
CN104717261A (en) * | 2013-12-17 | 2015-06-17 | 华为技术有限公司 | Login method and desktop management device |
CN105227314A (en) * | 2015-08-28 | 2016-01-06 | 飞天诚信科技股份有限公司 | A kind of login enters method and the device of system desktop |
CN105554098A (en) * | 2015-12-14 | 2016-05-04 | 瑞斯康达科技发展股份有限公司 | Device configuration method, server and system |
CN105956426A (en) * | 2016-04-26 | 2016-09-21 | 上海斐讯数据通信技术有限公司 | Application program authority authentication and authorization method and intelligent equipment |
CN105975824A (en) * | 2016-07-21 | 2016-09-28 | 深圳市金立通信设备有限公司 | Method for switching screen unlocking modes and terminal |
CN106209847A (en) * | 2016-07-13 | 2016-12-07 | 国网河南省电力公司南阳供电公司 | Electric data transmission method and device |
CN106375384A (en) * | 2016-08-28 | 2017-02-01 | 北京瑞和云图科技有限公司 | Management system of mirror network flow in virtual network environment and control method |
CN106453384A (en) * | 2016-11-09 | 2017-02-22 | 鹤荣育 | Security cloud disk system and security encryption method thereof |
CN106549976A (en) * | 2016-12-09 | 2017-03-29 | 中南大学 | A kind of method for authenticating user identity and ' In System Reconfiguration Method suitable for transparent computing system |
CN106873772A (en) * | 2017-01-04 | 2017-06-20 | 乐视控股(北京)有限公司 | A kind of VR virtual units encryption method and equipment |
CN106982117A (en) * | 2016-01-19 | 2017-07-25 | 阿里巴巴集团控股有限公司 | The implementation method and device of safety input |
CN107113319A (en) * | 2016-07-14 | 2017-08-29 | 华为技术有限公司 | Method, device, system and the proxy server of response in a kind of Virtual Networking Computing certification |
CN107292152A (en) * | 2017-05-24 | 2017-10-24 | 舒翔 | A kind of biological characteristic authentication system and biometric authentication method |
EP3276878A1 (en) * | 2016-07-28 | 2018-01-31 | INFOCERT S.p.A. | Method for the safe authentication of a request made to a remote provider and generated in a personal device with bifurcation of the transmission of an authentication means |
CN107766118A (en) * | 2016-08-16 | 2018-03-06 | 北京神州泰岳软件股份有限公司 | A kind of method and apparatus of establishment KVM virtual machines |
CN107846381A (en) * | 2016-09-18 | 2018-03-27 | 阿里巴巴集团控股有限公司 | Network security processing method and equipment |
CN107911644A (en) * | 2017-12-04 | 2018-04-13 | 吕庆祥 | The method and device of video calling is carried out based on conjecture face expression |
CN108062846A (en) * | 2016-11-08 | 2018-05-22 | 英业达科技有限公司 | Safety alarm device and the object wearing device with safety alarm device |
CN108418808A (en) * | 2018-02-07 | 2018-08-17 | 平安科技(深圳)有限公司 | Identity information changes method, apparatus, terminal device and storage medium |
CN108490964A (en) * | 2018-03-21 | 2018-09-04 | 深圳臻迪信息技术有限公司 | Control method, device and the intelligent terminal of unmanned plane |
CN108632452A (en) * | 2018-03-27 | 2018-10-09 | 珠海格力电器股份有限公司 | A kind of schedule update method, apparatus and system |
CN108632367A (en) * | 2018-04-18 | 2018-10-09 | 家园网络科技有限公司 | Account correlating method and information-pushing method |
CN108845681A (en) * | 2018-06-20 | 2018-11-20 | 武汉科技大学 | A kind of switch key mapping layout method of input equipment |
US20180351925A1 (en) * | 2017-05-31 | 2018-12-06 | Konica Minolta Laboratory U.S.A., Inc. | Self-adaptive secure authentication system |
CN109040068A (en) * | 2018-08-02 | 2018-12-18 | 中国联合网络通信集团有限公司 | Strange land authentication method, authentication server and the block chain of broadband user |
CN109150800A (en) * | 2017-06-16 | 2019-01-04 | 中兴通讯股份有限公司 | Login access method, system and storage medium |
CN109189043A (en) * | 2018-08-30 | 2019-01-11 | 百度在线网络技术(北京)有限公司 | Pilotless automobile condition detection method, device, equipment and storage medium |
-
2019
- 2019-03-06 CN CN201910169027.6A patent/CN110032414B/en active Active
Patent Citations (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1592197A (en) * | 2003-09-01 | 2005-03-09 | 台均实业有限公司 | Method of identification between user device and local client use or remote-network service |
CN1917686A (en) * | 2005-08-18 | 2007-02-21 | Lg电子株式会社 | Apparatus and method for authenticating a telematics terminal in vehicle |
CN102819427A (en) * | 2005-09-09 | 2012-12-12 | 微软公司 | Plug and play device redirection method and system for remote systems |
CN101765996A (en) * | 2007-05-31 | 2010-06-30 | 威斯科数据安全国际有限公司 | Remote Authentication And Transaction Signatures |
US20090101552A1 (en) * | 2007-09-25 | 2009-04-23 | Fulkerson Barry N | Manifolds for Use in Conducting Dialysis |
EP2237814A4 (en) * | 2007-11-29 | 2017-10-11 | Fresenius Medical Care Holdings, Inc. | System and method for conducting hemodialysis and hemofiltration |
US20120103885A1 (en) * | 2007-11-29 | 2012-05-03 | Thomas Patrick Robinson | Disposable apparatus and kit for conducting dialysis |
US20180361049A1 (en) * | 2007-11-29 | 2018-12-20 | Fresenius Medical Care Holdings, Inc. | Disposable Apparatus and Kit for Conducting Dialysis |
CN103563346A (en) * | 2011-03-31 | 2014-02-05 | 索尼移动通信公司 | System and method for establishing a communication session |
CN102904869A (en) * | 2011-07-25 | 2013-01-30 | 福特全球技术公司 | Method and apparatus for remote authentication |
CN104012132A (en) * | 2011-10-25 | 2014-08-27 | 拓普合公司 | Two-factor authentication systems and methods |
CN104205144A (en) * | 2012-04-17 | 2014-12-10 | 英特尔公司 | Trusted service interaction |
CN103716160A (en) * | 2012-09-28 | 2014-04-09 | 哈曼贝克自动系统股份有限公司 | Method and apparatus for authenticated access to automotive telematic services |
CN103647766A (en) * | 2013-12-05 | 2014-03-19 | 青岛海尔软件有限公司 | High-security remote access system |
CN104717261A (en) * | 2013-12-17 | 2015-06-17 | 华为技术有限公司 | Login method and desktop management device |
CN103701608A (en) * | 2013-12-25 | 2014-04-02 | 金蝶软件(中国)有限公司 | Enterprise resource planning (ERP) system-based user right authentication method and system |
CN103944913A (en) * | 2014-04-28 | 2014-07-23 | 浪潮电子信息产业股份有限公司 | Server-oriented safe firmware designing method |
CN105227314A (en) * | 2015-08-28 | 2016-01-06 | 飞天诚信科技股份有限公司 | A kind of login enters method and the device of system desktop |
CN105554098A (en) * | 2015-12-14 | 2016-05-04 | 瑞斯康达科技发展股份有限公司 | Device configuration method, server and system |
CN106982117A (en) * | 2016-01-19 | 2017-07-25 | 阿里巴巴集团控股有限公司 | The implementation method and device of safety input |
CN105956426A (en) * | 2016-04-26 | 2016-09-21 | 上海斐讯数据通信技术有限公司 | Application program authority authentication and authorization method and intelligent equipment |
CN106209847A (en) * | 2016-07-13 | 2016-12-07 | 国网河南省电力公司南阳供电公司 | Electric data transmission method and device |
CN107113319A (en) * | 2016-07-14 | 2017-08-29 | 华为技术有限公司 | Method, device, system and the proxy server of response in a kind of Virtual Networking Computing certification |
CN105975824A (en) * | 2016-07-21 | 2016-09-28 | 深圳市金立通信设备有限公司 | Method for switching screen unlocking modes and terminal |
EP3276878A1 (en) * | 2016-07-28 | 2018-01-31 | INFOCERT S.p.A. | Method for the safe authentication of a request made to a remote provider and generated in a personal device with bifurcation of the transmission of an authentication means |
CN107766118A (en) * | 2016-08-16 | 2018-03-06 | 北京神州泰岳软件股份有限公司 | A kind of method and apparatus of establishment KVM virtual machines |
CN106375384A (en) * | 2016-08-28 | 2017-02-01 | 北京瑞和云图科技有限公司 | Management system of mirror network flow in virtual network environment and control method |
CN107846381A (en) * | 2016-09-18 | 2018-03-27 | 阿里巴巴集团控股有限公司 | Network security processing method and equipment |
CN108062846A (en) * | 2016-11-08 | 2018-05-22 | 英业达科技有限公司 | Safety alarm device and the object wearing device with safety alarm device |
CN106453384A (en) * | 2016-11-09 | 2017-02-22 | 鹤荣育 | Security cloud disk system and security encryption method thereof |
CN106549976A (en) * | 2016-12-09 | 2017-03-29 | 中南大学 | A kind of method for authenticating user identity and ' In System Reconfiguration Method suitable for transparent computing system |
CN106873772A (en) * | 2017-01-04 | 2017-06-20 | 乐视控股(北京)有限公司 | A kind of VR virtual units encryption method and equipment |
CN107292152A (en) * | 2017-05-24 | 2017-10-24 | 舒翔 | A kind of biological characteristic authentication system and biometric authentication method |
US20180351925A1 (en) * | 2017-05-31 | 2018-12-06 | Konica Minolta Laboratory U.S.A., Inc. | Self-adaptive secure authentication system |
CN109150800A (en) * | 2017-06-16 | 2019-01-04 | 中兴通讯股份有限公司 | Login access method, system and storage medium |
CN107911644A (en) * | 2017-12-04 | 2018-04-13 | 吕庆祥 | The method and device of video calling is carried out based on conjecture face expression |
CN108418808A (en) * | 2018-02-07 | 2018-08-17 | 平安科技(深圳)有限公司 | Identity information changes method, apparatus, terminal device and storage medium |
CN108490964A (en) * | 2018-03-21 | 2018-09-04 | 深圳臻迪信息技术有限公司 | Control method, device and the intelligent terminal of unmanned plane |
CN108632452A (en) * | 2018-03-27 | 2018-10-09 | 珠海格力电器股份有限公司 | A kind of schedule update method, apparatus and system |
CN108632367A (en) * | 2018-04-18 | 2018-10-09 | 家园网络科技有限公司 | Account correlating method and information-pushing method |
CN108845681A (en) * | 2018-06-20 | 2018-11-20 | 武汉科技大学 | A kind of switch key mapping layout method of input equipment |
CN109040068A (en) * | 2018-08-02 | 2018-12-18 | 中国联合网络通信集团有限公司 | Strange land authentication method, authentication server and the block chain of broadband user |
CN109189043A (en) * | 2018-08-30 | 2019-01-11 | 百度在线网络技术(北京)有限公司 | Pilotless automobile condition detection method, device, equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN110032414B (en) | 2023-06-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10992659B2 (en) | Multi-factor authentication devices | |
US9607140B2 (en) | Authenticating a user of a system via an authentication image mechanism | |
US11843509B2 (en) | Systems and methods for workspace continuity and remediation | |
US11316902B2 (en) | Systems and methods for securing a dynamic workspace in an enterprise productivity ecosystem | |
US9716706B2 (en) | Systems and methods for providing a covert password manager | |
CN109831419A (en) | The determination method and device of shell program authority | |
US9626495B2 (en) | Authenticating a device based on availability of other authentication methods | |
US20170126733A1 (en) | Protection against end user account locking denial of service (dos) | |
CN101529366A (en) | Identification and visualization of trusted user interface objects | |
JP2016508270A (en) | Safety login system and method, and apparatus therefor | |
US11657126B2 (en) | Systems and methods for dynamic workspace targeting with crowdsourced user context | |
CN106330958A (en) | Secure accessing method and device | |
CN102215254A (en) | Securely providing session key information for user consent to remote management of a computer device | |
US11522883B2 (en) | Creating and handling workspace indicators of compromise (IOC) based upon configuration drift | |
US11659005B2 (en) | Systems and methods for self-protecting and self-refreshing workspaces | |
CN103975567A (en) | Dual-factor authentication method and virtual machine device | |
US20180203988A1 (en) | System and Method for Multiple Sequential Factor Authentication for Display Devices | |
US11586738B2 (en) | Systems and methods for evaluating security risks using a manufacturer-signed software identification manifest | |
JP2003015905A (en) | Method of proving integrity of compartments in compartmentalized operating system | |
CN110032414A (en) | Apparatus and method for secure user authentication in remote console mode | |
CN104995635B (en) | Picture sending method and device and terminal device | |
US20050010807A1 (en) | Information processing apparatus used by a plurality of different operators, and method and program for use in the information processing apparatus | |
CN106203081A (en) | A kind of safety protecting method and device | |
CN111010478B (en) | Mobile terminal protection method, device and system | |
US20230409339A1 (en) | Muscle/memory wire lock of device component(s) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |