CN110311928B - Network authentication method and authentication device of cloud terminal system - Google Patents

Network authentication method and authentication device of cloud terminal system Download PDF

Info

Publication number
CN110311928B
CN110311928B CN201910701126.4A CN201910701126A CN110311928B CN 110311928 B CN110311928 B CN 110311928B CN 201910701126 A CN201910701126 A CN 201910701126A CN 110311928 B CN110311928 B CN 110311928B
Authority
CN
China
Prior art keywords
terminal
ciphertext
cloud platform
network
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910701126.4A
Other languages
Chinese (zh)
Other versions
CN110311928A (en
Inventor
孙利
王大中
刘熔冰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN201910701126.4A priority Critical patent/CN110311928B/en
Publication of CN110311928A publication Critical patent/CN110311928A/en
Application granted granted Critical
Publication of CN110311928B publication Critical patent/CN110311928B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a network authentication method and authentication equipment of a cloud terminal system, belongs to the technical field of communication, and can at least partially solve the problem that the existing network authentication method of the cloud terminal system cannot realize the authentication of a terminal and a cloud platform end which are separated from an SIM card. The invention discloses a network authentication method of a cloud terminal system, which comprises the following steps: acquiring an authentication request from a terminal, and acquiring a mobile equipment identification code of the terminal according to the authentication request so that the terminal can communicate in a network terminal; encrypting the terminal information to obtain a first ciphertext; sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and decrypted terminal information according to the first ciphertext and sends the second ciphertext and the decrypted terminal information; and acquiring the second ciphertext and the decrypted terminal information, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information to realize the authentication of the cloud platform end.

Description

Network authentication method and authentication device of cloud terminal system
Technical Field
The invention belongs to the technical field of communication, and particularly relates to a network authentication method and authentication equipment of a cloud terminal system.
Background
The cloud terminal system is used as a carrier for realizing the cloud desktop, the function of the cloud terminal system is to display the system desktop of the cloud platform end to the terminal, the main functions of the cloud terminal system are to display the desktop of the cloud platform end and redirect the output and input data of the terminal to the cloud platform end server, so that the terminal does not locally undertake the operation and the like of the cloud platform end desktop, and the cloud terminal system has the advantages of flexible access, multiple safety verification, environmental protection, energy and power saving, labor maintenance cost saving, centralized management and the like.
In the cloud terminal technology in the prior art, a Subscriber Identity Module (SIM) card is installed in a terminal, and then authentication and link between the terminal and a cloud platform are realized through the SIM card. However, the prior art cannot realize the authentication of the terminal and the cloud platform end after the terminal is separated from the SIM card.
Disclosure of Invention
The invention at least partially solves the problem that the existing network authentication method of the cloud terminal system can not realize the authentication of the terminal separated from the SIM card and the cloud platform end, and provides the network authentication method of the cloud terminal system, which can realize the authentication of the terminal separated from the SIM card and the cloud platform end.
The technical scheme adopted for solving the technical problem of the invention is a network authentication method of a cloud terminal system, which is used for a network terminal and comprises the following steps:
acquiring an authentication request from a terminal, and acquiring a mobile equipment identification code of the terminal according to the authentication request so that the terminal can communicate in the network terminal, wherein the authentication request comprises terminal information of the terminal and an address of a cloud platform terminal, and the terminal information comprises an account number and a verification password corresponding to the terminal;
encrypting the terminal information to obtain a first ciphertext;
sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and decrypted terminal information according to the first ciphertext, and sends the second ciphertext and the decrypted terminal information, wherein the second ciphertext is obtained by encrypting a user identifier of the terminal;
and acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information so as to realize the authentication of the cloud platform end.
Further preferably, the obtaining an authentication request from a terminal and obtaining a mobile device identifier of the terminal according to the authentication request includes: the method comprises the steps of obtaining an authentication request from a terminal, and sending a first instruction to the terminal according to the authentication request so that the terminal sends a mobile equipment identification code of the terminal to a network side according to the first instruction.
Further preferably, the acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and determining whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information, so as to implement the authentication of the cloud platform end before: and acquiring and storing a first database, wherein the information in the first database comprises terminal information of all terminals corresponding to the cloud platform terminal and a pre-stored standard ciphertext.
Further preferably, the obtaining the second ciphertext and the decrypted terminal information from the cloud platform end, and determining whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information, so as to implement the authentication of the cloud platform end includes: comparing the decrypted terminal information with the information in the first database, and if the decrypted terminal information corresponds to at least part of information in the first database, determining that the virtual machine in the cloud platform end is legal; and comparing the second ciphertext with the information in the first database, and if the second ciphertext corresponds to at least part of the information in the first database, determining that a second authentication module in the cloud platform end is legal.
Further preferably, the acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and determining whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information, so as to implement the authentication of the cloud platform end includes: and if the cloud platform end corresponds to the terminal, sending an authentication success message to the terminal.
The technical scheme adopted for solving the technical problem of the invention is that the network authentication equipment of the cloud terminal system is positioned at a network end, and the equipment comprises:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring an authentication request from a terminal and acquiring a mobile equipment identification code of the terminal according to the authentication request so as to enable the terminal to be capable of communicating in the network terminal, the authentication request comprises terminal information of the terminal and an address of a cloud platform terminal, and the terminal information comprises an account number and a verification password corresponding to the terminal;
the first authentication module is used for encrypting the terminal information to obtain a first ciphertext;
the first sending module is used for sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and decrypted terminal information according to the first ciphertext, and sends the second ciphertext and the decrypted terminal information, wherein the second ciphertext is obtained by encrypting a user identifier of the terminal;
and the first judgment module is used for acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information so as to realize the authentication of the cloud platform end.
Further preferably, the apparatus further comprises: a storage module, configured to acquire and store a first database, where information in the first database includes terminal information of all terminals corresponding to the cloud platform and a pre-stored standard ciphertext
Further preferably, the apparatus further comprises: and the second sending module is used for sending an authentication success message to the terminal if the cloud platform end corresponds to the terminal.
The technical scheme adopted for solving the technical problem of the invention is a network authentication method of a cloud terminal system, which is used for a cloud platform end, and the method comprises the following steps:
receiving a first ciphertext from a network end, wherein the first ciphertext is obtained by encrypting terminal information;
decrypting the first ciphertext to obtain the decrypted terminal information;
judging whether the terminal corresponds to the network terminal or not according to the decrypted terminal information;
if the terminal corresponds to the network terminal, acquiring the user identification of the terminal according to the decrypted terminal information;
and encrypting the user identification to obtain a second ciphertext, and sending the second ciphertext and the decrypted terminal information to the network end so that the network end judges whether the cloud platform end corresponds to the terminal, so as to realize the authentication of the cloud platform end.
The technical scheme adopted for solving the technical problem of the invention is that the network authentication equipment of a cloud terminal system is positioned at a cloud platform end, and the equipment comprises:
the first receiving module is used for receiving a first ciphertext from a network end, and the first ciphertext is obtained by encrypting terminal information;
the decryption module is used for decrypting the first ciphertext to obtain the decrypted terminal information;
the second judgment module is used for judging whether the terminal corresponds to the network terminal according to the decrypted terminal information;
the second obtaining module is used for obtaining the user identification of the terminal according to the decrypted terminal information if the terminal corresponds to the network terminal;
and the second authentication module is used for encrypting the user identifier to obtain a second ciphertext and sending the second ciphertext to the network end, so that the network end judges whether the cloud platform end corresponds to the terminal, and the authentication of the cloud platform end is realized.
The network authentication method of the cloud terminal system of the embodiment can realize the authentication and the link between the terminal separated from the SIM card and the cloud platform terminal, thereby expanding the application range of the cloud terminal technology.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic flowchart of a network authentication method of a cloud terminal system according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a network authentication method of a cloud terminal system according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a network authentication method of a cloud terminal system according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a network authentication device of a cloud terminal system according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
Example 1:
as shown in fig. 1 to 4, the present embodiment provides a network authentication method of a cloud terminal system, which is used at a network side, and the method includes:
and S11, acquiring an authentication request from the terminal, and acquiring a mobile device identification code of the terminal according to the authentication request so that the terminal can communicate in a network terminal, wherein the authentication request comprises terminal information of the terminal and an address of the cloud platform terminal, and the terminal information comprises an account and a verification password corresponding to the terminal.
In other words, the execution subject of the embodiment is the network. Specifically, the address of the cloud platform end may be an address of a virtual machine of the cloud platform end. Account numbers and verification codes in terminal information of different terminals are different, and the account numbers and the verification codes can be input into the terminals by terminal users.
And S12, encrypting the terminal information to obtain a first ciphertext.
Specifically, the encryption of the terminal information may be performed by encrypting an account and a verification password of the terminal using a key m1 and an algorithm g 1.
And S13, sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and the decrypted terminal information according to the first ciphertext, and sends the second ciphertext and the decrypted terminal information, wherein the second ciphertext is obtained by encrypting the user identifier of the terminal.
And the second ciphertext and the decrypted terminal information can be obtained after the first ciphertext is sent to the cloud platform end.
And S14, acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information so as to realize the authentication of the cloud platform end.
The network authentication method of the cloud terminal system of the embodiment can realize authentication and link between the terminal separated from the SIM card and the cloud platform terminal, thereby expanding the application range of the cloud terminal.
Example 2:
as shown in fig. 1 to 4, the present embodiment provides a network authentication method of a cloud terminal system, which is used at a network side, and the method includes:
and S21, acquiring an authentication request from the terminal, and acquiring a mobile device identification code of the terminal according to the authentication request so that the terminal can communicate in the network terminal, wherein the authentication request comprises terminal information of the terminal and an address of the cloud platform terminal, and the terminal information comprises an account and a verification password corresponding to the terminal.
When the terminal user changes the terminal, restarts the terminal, or performs necessary authentication, the terminal user is prompted to input terminal information and an address of the cloud platform terminal on an interface of the terminal, so as to access the terminal from a network terminal (such as a telecom operator network).
It should be noted that the terminal includes a communication module and a user interface module. The communication module supports cellular mobile communication, Wi-Fi and the like; the user interface module includes an input and display interface.
The execution subject of the embodiment is a network side, such as a telecommunication operator communication network, for taking charge of mutual authentication with a cloud platform side and a terminal. Specifically, the address of the cloud platform end may be an address of a virtual machine of the cloud platform end. The account numbers and the verification passwords in the terminal information of different terminals are different, and further, the account numbers in the terminal information can be mobile phone numbers of the terminals.
Specifically, the obtaining of the authentication request from the terminal and the obtaining of the mobile device identifier of the terminal according to the authentication request includes:
the method comprises the steps of obtaining an authentication request from a terminal, and sending a first instruction to the terminal according to the authentication request, so that the terminal sends a mobile equipment identity (IMEI) of the terminal to a network terminal according to the first instruction for communication.
And S22, encrypting the terminal information to obtain a first ciphertext.
Specifically, the encryption of the terminal information may be performed by encrypting an account and a verification password of the terminal using a key m1 and an algorithm g 1.
And S23, sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and the decrypted terminal information according to the first ciphertext, and sends the second ciphertext and the decrypted terminal information, wherein the second ciphertext is obtained by encrypting the user identifier of the terminal.
And the second ciphertext and the decrypted terminal information can be obtained after the first ciphertext is sent to the cloud platform end.
And S24, acquiring and storing a first database, wherein the information in the first database comprises terminal information of all terminals corresponding to the cloud platform terminal and a pre-stored standard ciphertext.
Specifically, a cloud platform side may correspond to specific terminals, and the network side may acquire and store terminal information corresponding to the terminals and a pre-stored standard ciphertext to implement subsequent authentication.
And S25, acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information so as to realize the authentication of the cloud platform end.
Specifically, the decrypted terminal information is compared with information in a first database, and if the decrypted terminal information corresponds to at least part of information in the first database, the virtual machine in the cloud platform end is legal; and comparing the second ciphertext with the information in the first database, and if the second ciphertext corresponds to at least part of the information in the first database, determining that the second authentication module and the first judgment module in the cloud platform end are legal.
The method comprises the steps that a network side judges whether a terminal account number stored by the network side is consistent with an account number input by a user, and if so, the virtual machine of a cloud platform side is legal; and then the network further judges whether the pre-stored standard ciphertext and the second ciphertext are consistent, and if so, the second authentication module and the first judgment module in the cloud platform end are legal.
And S26, if the cloud platform end corresponds to the terminal, sending an authentication success message to the terminal.
In other words, as the above legality authentications are all passed, the network authorizes the terminal with the unique identifier of IMEI to access the network terminal, and prompts the user that the authentication is successful. Otherwise, prompting the user that the authentication fails.
Example 3:
as shown in fig. 1 to 4, the present embodiment provides a network authentication device of a cloud terminal system, which is located at a network end, and the device includes:
the cloud platform terminal comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring an authentication request from a terminal and acquiring a mobile equipment identification code of the terminal according to the authentication request so as to enable the terminal to be capable of communicating in a network terminal, the authentication request comprises terminal information of the terminal and an address of the cloud platform terminal, and the terminal information comprises an account number and a verification password corresponding to the terminal;
the first authentication module is used for encrypting the terminal information to obtain a first ciphertext;
the first sending module is used for sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and decrypted terminal information according to the first ciphertext, and sends the second ciphertext and the decrypted terminal information, wherein the second ciphertext is obtained by encrypting a user identifier of the terminal;
and the first judgment module is used for acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information so as to realize the authentication of the cloud platform end.
The network authentication device of the cloud terminal system further includes:
and the storage module is used for acquiring and storing a first database, wherein the information in the first database comprises terminal information of all terminals corresponding to the cloud platform terminal and a pre-stored standard ciphertext.
And the second sending module is used for sending an authentication success message to the terminal if the cloud platform end corresponds to the terminal.
Example 4:
as shown in fig. 1 to 4, the present embodiment provides a network authentication method of a cloud terminal system, which is used at a cloud platform, and the method includes:
and S31, receiving a first ciphertext from the network side, wherein the first ciphertext is obtained by encrypting the terminal information.
Specifically, a virtual machine in the cloud platform end receives a first ciphertext from the network end.
It should be noted that the execution main body of this embodiment is a cloud platform end, which is generally connected to a network end through a broadband, and connected to a terminal through a wireless network. And the cloud platform end is used for authenticating with the terminal and the network end, receiving the instruction of the user and returning the result.
And S32, decrypting the first ciphertext to obtain the decrypted terminal information.
Specifically, the virtual machine in the cloud platform end obtains the decrypted terminal information by using decryption keys and algorithms corresponding to m1 and g1, that is, the decrypted account and the decrypted verification password.
And S33, judging whether the terminal corresponds to the network side according to the decrypted terminal information.
Specifically, whether the decrypted terminal information is consistent with data stored in the cloud platform side in advance is judged, so that whether the terminal and the network side correspond to each other is judged.
And S34, if the terminal corresponds to the network terminal, acquiring the user identification of the terminal according to the decrypted terminal information.
If the terminal and the network correspond to each other, it is indicated that the terminal and the network have validity.
S35, encrypting the user identification to obtain a second ciphertext, and sending the second ciphertext and the decrypted terminal information to the network side, so that the network side can judge whether the cloud platform side corresponds to the terminal, and authentication of the cloud platform side is achieved.
The second authentication module at the cloud platform end specifically uses the key m2 and the algorithm g2 to perform encryption to form a second ciphertext.
Example 5:
as shown in fig. 1 to 4, the present embodiment provides a network authentication device of a cloud terminal system, which is located at a cloud platform end, and the device includes:
and the first receiving module is used for receiving a first ciphertext from the network end, and the first ciphertext is obtained by encrypting the terminal information.
And the decryption module is used for decrypting the first ciphertext to obtain the decrypted terminal information.
And the second judging module is used for judging whether the terminal corresponds to the network terminal according to the decrypted terminal information.
And the second acquisition module is used for acquiring the user identifier of the terminal according to the decrypted terminal information if the terminal corresponds to the network terminal.
Specifically, the first receiving module, the decryption module, the second judging module and the second obtaining module are all modules in a virtual machine in the cloud platform end.
And the second authentication module is used for encrypting the user identifier to obtain a second ciphertext and sending the second ciphertext to the network end so that the network end can judge whether the cloud platform end corresponds to the terminal or not to realize authentication of the cloud platform end.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
While embodiments in accordance with the invention have been described above, these embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments described. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated. The invention is limited only by the claims and their full scope and equivalents.

Claims (10)

1. A network authentication method of a cloud terminal system is used for a network terminal, and the method comprises the following steps:
acquiring an authentication request from a terminal, and acquiring a mobile equipment identification code of the terminal according to the authentication request so that the terminal can communicate in the network terminal, wherein the authentication request comprises terminal information of the terminal and an address of a cloud platform terminal, and the terminal information comprises an account number and a verification password corresponding to the terminal;
encrypting the terminal information to obtain a first ciphertext;
sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and decrypted terminal information according to the first ciphertext, and sends the second ciphertext and the decrypted terminal information, wherein the second ciphertext is obtained by encrypting a user identifier of the terminal;
and acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information so as to realize the authentication of the cloud platform end.
2. The network authentication method of the cloud terminal system according to claim 1, wherein the obtaining an authentication request from a terminal and obtaining a mobile device identification code of the terminal according to the authentication request includes:
the method comprises the steps of obtaining an authentication request from a terminal, and sending a first instruction to the terminal according to the authentication request so that the terminal sends a mobile equipment identification code of the terminal to a network side according to the first instruction.
3. The network authentication method of the cloud terminal system according to claim 1, wherein the acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and determining whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information, so as to implement the authentication of the cloud platform end before:
and acquiring and storing a first database, wherein the information in the first database comprises terminal information of all terminals corresponding to the cloud platform terminal and a pre-stored standard ciphertext.
4. The network authentication method of the cloud terminal system according to claim 3, wherein the acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and determining whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information to implement authentication of the cloud platform end includes:
comparing the decrypted terminal information with the information in the first database, and if the decrypted terminal information corresponds to the terminal account stored in the first database, determining that the virtual machine in the cloud platform end is legal; and comparing the second ciphertext with the information in the first database, and if the second ciphertext corresponds to a pre-stored standard ciphertext in the first database, determining that a second authentication module in the cloud platform end is legal.
5. The network authentication method of the cloud terminal system according to claim 1, wherein the acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and determining whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information, so as to implement the authentication of the cloud platform end includes:
and if the cloud platform end corresponds to the terminal, sending an authentication success message to the terminal.
6. A network authentication device of a cloud terminal system is located at a network end, and the device comprises:
the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring an authentication request from a terminal and acquiring a mobile equipment identification code of the terminal according to the authentication request so as to enable the terminal to be capable of communicating in the network terminal, the authentication request comprises terminal information of the terminal and an address of a cloud platform terminal, and the terminal information comprises an account number and a verification password corresponding to the terminal;
the first authentication module is used for encrypting the terminal information to obtain a first ciphertext;
the first sending module is used for sending the first ciphertext to the cloud platform end according to the address of the cloud platform end, so that the cloud platform end obtains a second ciphertext and decrypted terminal information according to the first ciphertext, and sends the second ciphertext and the decrypted terminal information, wherein the second ciphertext is obtained by encrypting a user identifier of the terminal;
and the first judgment module is used for acquiring the second ciphertext and the decrypted terminal information from the cloud platform end, and judging whether the cloud platform end corresponds to the terminal according to the second ciphertext and the decrypted terminal information so as to realize the authentication of the cloud platform end.
7. The network authentication device of the cloud terminal system according to claim 6, further comprising:
and the storage module is used for acquiring and storing a first database, wherein the information in the first database comprises terminal information of all terminals corresponding to the cloud platform terminal and a pre-stored standard ciphertext.
8. The network authentication device of the cloud terminal system according to claim 6, further comprising:
and the second sending module is used for sending an authentication success message to the terminal if the cloud platform end corresponds to the terminal.
9. A network authentication method of a cloud terminal system is used for a cloud platform terminal, and the method comprises the following steps:
receiving a first ciphertext from a network end, wherein the first ciphertext is obtained by encrypting terminal information;
decrypting the first ciphertext to obtain the decrypted terminal information;
judging whether the terminal corresponds to the network terminal or not according to the decrypted terminal information;
if the terminal corresponds to the network terminal, acquiring the user identification of the terminal according to the decrypted terminal information;
and encrypting the user identification to obtain a second ciphertext, and sending the second ciphertext and the decrypted terminal information to the network end so that the network end judges whether the cloud platform end corresponds to the terminal, so as to realize the authentication of the cloud platform end.
10. A network authentication device of a cloud terminal system is located at a cloud platform end, and the device comprises:
the first receiving module is used for receiving a first ciphertext from a network end, and the first ciphertext is obtained by encrypting terminal information;
the decryption module is used for decrypting the first ciphertext to obtain the decrypted terminal information;
the second judgment module is used for judging whether the terminal corresponds to the network terminal according to the decrypted terminal information;
the second obtaining module is used for obtaining the user identification of the terminal according to the decrypted terminal information if the terminal corresponds to the network terminal;
and the second authentication module is used for encrypting the user identifier to obtain a second ciphertext and sending the second ciphertext and the decrypted terminal information to the network end, so that the network end judges whether the cloud platform end corresponds to the terminal or not, and the authentication of the cloud platform end is realized.
CN201910701126.4A 2019-07-31 2019-07-31 Network authentication method and authentication device of cloud terminal system Active CN110311928B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910701126.4A CN110311928B (en) 2019-07-31 2019-07-31 Network authentication method and authentication device of cloud terminal system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910701126.4A CN110311928B (en) 2019-07-31 2019-07-31 Network authentication method and authentication device of cloud terminal system

Publications (2)

Publication Number Publication Date
CN110311928A CN110311928A (en) 2019-10-08
CN110311928B true CN110311928B (en) 2021-10-26

Family

ID=68082526

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910701126.4A Active CN110311928B (en) 2019-07-31 2019-07-31 Network authentication method and authentication device of cloud terminal system

Country Status (1)

Country Link
CN (1) CN110311928B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110808983A (en) * 2019-11-05 2020-02-18 西安雷风电子科技有限公司 Cloud desktop identity recognition detection method for network access of cloud desktop terminal

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104935607A (en) * 2015-07-07 2015-09-23 成都睿峰科技有限公司 Login certification method in cloud computing network
CN105208132A (en) * 2015-10-14 2015-12-30 成都中科创达软件有限公司 Intelligent terminal cloud management system
CN106506620A (en) * 2016-11-02 2017-03-15 河南智业科技发展有限公司 Cloud desktop intelligent terminal management system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9965816B2 (en) * 2014-04-17 2018-05-08 SILVAIR Sp. z o.o. System and method for administering licenses stored in an electronic module, and product unit comprising said module
JP6825296B2 (en) * 2016-10-11 2021-02-03 富士通株式会社 Edge server and its encrypted communication control method
US10601813B2 (en) * 2017-10-26 2020-03-24 Bank Of America Corporation Cloud-based multi-factor authentication for network resource access control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104935607A (en) * 2015-07-07 2015-09-23 成都睿峰科技有限公司 Login certification method in cloud computing network
CN105208132A (en) * 2015-10-14 2015-12-30 成都中科创达软件有限公司 Intelligent terminal cloud management system
CN106506620A (en) * 2016-11-02 2017-03-15 河南智业科技发展有限公司 Cloud desktop intelligent terminal management system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《云计算安全认证与可信接入协议研究进展》;孔功胜;《河南大学学报(自然科学版)》;20170228;第47卷(第1期);62-70 *

Also Published As

Publication number Publication date
CN110311928A (en) 2019-10-08

Similar Documents

Publication Publication Date Title
CN101406021B (en) SIM based authentication
CN100583767C (en) Key updating method and device
CN109041205A (en) Client registers method, apparatus and system
CN107547573B (en) authentication method applied to eSIM, RSP terminal and management platform
EP2879421B1 (en) Terminal identity verification and service authentication method, system, and terminal
CN105898743B (en) A kind of method for connecting network, apparatus and system
US11271922B2 (en) Method for authenticating a user and corresponding device, first and second servers and system
CN103688563A (en) Performing a group authentication and key agreement procedure
KR20060046243A (en) Method and system for secured duplication of information from a sim card to at least one communicating object
EP2248322A2 (en) Methods and apparatus for wireless device registration
CN103297403A (en) Method and system for achieving dynamic password authentication
CN107094127B (en) Processing method and device, and obtaining method and device of security information
CN103297408A (en) Login method and device, terminal and network server
CN104125567B (en) Home eNodeB accesses method for authenticating, device and the Home eNodeB of network side
CN101990201B (en) Method, system and device for generating general bootstrapping architecture (GBA) secret key
JP2006050523A (en) Authentication vector generation device, subscriber authentication module, mobile communication system, authentication vector generation method, calculation method, and subscriber authentication method
KR20160143333A (en) Method for Double Certification by using Double Channel
CN103974248A (en) Terminal security protection method, device and system in ability open system
CN101841814B (en) Terminal authentication method and system
CN109151823B (en) eSIM card authentication method and system
KR102095136B1 (en) A method for replacing at least one authentication parameter for authenticating a secure element, and a corresponding secure element
US7650139B2 (en) Method for ensuring security of subscriber card
CN110311928B (en) Network authentication method and authentication device of cloud terminal system
CN108123918A (en) A kind of account authentication login method and device
CN102014385A (en) Authentication method for mobile terminal, and mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant