CN110611719B - Message pushing method, server and system - Google Patents

Message pushing method, server and system Download PDF

Info

Publication number
CN110611719B
CN110611719B CN201910981293.9A CN201910981293A CN110611719B CN 110611719 B CN110611719 B CN 110611719B CN 201910981293 A CN201910981293 A CN 201910981293A CN 110611719 B CN110611719 B CN 110611719B
Authority
CN
China
Prior art keywords
communication link
authentication
message
target communication
link
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910981293.9A
Other languages
Chinese (zh)
Other versions
CN110611719A (en
Inventor
李顺洪
陈峰峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Hongmei Intelligent Technology Co Ltd
Original Assignee
Sichuan Hongmei Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Hongmei Intelligent Technology Co Ltd filed Critical Sichuan Hongmei Intelligent Technology Co Ltd
Priority to CN201910981293.9A priority Critical patent/CN110611719B/en
Publication of CN110611719A publication Critical patent/CN110611719A/en
Application granted granted Critical
Publication of CN110611719B publication Critical patent/CN110611719B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides a message pushing method, a server and a system, wherein the message pushing method comprises the following steps: authenticating each communication link, judging whether the target communication link passes the authentication or not when receiving a connection instruction carrying the target communication link, and if so, distributing a communication permission identifier for the target communication link; after determining the new message, judging whether the new message belongs to the target communication link with the allowed communication identification, and if so, pushing the new message through the target communication link with the allowed communication identification. The scheme provided by the invention realizes the active information pushing and can avoid the delay of the information pushing.

Description

Message pushing method, server and system
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a message pushing method, a server, and a system.
Background
With the popularization of networks, more and more people learn various messages such as real-time news, communication information and the like through the networks. At present, the message pushing mode is mainly that the browser sends an HTTP request to the server at regular time, and the server returns new data to the browser, which may cause a delay of the message pushing to some extent.
Disclosure of Invention
The embodiment of the invention provides a message pushing method, a server and a system, which realize active message pushing and avoid pushing delay.
In a first aspect, an embodiment of the present invention provides a message pushing method, including: authenticating each communication link, further comprising:
when a connection instruction carrying a target communication link is received, judging whether the target communication link passes authentication, if so, allocating a communication permission identifier for the target communication link;
after determining the new message, judging whether the new message belongs to the target communication link with the allowed communication identification, and if so, pushing the new message through the target communication link with the allowed communication identification.
Preferably, the first and second electrodes are formed of a metal,
authenticating each communication link, comprising:
when an authentication request carrying a communication link is received, judging whether the communication link meets a preset authentication condition, and if so, authenticating the communication link; otherwise, authentication of the communication link is denied.
Preferably, the first and second electrodes are formed of a metal,
authentication conditions including:
the authentication time interval corresponding to two adjacent authentication requests carrying the same IP address is not less than a preset interval threshold;
or,
in a time period, the number of the received authentication requests carrying the same IP address is not more than a preset number threshold.
Preferably, the first and second electrodes are formed of a metal,
aiming at an authentication request carrying user information, wherein the user information comprises a user characteristic identifier and a user password;
authenticating the communication link, comprising:
converting the user characteristic identifier and the user password into corresponding ASCII codes;
and generating an encryption key and a decryption key for the communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identification.
Preferably, the first and second electrodes are formed of a metal,
an encryption key comprising:
Figure BDA0002235265470000021
accordingly, the number of the first and second electrodes,
the decryption key includes:
Figure BDA0002235265470000022
wherein M isiRepresenting a fixed value corresponding to the communication link i obtained after encryption by the encryption key; ciCharacterised by a random generation of said communication link iA positive integer, the first positive integer being stored in correspondence with the communication link i; a. theyCharacterizing a first digital string formed by ASCII codes corresponding to the user name y corresponding to the communication link i; k characterizes the number of bits of the first string of digits; k is characterized in that the user name y is a randomly generated positive integer not greater than K; a. themA second numeric string formed by an ASCII code corresponding to the user password m corresponding to the communication link i; s represents the number of bits of the second numeric string; and S is characterized in that the user password m is randomly generated into a positive integer not larger than S.
Preferably, the first and second electrodes are formed of a metal,
the connection instruction includes: the result after the encryption of the encryption key corresponding to the target communication link;
determining whether the target communication link has been authenticated comprises:
decrypting the encrypted result of the encryption key corresponding to the target communication link by using the decryption key corresponding to the target communication link;
and judging whether the decrypted result is consistent with the stored first positive integer corresponding to the target communication link, if so, determining that the target communication link passes the authentication, otherwise, determining that the target communication link does not pass the authentication.
Preferably, the message pushing method further includes: and monitoring whether the communication link passing the authentication is on-line or not, and if not, rejecting the off-line communication link.
Preferably, the message pushing method further includes: and after receiving the push request refusing to receive, rejecting the communication link corresponding to the push request refusing to receive.
In a second aspect, the present invention provides a message push server, including: an authentication unit, a link maintenance unit, and a message processing unit, wherein,
the authentication unit is used for authenticating each communication link, judging whether the target communication link passes the authentication or not when receiving a connection instruction carrying the target communication link, and triggering the link maintenance unit if the target communication link passes the authentication;
the link maintenance unit is used for managing all communication links and distributing allowed communication identifiers for the target communication links after receiving the trigger of the authentication unit;
and the message processing unit is used for judging whether the new message belongs to the target communication link which is managed by the link maintenance unit and has the allowable communication identification after determining the new message, and pushing the new message through the target communication link with the allowable communication identification if the new message belongs to the target communication link with the allowable communication identification.
Preferably, the first and second electrodes are formed of a metal,
the authentication unit is used for judging whether the communication link meets a preset authentication condition or not when receiving an authentication request carrying the communication link, and if so, authenticating the communication link; otherwise, authentication of the communication link is denied.
Preferably, the first and second electrodes are formed of a metal,
aiming at an authentication request carrying user information, wherein the user information comprises a user characteristic identifier and a user password;
the authentication unit is used for converting the user characteristic identification and the user password into corresponding ASCII codes; generating an encryption key and a decryption key for a communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identifier;
wherein,
an encryption key comprising:
Figure BDA0002235265470000041
accordingly, the number of the first and second electrodes,
a decryption key, comprising:
Figure BDA0002235265470000042
wherein M isiRepresenting a fixed value corresponding to the communication link i obtained after encryption by the encryption key; ciA first positive integer characterized as being randomly generated for the communication link i, the first positive integer being stored in correspondence with the communication link i; a. thevCharacterizing the application to which the communication link i correspondsA first digit string formed by ASCII codes corresponding to the username y; k characterizes the number of bits of the first string of digits; k is characterized in that the user name y is a randomly generated positive integer not greater than K; a. themA second numeric string formed by an ASCII code corresponding to the user password m corresponding to the communication link i; s represents the number of bits of the second numeric string; and S is characterized in that the user password m is randomly generated into a positive integer not larger than S.
Preferably, the link maintenance unit is further configured to monitor whether the communication link that has passed the authentication is online, and if not, reject the offline communication link.
Preferably, the link maintenance unit is further configured to, after receiving the push request refusal to receive, reject the communication link corresponding to the push request refusal to receive.
In a third aspect, the present invention provides a message pushing system, including: any one of the above servers, message push terminals and message receive terminals, wherein,
the message receiving end is connected with the server through a communication link and used for sending a connection instruction carrying a target communication link and receiving a new message pushed by the server;
and the message pushing end is used for pushing a new message to the server.
The embodiment of the invention provides a message pushing method, a server and a system, wherein the message pushing method authenticates each communication link, judges whether a target communication link passes the authentication or not when receiving a connection instruction carrying the target communication link, and allocates a communication permission identifier for the target communication link if the target communication link passes the authentication; after determining the new message, judging whether the new message belongs to the target communication link with the allowed communication identification, and if so, pushing the new message through the target communication link with the allowed communication identification. Namely, the authenticated communication link is managed, when a message exists, the corresponding link is found for the message, the link can be selected for the message without a timed HTTP request, and the message is transmitted through the link, so that the message is actively pushed, and the delay of message pushing is avoided.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a message pushing method according to an embodiment of the present invention;
fig. 2 is a flowchart of a message pushing method according to another embodiment of the present invention;
fig. 3 is a schematic structural diagram of a message push server according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a message push server according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a message pushing method, where the message pushing method specifically includes:
step 101: authenticating each communication link;
step 102: when a connection instruction carrying a target communication link is received, judging whether the target communication link passes authentication, if so, executing a step 103, otherwise, executing a step 104;
step 103: allocating a communication permission identification for the target communication link, and executing the step 105;
step 104: determining that the target communication link is an illegal communication link, forbidding the access of the target communication link, and ending the current process;
step 105: after determining the new message, determining whether the new message belongs to the target communication link with the allowed communication identifier, if so, executing step 106; otherwise, go to step 107;
step 106: pushing a new message through the target communication link with the allowed communication identifier, and ending the current process;
step 107: the new message is persisted.
In the embodiment shown in fig. 1, by authenticating each communication link, when receiving a connection instruction carrying a target communication link, determining whether the target communication link has passed the authentication, and if so, allocating a communication permission identifier to the target communication link; after determining the new message, judging whether the new message belongs to the target communication link with the allowed communication identification, and if so, pushing the new message through the target communication link with the allowed communication identification. Namely, the authenticated communication link is managed, when a message exists, the corresponding link is found for the message, the link can be selected for the message without a timed HTTP request, and the message is transmitted through the link, so that the message is actively pushed, and the delay of message pushing is avoided.
The process of authenticating each communication link may be to register the communication link by using a user name and a password, where the registration process, that is, the authentication process, stores the registration and assigns a corresponding authentication identifier to the corresponding communication link.
The management of the communication link may be implemented in the form of a table, i.e., in the table, an authentication flag, a communication allowed flag, a communication disallowed flag, and the like of the communication link.
The target communication link is a link to be connected to a server.
In another embodiment of the present invention, a specific implementation manner of the foregoing step 101 may be that, when receiving an authentication request carrying a communication link, determining whether the communication link meets a preset authentication condition, and if so, authenticating the communication link; otherwise, authentication of the communication link is denied.
In addition, after the authentication, a white list and a black list can be set, and for a communication link passing the authentication, the white list can be added, if the communication link is judged to meet the preset authentication condition, the white list can be judged, and for a communication link attacked maliciously, the black list can be added, and the communication link in the black list is determined to be not authenticated.
The authentication of the communication link may be a characteristic marking of the communication link, for example, a marking of "1" for a communication link satisfying the authentication condition, a marking of "0" for a communication link not satisfying the authentication condition, and the like.
If the new message is pushed for all users, the target communication link is all communication links which can be communicated; and if the new message is pushed for the specified user, the target communication link is a unique identifier directly found according to the user after authentication passes.
The maintenance of the related information of the communication link comprises a data structure in which key-value is stored, wherein the key is the encrypted user identifier carried in authentication, and the value is the communication link information, and the corresponding link can be acquired through the key.
In an embodiment of the present invention, the authentication condition may be that an authentication time interval corresponding to two adjacent authentication requests carrying the same IP address is not less than a preset interval threshold; or, in a time period, the number of the received authentication requests carrying the same IP address is not greater than a preset number threshold. Generally, the communication link under the malicious attack frequently initiates authentication or connection, and the communication link under the malicious attack can be excluded through the authentication condition, so that the communication security is ensured.
In one embodiment of the invention, aiming at an authentication request carrying user information, the user information comprises a user characteristic identifier and a user password; authenticating the communication link, including: converting the user characteristic identifier and the user password into corresponding ASCII codes; and generating an encryption key and a decryption key for the communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identification.
By converting the user characteristic identifier and the user password into corresponding ASCII codes and generating the encryption key and the decryption key for the communication link by using the ASCII codes, the user characteristic identifier such as an identity card number, a mobile phone number, a user name and the like and the user password are encrypted, and the safety of the user characteristic identifier and the user password is ensured.
In one embodiment of the invention, an encryption key comprises:
Figure BDA0002235265470000081
accordingly, the number of the first and second electrodes,
the decryption key includes:
Figure BDA0002235265470000082
wherein M isiRepresenting a fixed value corresponding to the communication link i obtained after encryption by the encryption key; ciA first positive integer characterized as being randomly generated for the communication link i, the first positive integer being stored in correspondence with the communication link i; a. theyCharacterizing a first digital string formed by ASCII codes corresponding to the user name y corresponding to the communication link i; k characterizes the number of bits of the first string of digits; k is characterized in that the user name y is a randomly generated positive integer not greater than K; a. themA second numeric string formed by an ASCII code corresponding to the user password m corresponding to the communication link i; s represents the number of bits of the second numeric string; and S is characterized in that the user password m is randomly generated into a positive integer not larger than S.
The encryption key and the decryption key realize hiding of the user name and the password on one hand and ensure the matching accuracy on the other hand. The first positive integer randomly generated by the server for the communication link, the encryption key and the decryption key are stored in the server and are inverse operations to each other. Even if the server is attacked maliciously, the user name and the password of the user cannot be revealed.
In one embodiment of the invention, the connection instruction comprises: the result after the encryption of the encryption key corresponding to the target communication link; determining whether the target communication link has passed the authentication embodiment comprises: decrypting the encrypted result of the encryption key corresponding to the target communication link by using the decryption key corresponding to the target communication link; and judging whether the decrypted result is consistent with the stored first positive integer corresponding to the target communication link, if so, determining that the target communication link passes the authentication, otherwise, determining that the target communication link does not pass the authentication.
In an embodiment of the present invention, the message pushing method may further include: and monitoring whether the communication link passing the authentication is on-line or not, and if not, rejecting the off-line communication link. The communication link can be better managed and the occupation of resources by invalid communication links is avoided.
In an embodiment of the present invention, the message pushing method may further include: and after receiving the push request refusing to receive, rejecting the communication link corresponding to the push request refusing to receive. The message pushing can follow the will of the user, and the user satisfaction is improved.
As shown in fig. 2, an embodiment of the present invention provides a message pushing method, where the message pushing method may include the following steps:
step 200: when receiving an authentication request carrying a communication link, judging whether the communication link meets a preset authentication condition, if so, executing step 201; otherwise, go to step 202;
the authentication condition is that the authentication time interval corresponding to two adjacent authentication requests carrying the same IP address is not less than a preset interval threshold; or, in a time period, the number of the received authentication requests carrying the same IP address is not greater than a preset number threshold.
Step 201: authenticating the communication link and executing step 203;
aiming at an authentication request carrying user information, wherein the user information comprises a user characteristic identifier and a user password; the specific implementation manner of the step can be that the user characteristic identification and the user password are converted into corresponding ASCII codes; and generating an encryption key and a decryption key for the communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identification. Wherein,
an encryption key comprising:
Figure BDA0002235265470000091
accordingly, the number of the first and second electrodes,
the decryption key includes:
Figure BDA0002235265470000092
wherein M isiRepresenting a fixed value corresponding to the communication link i obtained after encryption by the encryption key; ciA first positive integer characterized as being randomly generated for the communication link i, the first positive integer being stored in correspondence with the communication link i; a. thevCharacterizing a first digital string formed by ASCII codes corresponding to the user name y corresponding to the communication link i; k characterizes the number of bits of the first string of digits; k is characterized in that the user name y is a randomly generated positive integer not greater than K; a. themA second numeric string formed by an ASCII code corresponding to the user password m corresponding to the communication link i; s represents the number of bits of the second numeric string; and S is characterized in that the user password m is randomly generated into a positive integer not larger than S.
Step 202: refusing the authentication of the communication link and ending the current process;
the above steps 200 to 202 are processes of authenticating the communication link.
Step 203: when a connection instruction carrying a target communication link is received, judging whether the target communication link passes authentication, if so, executing step 204; otherwise, go to step 205;
the connection instruction may include a result of encrypting the encryption key corresponding to the target communication link. Decrypting the encrypted result of the encryption key corresponding to the target communication link by using the decryption key corresponding to the target communication link; and judging whether the decrypted result is consistent with the stored first positive integer corresponding to the target communication link, if so, determining that the target communication link passes the authentication, otherwise, determining that the target communication link does not pass the authentication.
Step 204: allocating a communication permission identification for the target communication link, and executing step 206;
step 205: allocating a disallowed communication identifier for the target communication link;
step 206: after determining the new message, determining whether the new message belongs to the target communication link with the allowed communication identifier, if yes, executing step 207; otherwise, go to step 208;
in the process, a netty framework is selected as a communication driver, and the netty framework is used as an asynchronous non-blocking high-availability communication framework which can simultaneously support and maintain a plurality of communication links.
Step 207: pushing a new message through the target communication link with the allowed communication identifier, and ending the current process;
step 208: the new message is not sent to any communication link.
As shown in fig. 3, an embodiment of the present invention provides a message push server, where the message push server includes: an authentication unit 301, a link maintenance unit 302, and a message processing unit 303, wherein,
an authentication unit 301, configured to authenticate each communication link, determine whether a target communication link has passed authentication when receiving a connection instruction carrying the target communication link, and trigger a link maintenance unit 302 if the target communication link has passed authentication;
a link maintenance unit 302, configured to manage all communication links, and after receiving the trigger of the authentication unit 301, allocate a communication permission identifier to a target communication link;
a message processing unit 303, configured to, after determining a new message, acquire all communication links from the link maintenance unit 302, determine whether the new message belongs to a target communication link with a communication permission identifier, and if so, push the new message through the target communication link with the communication permission identifier.
In another embodiment of the present invention, the authentication unit 301 is configured to, when receiving an authentication request carrying a communication link, determine whether the communication link meets a preset authentication condition, and if so, authenticate the communication link; otherwise, authentication of the communication link is denied.
In one embodiment of the present invention, an authentication request carrying user information is addressed, where the user information includes a user feature identifier and a user password;
an authentication unit 301, configured to convert the user feature identifier and the user password into corresponding ASCII codes; generating an encryption key and a decryption key for a communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identifier;
wherein,
an encryption key comprising:
Figure BDA0002235265470000111
accordingly, the number of the first and second electrodes,
a decryption key, comprising:
Figure BDA0002235265470000112
wherein M isiRepresenting a fixed value corresponding to the communication link i obtained after encryption by the encryption key; ciA first positive integer characterized as being randomly generated for the communication link i, the first positive integer being stored in correspondence with the communication link i; a. theyCharacterizing a first digital string formed by ASCII codes corresponding to the user name y corresponding to the communication link i; k characterizes the number of bits of the first string of digits; k is characterized byA positive integer not greater than K is randomly generated by the user name y; a. themA second numeric string formed by an ASCII code corresponding to the user password m corresponding to the communication link i; s represents the number of bits of the second numeric string; and S is characterized in that the user password m is randomly generated into a positive integer not larger than S.
Any one of the methods or devices is completed by taking websocket communication as a core.
In an embodiment of the present invention, the link maintenance unit is further configured to monitor whether the communication link that has passed the authentication is online, and if not, reject the offline communication link.
In an embodiment of the present invention, the link maintenance unit is further configured to, after receiving the push request refusal, reject the communication link corresponding to the push request refusal.
As shown in fig. 4, an embodiment of the present invention provides a message pushing system, including: any of the above-mentioned server 401, message push end 402, and message receive end 403, wherein,
the message receiving end 403 is connected to the server 401 through a communication link, and is configured to send a connection instruction carrying a target communication link and receive a new message pushed by the server 401;
a message pushing terminal 402, configured to push a new message to the server 401.
The embodiment of the invention provides a readable medium, which comprises an execution instruction, and when a processor of a storage controller executes the execution instruction, the storage controller executes any message pushing method provided by the embodiment of the invention.
The embodiments of the invention have at least the following beneficial effects:
1. in the embodiment of the invention, by authenticating each communication link, when a connection instruction carrying a target communication link is received, whether the target communication link passes the authentication is judged, and if so, a communication permission identifier is distributed to the target communication link; after determining the new message, judging whether the new message belongs to the target communication link with the allowed communication identification, and if so, pushing the new message through the target communication link with the allowed communication identification. Namely, the authenticated communication link is managed, when a message exists, the corresponding link is found for the message, the link can be selected for the message without a timed HTTP request, and the message is transmitted through the link, so that the message is actively pushed, and the delay of message pushing is avoided.
2. In the embodiment of the invention, aiming at an authentication request carrying user information, the user information comprises a user characteristic identifier and a user password; authenticating the communication link, including: converting the user characteristic identifier and the user password into corresponding ASCII codes; and generating an encryption key and a decryption key for the communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identification. The user characteristic identification such as the identity card number, the mobile phone number, the user name and the like and the user password are encrypted, and the safety of the user characteristic identification and the user password is ensured.
3. In the embodiment of the invention, the hiding of the user name and the password is realized on one hand through the encryption key and the decryption key, and the matching accuracy is ensured on the other hand. The first positive integer randomly generated by the server for the communication link, the encryption key and the decryption key are stored in the server and are inverse operations to each other. Even if the server is attacked maliciously, the user name and the password of the user cannot be revealed.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a" does not exclude the presence of other similar elements in a process, method, article, or apparatus that comprises the element.
Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it is to be noted that: the above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (6)

1. A message pushing method, wherein each communication link is authenticated, further comprising:
when a connection instruction carrying a target communication link is received, judging whether the target communication link passes authentication, if so, allocating a communication permission identifier for the target communication link; wherein the target communication link is a link to be connected to a server;
after determining a new message, judging whether the new message belongs to a target communication link with the communication permission identification, if so, pushing the new message through the target communication link with the communication permission identification;
the authenticating each communication link includes:
when an authentication request carrying a communication link is received, judging whether the communication link meets a preset authentication condition, and if so, authenticating the communication link; otherwise, rejecting the authentication of the communication link;
aiming at an authentication request carrying user information, wherein the user information comprises a user characteristic identifier and a user password;
the authenticating the communication link comprises:
converting the user characteristic identifier and the user password into corresponding ASCII codes;
generating an encryption key and a decryption key for the communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identifier;
the encryption key includes:
Figure FDA0003500938470000011
accordingly, the number of the first and second electrodes,
the decryption key includes:
Figure FDA0003500938470000012
wherein M isiRepresenting a fixed value corresponding to the communication link i obtained after encryption by the encryption key; ciA first positive integer characterized as being randomly generated for the communication link i, the first positive integer being stored in correspondence with the communication link i; a. theyCharacterizing a first digital string formed by ASCII codes corresponding to the user name y corresponding to the communication link i; k characterizes the number of bits of the first string of digits; k is characterized in that the user name y is a randomly generated positive integer not greater than K; a. themA second numeric string formed by an ASCII code corresponding to the user password m corresponding to the communication link i; s represents the number of bits of the second numeric string; s is characterized in that the user password m is a positive integer which is randomly generated and is not more than S;
the connection instruction includes: the result after the encryption of the encryption key corresponding to the target communication link;
the determining whether the target communication link has been authenticated comprises:
decrypting the encrypted result of the encryption key corresponding to the target communication link by using the decryption key corresponding to the target communication link;
and judging whether the decrypted result is consistent with the stored first positive integer corresponding to the target communication link, if so, determining that the target communication link passes the authentication, otherwise, determining that the target communication link does not pass the authentication.
2. The message pushing method according to claim 1, wherein the authentication condition comprises:
the authentication time interval corresponding to two adjacent authentication requests carrying the same IP address is not less than a preset interval threshold;
or,
in a time period, the number of the received authentication requests carrying the same IP address is not more than a preset number threshold.
3. The message pushing method according to any one of claims 1 to 2, further comprising:
monitoring whether the communication link passing the authentication is on-line, and if not, rejecting the off-line communication link;
and/or the presence of a gas in the gas,
and after receiving the push request refusing to receive, rejecting the communication link corresponding to the push request refusing to receive.
4. A message push server, comprising: an authentication unit, a link maintenance unit, and a message processing unit, wherein,
the authentication unit is used for authenticating each communication link, judging whether the target communication link passes the authentication or not when receiving a connection instruction carrying the target communication link, and triggering the link maintenance unit if the target communication link passes the authentication; wherein the target communication link is a link to be connected to a server;
the link maintenance unit is used for managing all communication links, and distributing allowed communication identifiers for the target communication link after receiving the trigger of the authentication unit;
the message processing unit is used for judging whether the new message belongs to the target communication link which is managed by the link maintenance unit and has the allowed communication identifier or not after determining the new message, and if so, pushing the new message through the target communication link which has the allowed communication identifier;
the authentication unit is used for judging whether the communication link meets a preset authentication condition or not when receiving an authentication request carrying the communication link, and if so, authenticating the communication link; otherwise, rejecting the authentication of the communication link;
aiming at an authentication request carrying user information, wherein the user information comprises a user characteristic identifier and a user password;
the authentication unit is further used for converting the user characteristic identifier and the user password into corresponding ASCII codes; generating an encryption key and a decryption key for the communication link by using the ASCII code, and sending the encryption key to a message receiving end corresponding to the user characteristic identifier;
wherein,
the encryption key includes:
Figure FDA0003500938470000031
accordingly, the number of the first and second electrodes,
the decryption key includes:
Figure FDA0003500938470000032
wherein M isiRepresenting a fixed value corresponding to the communication link i obtained after encryption by the encryption key; ciA first positive integer characterized as being randomly generated for the communication link i, the first positive integer being stored in correspondence with the communication link i; a. theyCharacterizing a first digital string formed by ASCII codes corresponding to the user name y corresponding to the communication link i; k meterCharacterizing a number of bits of the first string of digits; k is characterized in that the user name y is a randomly generated positive integer not greater than K; a. themA second numeric string formed by an ASCII code corresponding to the user password m corresponding to the communication link i; s represents the number of bits of the second numeric string; s is characterized in that the user password m is a positive integer which is randomly generated and is not more than S;
the connection instruction includes: the result after the encryption of the encryption key corresponding to the target communication link;
the determining whether the target communication link has been authenticated comprises:
decrypting the encrypted result of the encryption key corresponding to the target communication link by using the decryption key corresponding to the target communication link;
and judging whether the decrypted result is consistent with the stored first positive integer corresponding to the target communication link, if so, determining that the target communication link passes the authentication, otherwise, determining that the target communication link does not pass the authentication.
5. The message push server according to claim 4,
the link maintenance unit is further used for monitoring whether the communication link which passes the authentication is online or not, and if not, the offline communication link is removed;
and/or the presence of a gas in the gas,
and the link maintenance unit is further used for rejecting the communication link corresponding to the push request refusing to be received after the push request refusing to be received is received.
6. A message push system, comprising: the server, the message push end, and the message receive end of any of claims 4 or 5,
the message receiving end is connected with the server through a communication link and used for sending a connection instruction carrying a target communication link and receiving a new message pushed by the server;
and the message pushing end is used for pushing a new message to the server.
CN201910981293.9A 2019-10-16 2019-10-16 Message pushing method, server and system Active CN110611719B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910981293.9A CN110611719B (en) 2019-10-16 2019-10-16 Message pushing method, server and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910981293.9A CN110611719B (en) 2019-10-16 2019-10-16 Message pushing method, server and system

Publications (2)

Publication Number Publication Date
CN110611719A CN110611719A (en) 2019-12-24
CN110611719B true CN110611719B (en) 2022-04-19

Family

ID=68894673

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910981293.9A Active CN110611719B (en) 2019-10-16 2019-10-16 Message pushing method, server and system

Country Status (1)

Country Link
CN (1) CN110611719B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011015099A1 (en) * 2009-08-07 2011-02-10 中兴通讯股份有限公司 Method and system for information transfer, application server and mobile terminal
CN103108037A (en) * 2013-01-22 2013-05-15 华为技术有限公司 Communication method, Web server and Web communication system
CN107181821A (en) * 2017-07-05 2017-09-19 广州华多网络科技有限公司 A kind of information push method and device based on SSE specifications
CN107734076A (en) * 2017-11-29 2018-02-23 湖北三新文化传媒有限公司 Information push method, device and storage medium
CN108965359A (en) * 2017-05-19 2018-12-07 北京京东尚科信息技术有限公司 Communication means, communication device, readable medium and electronic equipment
CN109450983A (en) * 2018-10-16 2019-03-08 北京趣拿软件科技有限公司 The treating method and apparatus of information
CN110213195A (en) * 2018-02-28 2019-09-06 中国移动通信集团内蒙古有限公司 A kind of login authentication method, server and user terminal

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20000071993A (en) * 2000-06-10 2000-12-05 최제형 Authentication method and device, and operation method for medium with specified period and anthorization for payment method of internet payinformation service
US20060143695A1 (en) * 2004-12-27 2006-06-29 Amiram Grynberg Anonymous Spoof resistant authentication and enrollment methods
CN104092542B (en) * 2013-09-11 2016-08-10 腾讯科技(深圳)有限公司 A kind of account login method, Apparatus and system
KR101498670B1 (en) * 2013-10-07 2015-03-05 이화여자대학교 산학협력단 The generation method and device of password by using biometrics-based confidence interval sets
CN104469767B (en) * 2014-10-28 2017-12-26 杭州电子科技大学 The implementation method of integrated form security protection subsystem in a set of mobile office system
CN107295011B (en) * 2017-08-04 2020-09-04 杭州安恒信息技术股份有限公司 Web page security authentication method and device
CN109041205A (en) * 2018-08-23 2018-12-18 刘高峰 Client registers method, apparatus and system
CN109583181B (en) * 2018-11-29 2020-07-03 新华三技术有限公司 Authentication method, authentication device and machine-readable storage medium
CN110536291B (en) * 2019-01-18 2024-11-01 中兴通讯股份有限公司 Authentication method, device and system
CN109831441B (en) * 2019-02-22 2021-10-22 深圳市信锐网科技术有限公司 Identity authentication method, system and related components
CN111327583B (en) * 2019-08-22 2022-03-04 刘高峰 Identity authentication method, intelligent equipment and authentication server

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011015099A1 (en) * 2009-08-07 2011-02-10 中兴通讯股份有限公司 Method and system for information transfer, application server and mobile terminal
CN103108037A (en) * 2013-01-22 2013-05-15 华为技术有限公司 Communication method, Web server and Web communication system
CN108965359A (en) * 2017-05-19 2018-12-07 北京京东尚科信息技术有限公司 Communication means, communication device, readable medium and electronic equipment
CN107181821A (en) * 2017-07-05 2017-09-19 广州华多网络科技有限公司 A kind of information push method and device based on SSE specifications
CN107734076A (en) * 2017-11-29 2018-02-23 湖北三新文化传媒有限公司 Information push method, device and storage medium
CN110213195A (en) * 2018-02-28 2019-09-06 中国移动通信集团内蒙古有限公司 A kind of login authentication method, server and user terminal
CN109450983A (en) * 2018-10-16 2019-03-08 北京趣拿软件科技有限公司 The treating method and apparatus of information

Also Published As

Publication number Publication date
CN110611719A (en) 2019-12-24

Similar Documents

Publication Publication Date Title
KR100811419B1 (en) How to defend against denial of service attacks in authentication protocol using public key cryptography
CN108876332A (en) A kind of block chain method for secure transactions and device based on biological characteristic label certification
CN106453361B (en) A kind of security protection method and system of the network information
CN108243176B (en) Data transmission method and device
CN111130798B (en) Request authentication method and related equipment
CN115333840B (en) Resource access method, system, equipment and storage medium
CN111027036A (en) Identity association method based on block chain
CN115842680B (en) Network identity authentication management method and system
Dua et al. Replay attack prevention in Kerberos authentication protocol using triple password
CN113992354A (en) Identity authentication method, device, equipment and machine readable storage medium
CN112448958A (en) Domain policy issuing method and device, electronic equipment and storage medium
CN110602083B (en) Secure transmission and storage method of digital identity authentication data
CN116248351A (en) Resource access method and device, electronic equipment and storage medium
CN106911628A (en) A kind of user registers the method and device of application software on the client
CN104734856A (en) Password authentication method for preventing server-side information from being leaked
CN110572392A (en) Identity authentication method based on HyperLegger network
CN105577606B (en) A kind of method and apparatus for realizing authenticator registration
KR102355708B1 (en) Method for processing request based on user authentication using blockchain key and system applying same
CN110611719B (en) Message pushing method, server and system
CN111614458A (en) Method, system and storage medium for generating gateway JWT
CN116647345A (en) Method and device for generating permission token, storage medium and computer equipment
CN117459260A (en) Edge computing node detection method, system and equipment for user information
CN112995140B (en) Safety management system and method
CN105681364B (en) An anti-attack method for IPv6 mobile terminals based on enhanced binding
CN113079506B (en) Network security authentication method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant