CN110855620B - Position verification method and device, computer equipment and storage medium - Google Patents

Position verification method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN110855620B
CN110855620B CN201910984420.0A CN201910984420A CN110855620B CN 110855620 B CN110855620 B CN 110855620B CN 201910984420 A CN201910984420 A CN 201910984420A CN 110855620 B CN110855620 B CN 110855620B
Authority
CN
China
Prior art keywords
address information
target client
access right
preset
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910984420.0A
Other languages
Chinese (zh)
Other versions
CN110855620A (en
Inventor
陈翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Puhui Enterprise Management Co Ltd
Original Assignee
Ping An Puhui Enterprise Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Puhui Enterprise Management Co Ltd filed Critical Ping An Puhui Enterprise Management Co Ltd
Priority to CN201910984420.0A priority Critical patent/CN110855620B/en
Publication of CN110855620A publication Critical patent/CN110855620A/en
Application granted granted Critical
Publication of CN110855620B publication Critical patent/CN110855620B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the invention discloses a position verification method, a position verification device, computer equipment and a storage medium, wherein the position verification method comprises the following steps: acquiring first address information and second address information of a target client, wherein the first address information represents an internet protocol address of the target client, and the second address information represents position coordinates of the target client; confirming whether the position relation represented by the first address information and the second address information meets a preset verification condition, wherein the preset verification condition is used for confirming the position generic relation between the first address information and the second address information; and defining a first access right of the associated account of the target client according to the confirmation result. The method can quickly determine whether the target client uploads the position coordinate information in a virtual mode, and sets the access authority of the associated account bound with the target client according to the judgment result, so that the virtual position information is prevented from misleading normal data statistics of the server, and the accuracy of data operation is ensured.

Description

Position verification method and device, computer equipment and storage medium
Technical Field
The embodiment of the invention relates to the field of data security, in particular to a position verification method and device, computer equipment and a storage medium.
Background
The GPS, namely the Global Positioning System (english name: global Positioning System), also called Global satellite Positioning System, and the chinese character is simply called "ball position System", is a middle-distance circular orbit satellite Positioning System, and combines the technology of satellite and communication development, and uses the navigation satellite to perform time measurement and distance measurement. Satellite positioning systems have been widely used in aviation, navigation, communications, personnel tracking, consumer entertainment, mapping, time service, vehicle monitoring management, and automotive navigation and information services.
The application attendance management system or the personnel management system serving as the positioning system can position the coordinate information of the user, then determine the actual position of the user according to the coordinate information, further confirm the travel of the user and achieve the purpose of remote assessment.
However, in the prior art, part of users send virtual coordinate information to the server side in a virtual GPS data mode, which misguides the server side to make data statistics inconsistent with the actual situation, and seriously affects the enterprise benefit.
Disclosure of Invention
The embodiment of the invention provides a method, a device, computer equipment and a storage medium for verifying whether position coordinates uploaded by a client have virtual positions by comparing and judging internet protocol addresses and the position coordinates.
In order to solve the above technical problem, the embodiment of the present invention adopts a technical solution that: provided is a location verification method including:
acquiring first address information and second address information of a target client, wherein the first address information represents an internet protocol address of the target client, and the second address information represents position coordinates of the target client;
confirming whether the position relation represented by the first address information and the second address information meets a preset verification condition, wherein the preset verification condition is used for confirming the position belonging relation between the first address information and the second address information;
and defining a first access right of the associated account of the target client according to the confirmation result.
Optionally, after the defining the first access right of the associated account of the target client according to the confirmation result, the method further includes:
continuously acquiring second address information of the target client in a preset time period;
comparing whether the second address information acquired at different moments is consistent or not;
and when the second address information at different moments is consistent, adjusting the first access authority according to a preset adjustment rule to generate a second access authority, wherein the preset adjustment rule is used for correcting the access authority of the associated account.
Optionally, before continuously obtaining the second address information of the target client within the preset time period, the method further includes:
obtaining motion state data of the target client, wherein the motion state data comprises: data in a pedometer and/or gyroscope in the target client;
judging whether the target client is in a motion state or not according to the motion state data;
and when the target client is in a motion state, sending a preset first acquisition instruction to the target client, wherein the first acquisition instruction is used for enabling the target client to continuously upload the second address information.
Optionally, after the adjusting the first access right according to a preset adjustment rule to generate a second access right when the second address information at different times is consistent, the method further includes:
acquiring positioning data in the target client, wherein the positioning data is data in a position annunciator in the target client;
calculating a verification position coordinate represented by the positioning data according to a preset position coordinate calculation protocol;
comparing whether the verification position coordinate is the same as the position coordinate represented by the second address information;
and when the verification position coordinate is different from the position coordinate represented by the second address information, adjusting the second access authority according to the preset adjustment rule to generate a third access authority.
Optionally, the positioning data includes data of the number of satellites connected to the position annunciator, and after the positioning data in the target client is obtained, the method further includes:
analyzing the number of satellites connected with the position annunciator according to the positioning data;
comparing the number of the satellites connected with the position annunciator with a preset satellite threshold value;
and when the number of the position annunciator connected with the satellites is smaller than the preset satellite threshold value, adjusting the second access authority according to the preset adjustment rule to generate a third access authority.
Optionally, after the adjusting the second access right according to the preset adjustment rule to generate a third access right when the number of the satellites connected to the position signal device is smaller than the preset satellite threshold, the method further includes:
acquiring network card interface information in the target client;
searching whether a preset target agent interface exists in the network card interface information or not;
and when the network card interface information comprises the preset target agent interface, adjusting the third access authority according to the preset adjustment rule to generate a fourth access authority.
Optionally, after the adjusting the third access right according to the preset adjustment rule to generate a fourth access right when the network card interface information includes the preset target agent interface, the method further includes:
acquiring weight values corresponding to the first access right, the second access right, the third access right and the fourth access right, wherein the first access right, the second access right, the third access right and the fourth access right are sequentially reduced;
performing weighted calculation on the first access right, the second access right, the third access right and the fourth access right to generate a weighted value;
comparing the weighted value with a preset judgment threshold value;
and when the weighted value is larger than the judgment threshold value, determining to add the associated account into a blacklist.
To solve the above technical problem, an embodiment of the present invention further provides a position verification apparatus, including:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring first address information and second address information of a target client, the first address information represents an internet protocol address of the target client, and the second address information represents a position coordinate of the target client;
the processing module is used for confirming whether the position relation represented by the first address information and the second address information meets a preset verification condition, wherein the preset verification condition is used for confirming the position belonging relation between the first address information and the second address information;
and the execution module is used for defining the first access right of the associated account of the target client according to the confirmation result.
Optionally, the position verification apparatus further includes:
the first obtaining submodule is used for continuously obtaining second address information of the target client in a preset time period;
the first comparison sub-module is used for comparing whether the second address information acquired at different moments is consistent or not;
and the first execution submodule is used for adjusting the first access authority according to a preset adjustment rule to generate a second access authority when the second address information at different moments is consistent, wherein the preset adjustment rule is used for correcting the access authority of the associated account.
Optionally, the position verification apparatus further includes:
a second obtaining sub-module, configured to obtain motion state data of the target client, where the motion state data includes: data in a pedometer and/or gyroscope in the target client;
the first processing submodule is used for judging whether the target client is in a motion state or not according to the motion state data;
and the second execution submodule is used for sending a preset first acquisition instruction to the target client when the target client is in a motion state, wherein the first acquisition instruction is used for enabling the target client to continuously upload the second address information.
Optionally, the position verification apparatus further includes:
a third obtaining submodule, configured to obtain positioning data in the target client, where the positioning data is data in a position annunciator in the target client;
the second processing submodule is used for calculating a verification position coordinate represented by the positioning data according to a preset position coordinate calculation protocol;
the second comparison submodule is used for comparing whether the verification position coordinate is the same as the position coordinate represented by the second address information or not;
and the third execution submodule is used for adjusting the second access authority according to the preset adjustment rule to generate a third access authority when the verification position coordinate is different from the position coordinate represented by the second address information.
Optionally, the positioning data includes data of the number of satellites connected to the position annunciator, and the position verifying apparatus further includes:
the third processing submodule is used for analyzing the number of the satellites connected with the position annunciator according to the positioning data;
the third comparison submodule is used for comparing the number of the position annunciator connected with the satellites with a preset satellite threshold value;
and the fourth execution submodule is used for adjusting the second access permission according to the preset adjustment rule to generate a third access permission when the number of the position annunciator connected with the satellites is smaller than the preset satellite threshold.
Optionally, the position verification apparatus further includes:
the fourth obtaining submodule is used for obtaining the network card interface information in the target client;
the first searching submodule is used for searching whether a preset target proxy interface exists in the network card interface information or not;
and the fifth execution submodule is used for adjusting the third access permission according to the preset adjustment rule to generate a fourth access permission when the network card interface information comprises the preset target agent interface.
Optionally, the position verification apparatus further includes:
a fifth obtaining submodule, configured to obtain weight values corresponding to the first access right, the second access right, the third access right, and the fourth access right, where the first access right, the second access right, the third access right, and the fourth access right are sequentially reduced;
the first calculation submodule is used for performing weighted calculation on the first access right, the second access right, the third access right and the fourth access right to generate a weighted value;
the fourth comparison submodule is used for comparing the weighted value with a preset judgment threshold value;
and the sixth execution sub-module is used for determining to add the associated account into a blacklist when the weighted value is greater than the judgment threshold.
In order to solve the above technical problem, an embodiment of the present invention further provides a computer device, including a memory and a processor, where the memory stores computer-readable instructions, and the computer-readable instructions, when executed by the processor, cause the processor to execute the steps of the location verification method.
To solve the above technical problem, an embodiment of the present invention further provides a storage medium storing computer-readable instructions, which, when executed by one or more processors, cause the one or more processors to perform the steps of the location verification method described above.
The embodiment of the invention has the beneficial effects that: when the position is verified, the internet protocol address and the position coordinate of the target client are obtained, and the position of the target client displayed by the internet protocol address is the range position, and the position represented by the position coordinate is the specific coordinate information. In the general relation of the position, the position coordinate should be located in the area range represented by the internet protocol address, through the mechanism of the general relation of the position, whether the target client uploads the position coordinate information in a virtual mode or not can be quickly determined, the access authority of the associated account bound with the target client is set according to the judgment result, the virtual position information is prevented from misleading normal data statistics of the server, and the accuracy of data operation is ensured.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic diagram of a basic flow chart of a location verification method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart illustrating permission setting performed by continuously acquiring second address information according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart illustrating a process of detecting a motion state of a target client according to an embodiment of the present invention;
FIG. 4 is a schematic flow chart illustrating virtual verification of data by a position annunciator according to an embodiment of the present invention;
FIG. 5 is a flowchart illustrating virtual validation by the number of connected satellites according to an embodiment of the invention;
FIG. 6 is a schematic flow chart illustrating virtual authentication performed by an authentication network card interface according to an embodiment of the present invention;
FIG. 7 is a flowchart illustrating a process of determining a final permission of a target client by integrating multiple access permissions according to an embodiment of the present invention;
FIG. 8 is a schematic diagram of a basic structure of a position verification apparatus according to an embodiment of the present invention;
FIG. 9 is a block diagram of the basic structure of a computer device according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention.
In some of the flows described in the present specification and claims and in the above figures, a number of operations are included that occur in a particular order, but it should be clearly understood that these operations may be performed out of order or in parallel as they occur herein, with the order of the operations being indicated as 101, 102, etc. merely to distinguish between the various operations, and the order of the operations by themselves does not represent any order of performance. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used for distinguishing different messages, devices, modules, etc., and do not represent a sequential order, nor limit the types of "first" and "second" to be different.
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As will be appreciated by those skilled in the art, "terminal" as used herein includes both devices that are wireless signal receivers, devices that have only wireless signal receivers without transmit capability, and devices that include receive and transmit hardware, devices that have receive and transmit hardware capable of performing two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant) which may include a radio frequency receiver, a pager, internet/intranet access, web browser, notepad, calendar and/or GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal Device" may also be a communication terminal, a web terminal, a music/video playing terminal, such as a PDA, an MID (Mobile Internet Device) and/or a Mobile phone with music/video playing function, or a smart tv, a set-top box, etc.
Referring to fig. 1, fig. 1 is a schematic diagram illustrating a basic flow of the location verification method according to the present embodiment.
As shown in fig. 1, a location verification method includes:
s1100, acquiring first address information and second address information of a target client, wherein the first address information represents an Internet protocol address of the target client, and the second address information represents a position coordinate of the target client;
the target client is a terminal installed with a target application program, wherein the target application program is an application program integrated with the location verification method of the embodiment. The terminals can be (without limitation): a smart phone, a desktop or mobile computer, etc.
When the target client accesses the server, the target client needs to carry an IP (internet protocol address) address, and therefore, when the target client uploads the position coordinate of the target client, the server can read the internet protocol address carrying the position coordinate information. An internet protocol address is defined as first address information and location coordinates are defined as second location information. Wherein the position coordinates can be obtained by (without limitation): the GPS system, the beidou system, the GLONASS system ("GLONASS system") or the Galileo system ("Galileo system").
In some embodiments, the first address information represents a cellular address of the target client, and the location of a base station in communication with the target client and thus the cellular address of the target client can be determined through data transmission between the target client and a cellular base station.
S1200, confirming whether the position relation represented by the first address information and the second address information meets a preset verification condition, wherein the preset verification condition is used for confirming the position belonging relation between the first address information and the second address information;
after receiving the first address information and the second address information uploaded by the target client, the server compares the internet protocol address represented by the first address information with the position coordinate represented by the second address information, and confirms whether the two pieces of address information meet the preset verification condition. The verification conditions specifically include: whether the location coordinates represented by the second address information are within the range of the internet protocol address represented by the first address information. Because the internet protocol address can be determined in a wide address range, the address range can only be accurate to places such as governments, enterprises or internet cafes using fixed internet protocol addresses.
In some embodiments, the internet protocol addresses are dynamically allocated, that is, the internet protocol addresses change at any time, but the changed region is set within a certain range, and generally the administrative unit at the market level where the target client is located is taken as the range, for example, the target client is in shenzhen city, the internet protocol addresses of the target client are in dynamic change, but the internet protocol address display position of the target client is in shenzhen city no matter how the internet protocol address display position changes.
Therefore, the ip address defines a range address, and the location coordinate obtained by the navigation and positioning system is a relatively accurate coordinate value, and the location coordinate of the target client is within the area defined by the ip address. Whether the position coordinate belongs to the Internet protocol address can be judged by determining whether the position coordinate is in the area range represented by the Internet protocol address, if so, the two addresses are consistent, and a user does not use a virtual technology to position the position coordinate; otherwise, confirming that the user uses the virtual technology to set the position coordinates.
S1300, defining a first access right of the associated account of the target client according to the confirmation result.
And when the fact that the user sets the virtual position coordinate by using the virtual technology is determined, and the server side is masked, defining a first access right of the associated account bound by the target client side at the server side. In some embodiments, the first access right is whether the associated account has an access right, and after determining that the user uses the virtual technology to locate the position coordinate, the associated account of the target client is limited not to have an access right, and the target client cannot access the server.
However, the first access right is not limited to this, and in some embodiments, when it is determined that the user has set the virtual location coordinate using the virtual technology, the first access right defines a time period or a time period during which the target client can access the server, for example, the associated account of the target client is not permitted to log in when the login time period of the associated account is not more than 2 hours, the target client cannot log in between a time period of 20.
In some embodiments, when it is determined that the user sets the virtual location coordinate by using the virtual technology, the first access right defines that the target client can access the content module of the server, the different function modules of the server are ranked, and the target client cannot access the function modules of the server, for example, the function modules of the server are divided into 5 levels, wherein the requirement of the access right of the function module of the 5 th level is the highest, the requirement of the access right of the function module of the 1 st level is the lowest, and when it is determined that the user sets the virtual location coordinate by using the virtual technology, the target client cannot access the function module of the 5 th level.
And when the user is determined not to use the virtual technology to set the virtual position coordinate, setting the associated account of the target client to have normal access authority.
In some embodiments, when the same target client has multiple associated accounts, the first access rights of the multiple associated accounts are defined. And the user is prevented from using the same target client to switch account login.
In the above embodiment, when performing the location verification, the internet protocol address and the location coordinate of the target client are obtained, because the location where the target client is located, which is displayed by the internet protocol address, is the range location, and the location represented by the location coordinate is the specific coordinate information. In the general relation of the position, the position coordinate should be located in the area range represented by the internet protocol address, through the mechanism of the general relation of the position, whether the target client uploads the position coordinate information in a virtual mode or not can be quickly determined, the access authority of the associated account bound with the target client is set according to the judgment result, the virtual position information is prevented from misleading normal data statistics of the server, and the accuracy of data operation is ensured.
In some embodiments, the position coordinates set in a virtual manner have fixed data, that is, the second address information sent to the server side is always the same, and according to this rule, in order to further confirm that the target client uses the virtual position coordinates, continuous comparison of the second address information uploaded by the target client is required. Referring to fig. 2, fig. 2 is a schematic flow chart illustrating permission setting performed by continuously obtaining second address information according to the present embodiment.
As shown in fig. 2, S1300 thereafter includes:
s1410, continuously obtaining second address information of the target client within a preset time period;
after the judgment of S1100-S1300, after determining that there is a compliant generic relationship between the internet protocol address and the location coordinate of the target service end, in order to further explore whether the target client has a possibility of a virtual location coordinate, the server end needs to acquire a plurality of second address information of the target client within a time period.
For example, the second address information of the target client is not acquired every 3 seconds in three minutes, but the acquired time end is not limited to this, and the value of the time period can be set by the user according to different specific application scenarios, and the time interval can also be set by the user.
In some embodiments, after determining that there is no compliant generic relationship between the internet protocol address and the location coordinate of the target service end, it is also necessary to further probe whether there is a possibility of a virtual location coordinate of the target client, and the server end needs to obtain a plurality of pieces of second address information of the target client within a period of time.
S1420, comparing whether the second address information acquired at different moments is consistent;
and comparing whether the second address information acquired at different moments is consistent, wherein the consistent standard is as follows: and comparing to determine that the second address information in the time period is the same. However, the matching approval criteria are not limited to this, and in some embodiments, when the ratio of the same address information exceeds half, it is possible to confirm that the address information at different times match.
And S1430, when the second address information at different moments is consistent, adjusting the first access authority according to a preset adjustment rule to generate a second access authority, wherein the preset adjustment rule is used for correcting the access authority of the associated account.
And when the consistency of the second address information at different moments is determined, adjusting the first access authority according to an adjustment rule to generate a second access authority, wherein the adjustment rule is used for further limiting the access authority of the associated account on the basis of the first access authority, namely the adjustment rule is used for correcting the access authority of the associated account.
When it is determined that the user sets the virtual location coordinate by using the virtual technology, the first access right defines a time period or a time period during which the target client can access the server, for example, the associated account of the target client is not permitted to log in when the login time period of the associated account is not more than 2 hours, the target client cannot log in between 20 and 00. When the second address information at different times is consistent, further limiting the access right of the associated account, for example, the second access right limits that the login time of the associated account of the target client cannot exceed 1.5 hours, the associated account cannot be logged in between the time periods of 19.
When the virtual position coordinate is set by the user through the virtual technology, the first access authority limits that the target client can access the content module of the server, the different function modules of the server are graded, and the target client cannot access the function modules of the levels, for example, the function module of the server is divided into 5 levels, wherein the requirement of the access authority of the function module of the 5 th level is the highest, the requirement of the access authority of the function module of the 1 st level is the lowest, and when the virtual position coordinate is set by the user through the virtual technology, the target client cannot access the function module of the 5 th level. When the second address information at different moments is consistent, the access right of the associated account is further limited, for example, the second access right limits that the associated account of the target client cannot access the functional module at level 4 or above.
And the authority limit is further carried out on the associated account of the target client by continuously judging the consistency of the second address information, which is favorable for improving the accuracy of data statistics of the server.
In some embodiments, to avoid the problem of erroneously determining that the second address information at different time points is consistent when the user stops moving, it is necessary to detect the moving state of the target client before continuously collecting the second address information. Referring to fig. 3, fig. 3 is a schematic flow chart illustrating a process of detecting a motion state of a target client according to the present embodiment.
As shown in fig. 3, before S1410, the method further includes:
s1401, obtaining motion state data of the target client, where the motion state data includes: data in a pedometer and/or gyroscope in the target client;
the server side obtains data capable of determining the motion state of the target client side in the target client side, and the motion state data comprises data in a pedometer and/or a gyroscope in the target client side. The pedometer is an electronic component for recording the motion state of a target client by counting data such as step number, distance, speed, time and the like. The gyroscope is an angular motion detection device which uses a momentum moment sensitive shell of a high-speed revolving body to rotate around one or two axes which are orthogonal to a rotation axis relative to an inertia space, and whether a user is in a motion state can be detected through the gyroscope.
S1402, judging whether the target client is in a motion state according to the motion state data;
when the data recorded in the pedometer or the gyroscope changes, the user can be determined to be in the motion state, and the motion state of the user cannot be determined, but when the user is in the unknown motion state, the second position information of the target client can be caused to be in the changed state. Therefore, when the data recorded in the pedometer or the gyroscope is changed, it is determined that the user is already in a motion state; otherwise, confirming that the target client is not in the motion state.
And S1403, when the target client is in a motion state, sending a preset first acquisition instruction to the target client, wherein the first acquisition instruction is used for enabling the target client to continuously upload the second address information.
And when the target client is determined to be in the motion state, the server side sends a first acquisition instruction to the target client, wherein the first acquisition instruction is used for enabling the target client to continuously upload second address information to the server side within a specified time period.
When the target client is determined not to be in the motion state, the target client is indicated to be in the static state, and at this time, the target client has an application scene with continuous second address information consistent with each other, so that the target client in the state is not judged to have continuous second address information.
When detecting whether the second address information changes, the motion state of the target client is firstly collected, so that the accuracy of continuous detection of the second address information is improved, and the probability of misjudgment is reduced.
In some embodiments, when the position coordinates are transmitted in a virtual manner, the set coordinate information is often directly transmitted to the server side, and the real positioning data acquired from the position annunciator and used for calculating the position coordinates is not processed, so that the server side reading the data in the position annunciator can verify whether the target client side transmits the virtual position coordinates. Referring to fig. 4, fig. 4 is a schematic flow chart illustrating virtual verification performed by data of the position annunciator according to the present embodiment.
As shown in fig. 4, after S1430, the method further includes:
s1441, obtaining positioning data in the target client, wherein the positioning data is data in a position annunciator in the target client;
the target client is provided with a position annunciator, and the position annunciator is used for receiving positioning signals, wherein the sender of the positioning signals is a satellite. Specifically, the target client captures a satellite to be tested selected according to a certain satellite cut-off angle, and tracks the operation of the satellites. When the target client captures the tracked satellite signal, the change rate of the pseudo distance and the distance from the receiving antenna to the satellite can be measured, and data such as satellite orbit parameters are demodulated. According to the data, the target client can perform positioning calculation according to a positioning calculation method, and calculate the information such as longitude and latitude, height, speed, time and the like of the geographic position of the user.
Therefore, the server side can send an instruction for uploading data in the position annunciator to the target client side, and therefore positioning data in the target client side can be obtained.
Wherein the position signaler includes (without limitation): GPS signal receiver, big dipper signal receiver, glonass signal receiver and Galileo signal receiver.
S1442, calculating verification position coordinates represented by the positioning data according to a preset position coordinate calculation protocol;
after the positioning data of the target client is obtained, according to the data calculation protocol of each satellite system, the position coordinate calculation protocol of the satellite system corresponding to the current target client is correspondingly found, the position coordinate represented by the positioning data is calculated according to the protocol, and the position coordinate is defined as a color value position coordinate.
S1443, comparing whether the verification position coordinate is the same as the position coordinate represented by the second address information;
because the server and the target client adopt the same position coordinate calculation protocol and the same positioning data to calculate the position coordinate. Therefore, if the target client does not upload the virtual location coordinate, the location coordinate uploaded by the target client is the same as the verification location coordinate calculated by the server, and therefore, the location coordinate represented by the second address information and the verification location coordinate need to be compared.
And S1444, when the verification position coordinate is different from the position coordinate represented by the second address information, adjusting the second access right according to the preset adjustment rule to generate a third access right.
And when the verification position coordinate is determined to be different from the position coordinate represented by the second address information according to the comparison result, determining to adjust the second access right according to the adjustment rule to generate a third access right.
When it is determined that the user sets the virtual location coordinate by using the virtual technology, the first access right defines a time period or a time period during which the target client can access the server, for example, the associated account of the target client is not permitted to log in when the login time period of the associated account is not more than 2 hours, the target client cannot log in between 20 and 00. When the second address information at different times is consistent, further limiting the access right of the associated account, for example, the second access right limits that the login time of the associated account of the target client may not exceed 1.5 hours, the associated account cannot be logged in between the time periods of 19 to 00, or the associated account does not allow login when the access amount reaches 8000 times/per second. When the verification position coordinate is different from the position coordinate represented by the second address information, the access right of the associated account is further limited, for example, the third access right limits that the login duration of the associated account of the target client cannot exceed 1 hour, the associated account cannot be logged in between the time periods of 19-00/00, or the associated account does not allow login when the access amount reaches 6000 times/per second.
When the virtual position coordinate is set by the user through the virtual technology, the first access authority limits that the target client can access the content module of the server, the different function modules of the server are graded, and the target client cannot access the function modules of the levels, for example, the function module of the server is divided into 5 levels, wherein the requirement of the access authority of the function module of the 5 th level is the highest, the requirement of the access authority of the function module of the 1 st level is the lowest, and when the virtual position coordinate is set by the user through the virtual technology, the target client cannot access the function module of the 5 th level. When the second address information at different moments is consistent, the access right of the associated account is further limited, for example, the second access right limits that the associated account of the target client cannot access the functional module at level 4 or above. When the verification position coordinate is different from the position coordinate represented by the second address information, further limiting the access authority of the associated account, for example, the third access authority limits that the associated account of the target client cannot access the function module at level 3 or above.
And the authority limit is further carried out on the associated account of the target client by verifying the position coordinate and the position coordinate represented by the second address information, so that the accuracy of the server data statistics is improved.
In some embodiments, a determination is made as to whether the target client has transmitted virtual location coordinates based on the number of connected satellites recorded in the location annunciator. Referring to fig. 5, fig. 5 is a schematic flow chart illustrating virtual verification performed by the number of connected satellites according to the present embodiment.
As shown in fig. 5, S1430 includes thereafter:
s1451, analyzing the number of satellites connected with the position annunciator according to the positioning data;
under normal conditions, the target client can perform positioning only under the condition of connecting 4 satellites, so the number of the satellites connected to the target client can be used as a reference for judging whether to perform position virtualization.
After the server side obtains the positioning data of the target client side, the server side obtains data information of the number of the position annunciators connected with the satellites in the positioning data through analysis.
S1452, comparing the number of the satellites connected with the position annunciator with a preset satellite threshold;
comparing the obtained number of the position signal device-connected satellites with a preset satellite threshold, wherein the satellite threshold is a standard value for the set number of the position signal device-connected satellites and can be set to 4, but is not limited to this, and according to different application scenarios, in some embodiments, the satellite threshold can be set to 5, 6 or more.
And S1453, when the number of the satellites connected to the position signal device is smaller than the preset satellite threshold, adjusting the second access right according to the preset adjustment rule to generate a third access right.
When the number of the satellites connected by the target client is constant all the time and the number of the connected satellites is actually less than 4, and the target client sends the position information to the server, the target client is indicated to send the position information to the server in a virtual mode.
When it is determined that the user sets the virtual location coordinate by using the virtual technology, the first access right defines a time period or a time period during which the target client can access the server, for example, the login time period of the associated account of the target client may not exceed 2 hours, the login cannot be performed within a time period of 20 to 00. When the second address information at different times is consistent, further limiting the access right of the associated account, for example, the second access right limits that the login time of the associated account of the target client may not exceed 1.5 hours, the associated account cannot be logged in between the time periods of 19 to 00, or the associated account does not allow login when the access amount reaches 8000 times/per second. When the verification position coordinate is different from the position coordinate represented by the second address information, further limiting the access right of the associated account, for example, the third access right limits that the login time of the associated account of the target client cannot exceed 1 hour, the associated account cannot be logged in between the time periods of 19.
When the virtual position coordinate is set by the user through the virtual technology, the first access authority limits that the target client can access the content module of the server, the different function modules of the server are graded, and the target client cannot access the function modules of the levels, for example, the function module of the server is divided into 5 levels, wherein the requirement of the access authority of the function module of the 5 th level is the highest, the requirement of the access authority of the function module of the 1 st level is the lowest, and when the virtual position coordinate is set by the user through the virtual technology, the target client cannot access the function module of the 5 th level. When the second address information at different moments is consistent, the access right of the associated account is further limited, for example, the second access right limits that the associated account of the target client cannot access the functional module at level 4 or above. When the verification position coordinate is different from the position coordinate represented by the second address information, further limiting the access authority of the associated account, for example, the third access authority limits that the associated account of the target client cannot access the function module at level 3 or above.
By the method for verifying whether the number of the connected satellites reaches the standard, the authority limit of the associated account of the target client is further performed, the judgment difficulty is reduced, the operation steps are reduced, the resources of the server are saved, and the accuracy of the server data statistics is improved.
In some embodiments, when the target client sends the position coordinates to the server end in a virtual manner, the target client sends information of the position coordinates to the server end by using a virtual interface, so that whether the target client uses the virtual position coordinates can be verified by acquiring the information of the network card interface of the target client. Referring to fig. 6, fig. 6 is a schematic flow chart illustrating virtual authentication performed by the authentication network card interface according to the embodiment.
As shown in fig. 6, S1453 then includes:
s1461, obtaining network card interface information in the target client;
when the target client transmits the virtual position coordinates, the target client typically transmits the position coordinates to the server using a virtual network interface. Therefore, the server side reads the information header of the position coordinate information to obtain the network card interface information used by the target client side.
S1462, searching whether a preset target agent interface exists in the network card interface information;
checking whether a preset virtual target agent interface exists in the network card interface information, wherein the target agent interface is a network card interface with 'utun' as a start. Therefore, whether the network card interface information contains the word "utun" is searched, and the word is located at the beginning position of the field.
And S1463, when the network card interface information includes the preset target agent interface, adjusting the third access permission according to the preset adjustment rule to generate a fourth access permission.
When the network card interface information is found to have the network card interface with the beginning of utun, that is, the network card interface information includes the target proxy interface, the third access right is adjusted according to the adjustment rule to generate the fourth access right.
When it is determined that the user sets the virtual location coordinate by using the virtual technology, the first access right defines a time period or a time period during which the target client can access the server, for example, the associated account of the target client is not permitted to log in when the login time period of the associated account is not more than 2 hours, the target client cannot log in between 20 and 00. When the second address information at different times is consistent, further limiting the access right of the associated account, for example, the second access right limits that the login time of the associated account of the target client cannot exceed 1.5 hours, the associated account cannot be logged in between the time periods of 19. When the verification position coordinate is different from the position coordinate represented by the second address information, further limiting the access right of the associated account, for example, the third access right limits that the login time of the associated account of the target client cannot exceed 1 hour, the associated account cannot be logged in between the time periods of 19. When the network card interface information is determined to include the target proxy interface, further limiting the access authority of the associated account, for example, the fourth access authority limits that the login duration of the associated account of the target client may not exceed 0.5 hour, the associated account cannot be logged in between the time periods of 18 to 00.
When the virtual position coordinate is set by the user through the virtual technology, the first access authority limits that the target client can access the content module of the server, the different function modules of the server are graded, and the target client cannot access the function modules of the levels, for example, the function module of the server is divided into 5 levels, wherein the requirement of the access authority of the function module of the 5 th level is the highest, the requirement of the access authority of the function module of the 1 st level is the lowest, and when the virtual position coordinate is set by the user through the virtual technology, the target client cannot access the function module of the 5 th level. When the second address information at different moments is consistent, the access right of the associated account is further limited, for example, the second access right limits that the associated account of the target client cannot access the functional module at level 4 or above. When the verification position coordinate is different from the position coordinate represented by the second address information, further limiting the access authority of the associated account, for example, the third access authority limits that the associated account of the target client cannot access the function module at level 3 or above. When the network card interface information is determined to include the target agent interface, the access authority of the associated account is further limited, for example, the fourth access authority limits that the associated account of the target client cannot access the functional module at the level 2 or above.
By verifying the network card interface of the target client, the authority limit of the associated account of the target client is further performed, which is beneficial to improving the accuracy of the server data statistics.
In some embodiments, in order to further improve the relevance of each verification link, the rationality of the shared judgment needs to comprehensively consider the influence of different verification modes on the final permission through a data weighting mode. Referring to fig. 7, fig. 7 is a schematic flow chart illustrating a process of determining a final permission of a target client by combining multiple access permissions according to this embodiment.
As shown in fig. 7, S1463 then includes:
s1471, obtaining weight values corresponding to the first access right, the second access right, the third access right and the fourth access right, wherein the first access right, the second access right, the third access right and the fourth access right are sequentially reduced;
in this embodiment, each access right is provided with different weight values, for example, the weight value of the first access right is set to 2, the weight value of the second access right is set to 1.5, the weight value of the third access right is set to 1, and the weight value of the fourth access right is set to 1.2. However, the setting of the weight value of each access right is not limited to this, and the weight value of each access right can be set by self according to different application scenarios.
S1472, carrying out weighted calculation on the first access right, the second access right, the third access right and the fourth access right to generate a weighted value;
according to the triggering conditions of the access authorities, if the triggering conditions of the access authorities are achieved, the value of the access authority is recorded as 1, otherwise, the value of the access authority is recorded as 0. For example, if it is determined that the position relationship represented by the first address information and the second address information has a set generic relationship, the value of the first access right is recorded as 1, otherwise, the value of the first access right is recorded as 0. And similarly, obtaining the numerical values of the second access right, the third access right and the fourth access right.
And after the numerical value of each access right is obtained, calculating the weighted value by combining the weighted value of each access right. For example, the weight value of the first access right is set to 2, the weight value of the second access right is set to 1.5, the weight value of the third access right is set to 1, and the weight value of the fourth access right is set to 1.2. The value of the first access right is 1, the value of the second access right is 0, the value of the third access right is 1, and the value of the fourth access right is 1. Then weight = 1+ 2+1.5 + 0+ 1.2 + 1=4.2.
S1473, comparing the weighted value with a preset judgment threshold value;
and comparing the calculated weighted value with a set judgment threshold value, wherein the judgment threshold value is a standard value for judging whether the weighted value reaches the standard or not. For example, the value of the determination threshold is 3, but the determination threshold is not limited to this, and the value of the determination threshold can be customized according to different application scenarios.
S1474, when the weighted value is larger than the judgment threshold value, determining to add the associated account into a blacklist.
And when the weighted value is determined to be greater than the judgment threshold value through comparison, determining that the associated account number of the target client has a higher risk, and therefore, adding the associated account number into the accessed blacklist, and the associated account cannot access the server. And when the weighted value is less than or equal to the judgment threshold value, the associated account is determined to be a normal account, and normal access can be performed.
In order to solve the above technical problem, an embodiment of the present invention further provides a position verification apparatus.
Referring to fig. 8, fig. 8 is a schematic diagram of a basic structure of the position verification apparatus according to the present embodiment.
As shown in fig. 8, a position verification apparatus includes: an acquisition module 2100, a processing module 2200, and an execution module 2300. The obtaining module 2100 is configured to obtain first address information and second address information of a target client, where the first address information represents an internet protocol address of the target client, and the second address information represents a position coordinate of the target client; the processing module 2200 is configured to determine whether a position relationship represented by the first address information and the second address information meets a preset verification condition, where the verification condition is used to determine a generic relationship between the first address information and the second address information; the execution module 2300 is configured to define a first access right of the associated account of the target client according to the confirmation result.
When the position verification device carries out position verification, the internet protocol address and the position coordinates of the target client are obtained, and the position of the target client displayed by the internet protocol address is a range position, and the position represented by the position coordinates is specific coordinate information. In the general relation of the position, the position coordinate should be located in the area range represented by the internet protocol address, through the mechanism of the general relation of the position, whether the target client uploads the position coordinate information in a virtual mode or not can be quickly determined, the access authority of the associated account bound with the target client is set according to the judgment result, the virtual position information is prevented from misleading normal data statistics of the server, and the accuracy of data operation is ensured.
In some embodiments, the location verification device further comprises: the device comprises a first obtaining submodule, a first comparison submodule and a first execution submodule. The first obtaining submodule is used for continuously obtaining second address information of the target client in a preset time period; the first comparison sub-module is used for comparing whether the second address information acquired at different moments is consistent or not; the first execution submodule is used for adjusting the first access authority according to a preset adjustment rule to generate a second access authority when second address information at different moments is consistent, wherein the adjustment rule is used for correcting the access authority of the associated account.
In some embodiments, the location verification device further comprises: the device comprises a second acquisition submodule, a first processing submodule and a second execution submodule. The second obtaining submodule is configured to obtain motion state data of the target client, where the motion state data includes: data in a pedometer and/or gyroscope in the target client; the first processing submodule is used for judging whether the target client is in a motion state according to the motion state data; and the second execution submodule is used for sending a preset first acquisition instruction to the target client when the target client is in a motion state, wherein the acquisition instruction is used for enabling the target client to continuously upload second address information.
In some embodiments, the location verification device further comprises: the device comprises a third acquisition submodule, a second processing submodule, a second comparison submodule and a third execution submodule. The third obtaining submodule is used for obtaining positioning data in the target client, wherein the positioning data is data in a position annunciator in the target client; the second processing submodule is used for calculating a verification position coordinate represented by the positioning data according to a preset position coordinate calculation protocol; the second comparison submodule is used for comparing whether the verification position coordinate is the same as the position coordinate represented by the second address information; and the third execution submodule is used for adjusting the second access authority according to the adjustment rule to generate a third access authority when the verification position coordinate is different from the position coordinate represented by the second address information.
In some embodiments, the positioning data comprises data on the number of satellites connected to the position annunciator, and the position verification device further comprises: a third processing submodule, a third comparison submodule and a fourth execution submodule. The third processing submodule is used for analyzing the number of the connected satellites of the position annunciator according to the positioning data; the third comparison submodule is used for comparing the number of the position annunciator connected with the satellites with a preset satellite threshold; and the fourth execution submodule is used for adjusting the second access right according to the adjustment rule to generate a third access right when the number of the position signal device connected with the satellites is smaller than the satellite threshold value.
In some embodiments, the location verification device further comprises: the device comprises a fourth obtaining submodule, a first searching submodule and a fifth executing submodule. The fourth obtaining submodule is used for obtaining network card interface information in the target client; the first searching submodule is used for searching whether a preset target agent interface exists in the network card interface information; and the fifth execution submodule is used for adjusting the third access authority according to the adjustment rule to generate a fourth access authority when the network card interface information comprises the target agent interface.
In some embodiments, the location verification device further comprises: the device comprises a fifth obtaining submodule, a first calculating submodule, a fourth comparing submodule and a sixth executing submodule. The fifth obtaining submodule is used for obtaining weight values corresponding to the first access right, the second access right, the third access right and the fourth access right, wherein the first access right, the second access right, the third access right and the fourth access right are sequentially reduced; the first calculation submodule is used for performing weighted calculation on the first access right, the second access right, the third access right and the fourth access right to generate a weighted value; the fourth comparison submodule is used for comparing the weighted value with a preset judgment threshold value; and the sixth execution sub-module is used for determining to add the associated account into the blacklist when the weighted value is greater than the judgment threshold.
In order to solve the above technical problem, an embodiment of the present invention further provides a computer device. Referring to fig. 9, fig. 9 is a block diagram of a basic structure of a computer device according to the present embodiment.
As shown in fig. 9, the internal structure of the computer device is schematically illustrated. The computer device includes a processor, a non-volatile storage medium, a memory, and a network interface connected by a system bus. The non-volatile storage medium of the computer device stores an operating system, a database and computer readable instructions, the database can store control information sequences, and the computer readable instructions can enable the processor to realize a position verification method when being executed by the processor. The processor of the computer device is used for providing calculation and control capability and supporting the operation of the whole computer device. The memory of the computer device may have stored therein computer readable instructions that, when executed by the processor, may cause the processor to perform a method of location verification. The network interface of the computer device is used for connecting and communicating with the terminal. Those skilled in the art will appreciate that the architecture shown in fig. 9 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In this embodiment, the processor is configured to execute specific functions of the obtaining module 2100, the processing module 2200, and the executing module 2300 in fig. 8, and the memory stores program codes and various data required for executing the modules. The network interface is used for data transmission to and from a user terminal or a server. The memory in this embodiment stores program codes and data required for executing all the sub-modules in the face image key point detection device, and the server can call the program codes and data of the server to execute the functions of all the sub-modules.
When the computer equipment carries out position verification, the internet protocol address and the position coordinate of the target client are obtained, and the position of the target client displayed by the internet protocol address is the range position, and the position represented by the position coordinate is the specific coordinate information. In the general relationship of the position, the position coordinate should be located in the area represented by the internet protocol address, through the mechanism of the general position, whether the target client uploads the position coordinate information in a virtual mode or not can be quickly determined, the access authority of the associated account bound with the target client is set according to the judgment result, the virtual position information is prevented from misleading normal data statistics of the server, and the accuracy of data operation is ensured.
The present invention also provides a storage medium having stored thereon computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of any of the above-described embodiments of the location verification method.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the computer program is executed. The storage medium may be a non-volatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a Random Access Memory (RAM).
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.

Claims (9)

1. A method of location verification, comprising:
acquiring first address information and second address information of a target client, wherein the first address information represents an internet protocol address of the target client, and the second address information represents position coordinates of the target client;
confirming whether the relation between the position coordinates represented by the first address information and the second address information meets a preset verification condition or not, wherein the preset verification condition is used for confirming the position belonging relation between the first address information and the second address information; the verification conditions include: whether the position coordinate represented by the second address information is in the range of the Internet protocol address represented by the first address information;
defining a first access right of the associated account of the target client according to a confirmation result; the first access right comprises at least one of the time length, the time period and the content module of the target client side for accessing the server side;
continuously acquiring second address information of the target client in a preset time period;
comparing whether the second address information acquired at different moments is consistent or not;
and when the second address information at different moments is consistent, adjusting the first access authority according to a preset adjustment rule to generate a second access authority, wherein the preset adjustment rule is used for correcting the access authority of the associated account.
2. The method according to claim 1, wherein before continuously obtaining the second address information of the target ue within a preset time period, the method further comprises:
obtaining motion state data of the target client, wherein the motion state data comprises: data in a pedometer and/or gyroscope in the target client;
judging whether the target client is in a motion state or not according to the motion state data;
and when the target client is in a motion state, sending a preset first acquisition instruction to the target client, wherein the first acquisition instruction is used for enabling the target client to continuously upload the second address information.
3. The method according to claim 1, wherein after the adjusting the first access right according to a preset adjustment rule to generate a second access right when the second address information at different times is consistent, the method further comprises:
acquiring positioning data in the target client, wherein the positioning data is data in a position annunciator in the target client;
calculating a verification position coordinate represented by the positioning data according to a preset position coordinate calculation protocol;
comparing whether the verification position coordinate is the same as the position coordinate represented by the second address information;
and when the verification position coordinate is different from the position coordinate represented by the second address information, adjusting the second access authority according to the preset adjustment rule to generate a third access authority.
4. The method of claim 3, wherein the positioning data comprises data of the number of satellites connected to the position annunciator, and wherein after the obtaining the positioning data in the target client, the method further comprises:
analyzing the number of the satellites connected with the position annunciator according to the positioning data;
comparing the number of the position signal device connected satellites with a preset satellite threshold value;
and when the number of the position annunciator connected with the satellites is smaller than the preset satellite threshold value, adjusting the second access authority according to the preset adjustment rule to generate a third access authority.
5. The method as claimed in claim 4, wherein after the adjusting the second access right according to the preset adjustment rule to generate a third access right when the number of the satellites connected to the position annunciator is smaller than the preset satellite threshold, the method further comprises:
acquiring network card interface information in the target client;
searching whether a preset target agent interface exists in the network card interface information;
and when the network card interface information comprises the preset target agent interface, adjusting the third access authority according to the preset adjustment rule to generate a fourth access authority.
6. The method according to claim 5, wherein after the adjusting the third access right according to the preset adjustment rule to generate a fourth access right when the network card interface information includes the preset target agent interface, the method further comprises:
acquiring weight values corresponding to the first access right, the second access right, the third access right and the fourth access right, wherein the first access right, the second access right, the third access right and the fourth access right are sequentially reduced;
performing weighted calculation on the first access right, the second access right, the third access right and the fourth access right to generate a weighted value;
comparing the weighted value with a preset judgment threshold value;
and when the weighted value is greater than the preset judgment threshold value, determining to add the associated account number into a blacklist.
7. A position verification apparatus, comprising:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring first address information and second address information of a target client, the first address information represents an internet protocol address of the target client, and the second address information represents a position coordinate of the target client;
the processing module is used for confirming whether the position relation represented by the first address information and the second address information meets a preset verification condition, wherein the preset verification condition is used for confirming the position belonging relation between the first address information and the second address information; the verification conditions include: whether the position coordinate represented by the second address information is in the range of the Internet protocol address represented by the first address information;
the execution module is used for defining a first access right of the associated account of the target client according to the confirmation result; the first access right comprises at least one of the time length, the time period and the content module of the target client side for accessing the server side;
the first obtaining submodule is used for continuously obtaining second address information of the target client in a preset time period;
the first comparison sub-module is used for comparing whether the second address information acquired at different moments is consistent or not;
and the first execution submodule is used for adjusting the first access authority according to a preset adjustment rule to generate a second access authority when the second address information at different moments is consistent, wherein the adjustment rule is used for correcting the access authority of the associated account.
8. A computer device comprising a memory and a processor, the memory having stored therein computer readable instructions which, when executed by the processor, cause the processor to carry out the steps of the position verification method according to any of claims 1 to 6.
9. A storage medium having stored thereon computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the location verification method as claimed in any one of claims 1 to 6.
CN201910984420.0A 2019-10-16 2019-10-16 Position verification method and device, computer equipment and storage medium Active CN110855620B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910984420.0A CN110855620B (en) 2019-10-16 2019-10-16 Position verification method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910984420.0A CN110855620B (en) 2019-10-16 2019-10-16 Position verification method and device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110855620A CN110855620A (en) 2020-02-28
CN110855620B true CN110855620B (en) 2023-03-21

Family

ID=69596406

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910984420.0A Active CN110855620B (en) 2019-10-16 2019-10-16 Position verification method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110855620B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116662487A (en) * 2023-06-12 2023-08-29 杭州知汇云科技有限公司 Document data access management method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006017977A1 (en) * 2004-08-17 2006-02-23 Zte Corporation Method for implementing continuous location in the location based services
CN107291829A (en) * 2017-05-27 2017-10-24 西安未来国际信息股份有限公司 A kind of information resource authority limits managing method based on LBS
CN109788440A (en) * 2019-01-14 2019-05-21 北京纷扬科技有限责任公司 It registers anti-cheating method, device, system, equipment and storage medium
CN110166943A (en) * 2018-02-02 2019-08-23 腾讯科技(深圳)有限公司 The processing method of terminal positional information
CN110324779A (en) * 2019-05-21 2019-10-11 平安普惠企业管理有限公司 Location data monitoring method and relevant device based on information security

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10803189B2 (en) * 2016-08-31 2020-10-13 Microsoft Technology Licensing, Llc Location-based access control of secured resources

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006017977A1 (en) * 2004-08-17 2006-02-23 Zte Corporation Method for implementing continuous location in the location based services
CN107291829A (en) * 2017-05-27 2017-10-24 西安未来国际信息股份有限公司 A kind of information resource authority limits managing method based on LBS
CN110166943A (en) * 2018-02-02 2019-08-23 腾讯科技(深圳)有限公司 The processing method of terminal positional information
CN109788440A (en) * 2019-01-14 2019-05-21 北京纷扬科技有限责任公司 It registers anti-cheating method, device, system, equipment and storage medium
CN110324779A (en) * 2019-05-21 2019-10-11 平安普惠企业管理有限公司 Location data monitoring method and relevant device based on information security

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于位置的权限管理系统研究与实现;李春雨;《中国优秀硕士学位论文全文数据库 (信息科技辑)》;20080730(第7期);第3.2节-第5章 *

Also Published As

Publication number Publication date
CN110855620A (en) 2020-02-28

Similar Documents

Publication Publication Date Title
US11474190B2 (en) Certified location for mobile devices
US11221389B2 (en) Statistical analysis of mismatches for spoofing detection
US20150065166A1 (en) Location spoofing detection
US8943566B2 (en) Increased security for computer userID input fields
US20090195445A1 (en) System and method for selecting parameters based on physical location of a computer device
US20200116816A1 (en) Location error radius determination
US20080076449A1 (en) Mobile communication terminal for receiving position information service and method thereof
US20220236425A1 (en) Detection of spoofing attacks on satellite navigation systems
WO2016003262A1 (en) A system and method for detecting global positioning system anomalies
CN110855620B (en) Position verification method and device, computer equipment and storage medium
CN110913038B (en) IP address determination method, device, server and computer readable storage medium
CN117545047B (en) Resident data-based NTN connection selection method, device, equipment and medium
CN112904390B (en) Positioning method, positioning device, computer equipment and storage medium
Jones et al. Horizontal accuracy assessment of global positioning system data from common smartphones
Margaria et al. Proof-of-concept of the local integrity approach: Prototype implementation and performance assessment in an urban context
CN110825785A (en) Data mining method and device, electronic equipment and storage medium
Formaggio et al. Context-based detection of GNSS position spoofing for smartphones
Shokouh Detecting GNSS attacks on smartphones
US11668562B1 (en) GPS-based spatial measurements
CN112685724B (en) Equipment management method and related device
US20240224223A1 (en) Evaluating IP Location On A Client Device
Baker SANS Institute
Bell Providing Context to the Clues: Recovery and Reliability of Location Data from Android Devices
Kuismanen Vulnerability of Mobile Phones to Navigation Signal Spoofing
CN118129788A (en) Track return method, device and equipment for wearable equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant