CN110912865A - Security access control method, server and electronic equipment - Google Patents
Security access control method, server and electronic equipment Download PDFInfo
- Publication number
- CN110912865A CN110912865A CN201811089286.XA CN201811089286A CN110912865A CN 110912865 A CN110912865 A CN 110912865A CN 201811089286 A CN201811089286 A CN 201811089286A CN 110912865 A CN110912865 A CN 110912865A
- Authority
- CN
- China
- Prior art keywords
- access
- temporary
- access token
- client
- temporary access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a security access control method, a server and electronic equipment, which comprise the following steps: receiving an access request sent by a client, wherein the access request comprises a temporary access token used for the access; verifying a temporary access token used for the current access; if the verification is passed, generating and saving a temporary access token used for the next access; and sending the temporary access token used by the next access to the client. According to the invention, the website access security can be improved by generating the dynamic temporary access token.
Description
Technical Field
The present invention relates to the field of access control technologies, and in particular, to a secure access control method, a server, and an electronic device.
Background
When the website is accessed, the website without the access authority can be accessed by directly copying the webpage address link, and for the website with the access authority, after the website login interface is accessed by the link, an access token needs to be transmitted, and the website can be accessed only after the verification is passed. Because the security access control degree of each website is different, some access tokens and login parameters (such as user names, passwords and the like) can be transmitted in a plaintext form in a network or can be obtained through simple analysis, so that the access tokens and the login parameters are directly written in a link of the accessed website, and then the website can be directly accessed without access verification after the link page is accessed, and the website security is threatened.
Disclosure of Invention
In view of the above, the present invention provides a security access control method, a server, and an electronic device, which can improve security of website access.
Based on the above object, the present invention provides a security access control method, including:
receiving an access request sent by a client, wherein the access request comprises a temporary access token used for the access;
verifying the temporary access token used for the access;
if the verification is passed, generating and saving a temporary access token used for the next access;
and sending the temporary access token used by the next access to the client.
Optionally, the secure access control method further includes:
receiving a login request sent by a client, wherein the login request comprises a user name and a password;
verifying the user name and the password;
if the verification is passed, generating and saving a temporary access token used for the next access;
and sending the temporary access token used by the next access to the client.
Optionally, the secure access control method includes:
receiving a login request sent by a client, wherein the login request comprises user name and password information;
acquiring the user name and the password according to the login request, verifying the client according to the user name and the password, refusing login if the verification is not passed, otherwise:
generating a temporary access token used by the next access, sending the temporary access token to the client, and simultaneously storing the temporary access token in a storage module;
receiving an access request sent by the client, wherein the access request comprises the temporary access token and access content;
obtaining the temporary access token according to the access request, querying the storage module according to the temporary access token, if the temporary access token is not found, refusing to log in, otherwise:
and generating a new temporary access token used for the next access, storing the new temporary access token used for the next access in the storage module, and returning the new temporary access token used for the next access and the access content to the client.
An embodiment of the present invention further provides a security access control server, including:
and the data receiving and sending module is used for receiving an access request sent by a client, wherein the access request comprises a temporary access token used for the current access, and if the temporary access token used for the current access passes the verification, sending the temporary access token used for the next access to the client.
The verification module is used for acquiring the temporary access token used by the current access according to the access request, searching the storage module according to the temporary access token used by the current access, if the temporary access token used by the current access is searched, the verification is passed, and if the temporary access token used by the current access is not searched, the verification is not passed;
the token generation module is used for generating the temporary access token used for the next access if the temporary access token used for the current access passes the verification;
and the storage module is used for storing the temporary access token used in the current access and the temporary access token used in the next access.
Optionally, the security access control server includes:
the data transceiver module is used for receiving a login request sent by the client, wherein the login request comprises a user name and a password, and if the user name and the password pass verification, a temporary access token used for next access is sent to the client;
the identity authentication module is used for acquiring the user name and the password according to the login request, searching the storage module according to the user name and the password, if the storage module is searched, the authentication is passed, and otherwise, the authentication is not passed;
the token generation module is used for generating a temporary access token used for the next access if the user name and the password pass the verification;
and the storage module is used for storing the user name and the password and the temporary access token used in the next access.
The embodiment of the invention also provides electronic equipment which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and is characterized in that the processor realizes the security access control method when executing the program.
As can be seen from the above, according to the security access control method, the server, and the electronic device provided by the present invention, the server receives an access request including a temporary access token used for the current access sent by the client, verifies the temporary access token used for the current access, generates and saves a temporary access token used for the next access if the verification passes, and sends the temporary access token used for the next access to the client. According to the invention, by generating the dynamic temporary access token, the temporary access token used in the current access is verified every time the client accesses, so that the website access security can be improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow chart of a method according to an embodiment of the present invention;
FIG. 2 is a signal flow diagram according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a server structure according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to specific embodiments and the accompanying drawings.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it should be noted that "first" and "second" are merely for convenience of description and should not be construed as limitations of the embodiments of the present invention, and they are not described in any more detail in the following embodiments.
The security access control method provided by the embodiment of the invention comprises the following steps:
receiving an access request sent by a client, wherein the access request comprises a temporary access token used for the access;
verifying a temporary access token used for the current access;
if the verification is passed, generating and saving a temporary access token used for the next access;
and sending the temporary access token used by the next access to the client.
In the embodiment of the present invention, login verification is performed on a client first, and the security access control method further includes:
receiving a login request sent by a client, wherein the login request comprises a user name and a password;
verifying the user name and the password;
if the verification is passed, generating and saving a temporary access token used for the next access;
and sending the temporary access token used by the next access to the client.
FIG. 1 is a schematic flow chart of a method according to an embodiment of the present invention. As shown in the figure, the security access control method provided in the embodiment of the present invention includes:
s10: receiving a login request sent by a client, wherein the login request comprises user name and password information;
s11: acquiring a user name and a password according to the login request, verifying the client according to the user name and the password, if the verification is passed, executing the step S12, otherwise, executing the step S17;
and searching the storage module according to the user name and the password, if the storage module is found, the verification is passed, and otherwise, the verification is not passed.
S12: generating a temporary access token used for the next access, sending the temporary access token to the client, and simultaneously storing the temporary access token in a storage module;
s13: receiving an access request sent by a client, wherein the access request comprises the temporary access token and access content;
s14: acquiring the temporary access token according to the access request, querying a storage module according to the temporary access token, if the temporary access token is found, executing the step S15, otherwise, executing the step S16;
s15: finding the temporary access token, generating a new temporary access token used for next access, storing the new temporary access token used for next access in a storage module, and returning the new temporary access token used for next access and access content to the client;
s16: if the temporary access token is not found, access is refused;
s17: if the user name and the password are not verified, the login is refused.
According to the safety access control method provided by the embodiment of the invention, each time the client accesses the server, the server verifies the temporary access token used in the current access, if the temporary access token passes the verification, the temporary access token used in the next access is generated, the temporary access token is dynamically generated, and the temporary access token used in the current access is verified each time, so that the illegal use of the fixed temporary token after being obtained can be avoided, and the website access safety is improved.
Fig. 2 is a schematic signal flow diagram according to an embodiment of the invention. As shown in the figure, a client sends a login request comprising a user name and a password to a server, the server searches a storage module for the client according to the user name and the password, if the login request is not found, the authentication fails, the access is denied, if the login request is found, the authentication passes, a temporary access token used for the next access is generated, the temporary access token is sent to the client, and meanwhile, the temporary access token is stored; when the client accesses the website content, an access request comprising the temporary access token is sent to the server, the server searches a storage module of the server according to the temporary access token for verification, if the temporary access token is found to be legal, a temporary access token used for the next access is generated, the temporary access token is stored, then the generated temporary access token used for the next access and the access content are returned to the client, if the temporary access token is not found to be illegal, the current access of the client is rejected. And subsequently, the client uses the temporary access token used in the access every time, and the server generates the temporary access token used in the next access for the next access after the server verifies the temporary access token used in the access.
Fig. 3 is a schematic diagram of a server structure according to an embodiment of the present invention. As shown in the figure, the security access control server provided in the embodiment of the present invention includes:
and the data receiving and sending module is used for receiving an access request sent by the client, wherein the access request comprises a temporary access token used for the current access, and sending the temporary access token used for the next access to the client if the temporary access token used for the current access passes the verification.
The verification module is used for acquiring the temporary access token used by the access according to the access request, searching the storage module according to the temporary access token used by the access, if the temporary access token is searched, the verification is passed, otherwise, the verification is not passed;
the token generation module is used for generating a temporary access token used for the next access if the temporary access token used for the current access passes the verification;
and the storage module is used for storing the temporary access token used by the current access and the generated temporary access token used by the next access.
The security access control server of the embodiment of the invention further comprises:
the data transceiver module is used for receiving a login request sent by the client, wherein the login request comprises a user name and a password, and if the user name and the password pass verification, a temporary access token used for next access is sent to the client;
the identity authentication module is used for acquiring a user name and a password according to the login request, searching the storage module according to the user name and the password, if the storage module is searched, the authentication is passed, and otherwise, the authentication is not passed;
the token generation module is used for generating a temporary access token used for the next access if the user name and the password pass the verification;
and the storage module is used for storing the user name, the password and the generated temporary access token used for the next access.
In view of the above object, an embodiment of the present invention further provides an apparatus for executing the security access control method. The device comprises:
one or more processors, and a memory.
The apparatus for performing the security access control method may further include: an input device and an output device.
The processor, memory, input device, and output device may be connected by a bus or other means.
The memory, which is a non-volatile computer-readable storage medium, may be used to store non-volatile software programs, non-volatile computer-executable programs, and modules, such as program instructions/modules (e.g., the authentication module shown in fig. 3) corresponding to the security access control method in the embodiment of the present invention. The processor executes various functional applications and data processing of the server by running nonvolatile software programs, instructions and modules stored in the memory, that is, the secure access control method of the above method embodiment is realized.
The memory may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of a device that performs the security access control method, and the like. Further, the memory may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, the memory optionally includes memory remotely located from the processor, and these remote memories may be connected to the member user behavior monitoring device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input means may receive input numeric or character information and generate key signal inputs related to user settings and function control of the apparatus performing the security access control method. The output device may include a display device such as a display screen.
The one or more modules are stored in the memory and, when executed by the one or more processors, perform the method of secure access control in any of the method embodiments described above. The technical effect of the embodiment of the device for executing the security access control method is the same as or similar to that of any method embodiment.
The embodiment of the invention also provides a non-transitory computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions can execute the processing method of the list item operation in any method embodiment. Embodiments of the non-transitory computer storage medium may be the same or similar in technical effect to any of the method embodiments described above.
Finally, it should be noted that, as will be understood by those skilled in the art, all or part of the processes in the methods of the above embodiments may be implemented by a computer program that can be stored in a computer-readable storage medium and that, when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like. The technical effect of the embodiment of the computer program is the same as or similar to that of any of the method embodiments described above.
Furthermore, the apparatuses, devices, etc. described in the present disclosure may be various electronic terminal devices, such as a mobile phone, a Personal Digital Assistant (PDA), a tablet computer (PAD), a smart television, etc., and may also be large terminal devices, such as a server, etc., and therefore the scope of protection of the present disclosure should not be limited to a specific type of apparatus, device. The client disclosed by the present disclosure may be applied to any one of the above electronic terminal devices in the form of electronic hardware, computer software, or a combination of both.
Furthermore, the method according to the present disclosure may also be implemented as a computer program executed by a CPU, which may be stored in a computer-readable storage medium. The computer program, when executed by the CPU, performs the above-described functions defined in the method of the present disclosure.
Further, the above method steps and system elements may also be implemented using a controller and a computer readable storage medium for storing a computer program for causing the controller to implement the functions of the above steps or elements.
Further, it should be appreciated that the computer-readable storage media (e.g., memory) described herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which can act as external cache memory. By way of example and not limitation, RAM is available in a variety of forms such as synchronous RAM (DRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The storage devices of the disclosed aspects are intended to comprise, without being limited to, these and other suitable types of memory.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
The various illustrative logical blocks, modules, and circuits described in connection with the disclosure herein may be implemented or performed with the following components designed to perform the functions described herein: a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination of these components. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
The steps of a method or algorithm described in connection with the disclosure herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user terminal. In the alternative, the processor and the storage medium may reside as discrete components in a user terminal.
In one or more exemplary designs, the functions may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a general-purpose or special-purpose computer, or a general-purpose or special-purpose processor. Also, any connection is properly termed a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, Digital Versatile Disc (DVD), floppy disk, blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
Disclosed exemplary embodiments should be noted, however, that various changes and modifications could be made herein without departing from the scope of the disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosure may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that, as used herein, the singular forms "a," "an," "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
The above-mentioned serial numbers of the embodiments of the present disclosure are merely for description and do not represent the merits of the embodiments.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, is limited to these examples; within the idea of an embodiment of the invention, also technical features in the above embodiment or in different embodiments may be combined and there are many other variations of the different aspects of an embodiment of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present invention are intended to be included within the scope of the embodiments of the present invention.
Claims (6)
1. A method for secure access control, comprising:
receiving an access request sent by a client, wherein the access request comprises a temporary access token used for the access;
verifying the temporary access token used for the access;
if the verification is passed, generating and saving a temporary access token used for the next access;
and sending the temporary access token used by the next access to the client.
2. The secure access control method according to claim 1, further comprising:
receiving a login request sent by a client, wherein the login request comprises a user name and a password;
verifying the user name and the password;
if the verification is passed, generating and saving a temporary access token used for the next access;
and sending the temporary access token used by the next access to the client.
3. The secure access control method according to claim 2, comprising:
receiving a login request sent by a client, wherein the login request comprises user name and password information;
acquiring the user name and the password according to the login request, verifying the client according to the user name and the password, refusing login if the verification is not passed, otherwise:
generating a temporary access token used by the next access, sending the temporary access token to the client, and simultaneously storing the temporary access token in a storage module;
receiving an access request sent by the client, wherein the access request comprises the temporary access token and access content;
obtaining the temporary access token according to the access request, querying the storage module according to the temporary access token, if the temporary access token is not found, refusing to log in, otherwise:
and generating a new temporary access token used for the next access, storing the new temporary access token used for the next access in the storage module, and returning the new temporary access token used for the next access and the access content to the client.
4. A secure access control server, comprising:
and the data receiving and sending module is used for receiving an access request sent by a client, wherein the access request comprises a temporary access token used for the current access, and if the temporary access token used for the current access passes the verification, sending the temporary access token used for the next access to the client.
The verification module is used for acquiring the temporary access token used by the current access according to the access request, searching the storage module according to the temporary access token used by the current access, if the temporary access token used by the current access is searched, the verification is passed, and if the temporary access token used by the current access is not searched, the verification is not passed;
the token generation module is used for generating the temporary access token used for the next access if the temporary access token used for the current access passes the verification;
and the storage module is used for storing the temporary access token used in the current access and the temporary access token used in the next access.
5. The secure access control server according to claim 4, comprising:
the data transceiver module is used for receiving a login request sent by the client, wherein the login request comprises a user name and a password, and if the user name and the password pass verification, a temporary access token used for next access is sent to the client;
the identity authentication module is used for acquiring the user name and the password according to the login request, searching the storage module according to the user name and the password, if the storage module is searched, the authentication is passed, and otherwise, the authentication is not passed;
the token generation module is used for generating a temporary access token used for the next access if the user name and the password pass the verification;
and the storage module is used for storing the user name and the password and the temporary access token used in the next access.
6. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 3 when executing the program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811089286.XA CN110912865A (en) | 2018-09-18 | 2018-09-18 | Security access control method, server and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811089286.XA CN110912865A (en) | 2018-09-18 | 2018-09-18 | Security access control method, server and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110912865A true CN110912865A (en) | 2020-03-24 |
Family
ID=69813659
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811089286.XA Pending CN110912865A (en) | 2018-09-18 | 2018-09-18 | Security access control method, server and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110912865A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111737752A (en) * | 2020-07-23 | 2020-10-02 | 杭州海康威视数字技术股份有限公司 | Monitoring data access control method, device and equipment and storage medium |
| CN112422533A (en) * | 2020-11-05 | 2021-02-26 | 杭州米络星科技(集团)有限公司 | Verification method and device for user to access network and electronic equipment |
| CN114629719A (en) * | 2022-04-08 | 2022-06-14 | 中国移动通信集团陕西有限公司 | Resource access control method and resource access control system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582762A (en) * | 2009-04-02 | 2009-11-18 | 北京飞天诚信科技有限公司 | Method and system for identity authentication based on dynamic password |
| CN103634301A (en) * | 2013-11-14 | 2014-03-12 | 新浪网技术(中国)有限公司 | Client side and method for accessing private data stored in server by user |
| CN104767731A (en) * | 2015-03-12 | 2015-07-08 | 江苏中天科技软件技术有限公司 | Identity authentication protection method of Restful mobile transaction system |
| CN107026847A (en) * | 2017-02-09 | 2017-08-08 | 阿里巴巴集团控股有限公司 | One kind trusts login method, server and system |
| CN107948203A (en) * | 2017-12-29 | 2018-04-20 | 平安科技(深圳)有限公司 | A kind of container login method, application server, system and storage medium |
-
2018
- 2018-09-18 CN CN201811089286.XA patent/CN110912865A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582762A (en) * | 2009-04-02 | 2009-11-18 | 北京飞天诚信科技有限公司 | Method and system for identity authentication based on dynamic password |
| CN103634301A (en) * | 2013-11-14 | 2014-03-12 | 新浪网技术(中国)有限公司 | Client side and method for accessing private data stored in server by user |
| CN104767731A (en) * | 2015-03-12 | 2015-07-08 | 江苏中天科技软件技术有限公司 | Identity authentication protection method of Restful mobile transaction system |
| CN107026847A (en) * | 2017-02-09 | 2017-08-08 | 阿里巴巴集团控股有限公司 | One kind trusts login method, server and system |
| CN107948203A (en) * | 2017-12-29 | 2018-04-20 | 平安科技(深圳)有限公司 | A kind of container login method, application server, system and storage medium |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111737752A (en) * | 2020-07-23 | 2020-10-02 | 杭州海康威视数字技术股份有限公司 | Monitoring data access control method, device and equipment and storage medium |
| CN112422533A (en) * | 2020-11-05 | 2021-02-26 | 杭州米络星科技(集团)有限公司 | Verification method and device for user to access network and electronic equipment |
| CN112422533B (en) * | 2020-11-05 | 2023-03-24 | 杭州米络星科技(集团)有限公司 | Verification method and device for user to access network and electronic equipment |
| CN114629719A (en) * | 2022-04-08 | 2022-06-14 | 中国移动通信集团陕西有限公司 | Resource access control method and resource access control system |
| CN114629719B (en) * | 2022-04-08 | 2024-05-07 | 中国移动通信集团陕西有限公司 | Resource access control method and resource access control system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11323260B2 (en) | Method and device for identity verification | |
| US11509537B2 (en) | Internet of things device discovery and deployment | |
| US9059984B2 (en) | Authenticating an auxiliary device from a portable electronic device | |
| CN108632253B (en) | Client data security access method and device based on mobile terminal | |
| US9369286B2 (en) | System and methods for facilitating authentication of an electronic device accessing plurality of mobile applications | |
| CN110445769B (en) | Access method and device of business system | |
| US10992656B2 (en) | Distributed profile and key management | |
| US11627129B2 (en) | Method and system for contextual access control | |
| US10122697B2 (en) | Native authentication experience with failover | |
| US11362828B2 (en) | Systems and methods for authenticated communication sessions | |
| Ferry et al. | Security evaluation of the OAuth 2.0 framework | |
| CN110912865A (en) | Security access control method, server and electronic equipment | |
| CN110830280A (en) | Micro-service gateway device and method and electronic equipment | |
| US11443023B2 (en) | Distributed profile and key management | |
| CN113726774A (en) | Client login authentication method, system and computer equipment | |
| EP3977703A1 (en) | Protection of online applications and webpages using a blockchain | |
| CN108600259B (en) | Authentication and binding method of equipment, computer storage medium and server | |
| US20240163270A1 (en) | Techniques to pre-authenticate a user identity for an electronic account | |
| Ferdous et al. | Portable personal identity provider in mobile phones | |
| CN113395249A (en) | Client login authentication method, system and computer equipment | |
| CN110753036A (en) | Method and system for client quick authentication under CS framework | |
| CN107886004B (en) | Method and device for identifying computer clone operating system | |
| CN109376024B (en) | Service information configuration method and device | |
| US12028345B2 (en) | Information security system and method for identifying trusted machines for machine-to-machine (M2M) security and validation | |
| US11979396B2 (en) | Information security system and method for machine-to-machine (M2M) security and validation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200324 |
|
| RJ01 | Rejection of invention patent application after publication |