CN111193743A - Identity authentication method, system and related device of storage system - Google Patents

Identity authentication method, system and related device of storage system Download PDF

Info

Publication number
CN111193743A
CN111193743A CN201911411097.4A CN201911411097A CN111193743A CN 111193743 A CN111193743 A CN 111193743A CN 201911411097 A CN201911411097 A CN 201911411097A CN 111193743 A CN111193743 A CN 111193743A
Authority
CN
China
Prior art keywords
client
public key
request
server
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911411097.4A
Other languages
Chinese (zh)
Inventor
任鹏翔
胡永刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Electronic Information Industry Co Ltd
Original Assignee
Inspur Electronic Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Electronic Information Industry Co Ltd filed Critical Inspur Electronic Information Industry Co Ltd
Priority to CN201911411097.4A priority Critical patent/CN111193743A/en
Publication of CN111193743A publication Critical patent/CN111193743A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides an identity authentication method of a storage system, which comprises the following steps: receiving a login request; generating a pfx certificate and an ID corresponding to the pfx certificate by using a preset asymmetric encryption algorithm according to the biological characteristic information, and sending the ID and a public key to the client; determining a corresponding private key according to the ID, and decrypting an encryption request returned by the client by using the private key to obtain an MD5 value corresponding to the biological characteristic information; traversing the local storage of the server to judge whether an MD5 value exists; if so, passing the login request; if not, the login request is rejected. The method and the system have the advantages that the asymmetric encryption mode based on the biological characteristic information is adopted, only the private key is stored at the server side, the data safety of the server is guaranteed, and meanwhile, the safety of the storage system can be further guaranteed by adopting the biological characteristic information authentication. The application also provides an identity authentication system of the storage system, a computer readable storage medium and a server, which have the beneficial effects.

Description

Identity authentication method, system and related device of storage system
Technical Field
The present application relates to the field of servers, and in particular, to an identity authentication method and system for a storage system, and a related device.
Background
Previously, as distributed storage became increasingly hot, the associated demands were also numerous. And the authentication method based on the biological characteristics is more popular with developers of various manufacturers. Therefore, the patent aims to realize a brand-new user login authentication mode of the distributed storage system, and introduces how the distributed storage system authenticates the user identity at the client and the server.
Currently, in a mainstream distributed storage system such as ceph, a user authentication mode is an access _ key and secret _ key authentication mode or a token authentication mode, and the authentication mode essentially uses a symmetric encryption mode and performs symmetric encryption twice at a server side and a client side. In this way, keys need to be stored at both the server side and the client side, however, the management and distribution of the keys are difficult and not secure enough, and if the key of one party is leaked, the key of the other party is also not secure. Therefore, how to solve the authentication problem of the current storage system is a technical problem that needs to be solved urgently by those skilled in the art.
Disclosure of Invention
The application aims to provide an identity authentication method, an identity authentication system, a computer readable storage medium and a server of a storage system, which can improve the authentication security of the server.
In order to solve the above technical problem, the present application provides an identity authentication method for a storage system, which has the following specific technical scheme:
receiving a login request sent by a client; the login request comprises the biological characteristic information of the login user;
generating a pfx certificate and an ID corresponding to the pfx certificate by using a preset asymmetric encryption algorithm according to the biological characteristic information, and sending the ID and a public key in the pfx certificate to the client;
after the client encrypts user account data by using the public key to obtain an encryption request and returns the encryption request and the ID, determining a corresponding private key according to the ID, and decrypting the encryption request by using the private key to obtain an MD5 value corresponding to the biological characteristic information;
traversing a server local storage to judge whether the MD5 value exists;
if so, passing the login request;
if not, the login request is rejected.
Wherein, still include:
receiving a registration request sent by a client;
generating the pfx certificate and a random ID corresponding to the pfx certificate according to the registration request; the pfx certificate comprises a pair of public key and private key;
returning the public key and the random ID to the client;
after the client encrypts a user information file by using the public key to obtain a ciphertext, receiving the ciphertext and the random ID sent by the client;
and decrypting the ciphertext by using a private key corresponding to the random ID, and storing the user information file and the corresponding MD5 value in a server local storage.
After storing the user information file and the corresponding MD5 value locally in the server, the method further includes:
and returning a message instruction of successful registration to the client.
Before the client encrypts the user information file by using the public key to obtain a ciphertext, the method further includes:
the client starts a fingerprint recognizer to receive the user fingerprint;
and obtaining the user information file by utilizing a fingerprint conversion algorithm.
The present application further provides an identity authentication system of a storage system, including:
the request receiving module is used for receiving a login request sent by a client; the login request comprises the biological characteristic information of the login user;
the certificate generation module is used for generating a pfx certificate and an ID corresponding to the pfx certificate by using a preset asymmetric encryption algorithm according to the biological characteristic information, and sending the ID and a public key in the pfx certificate to the client;
the decryption module is used for encrypting user account data by using the public key at the client to obtain an encryption request, determining a corresponding private key according to the ID after returning the encryption request and the ID, and decrypting the encryption request by using the private key to obtain an MD5 value corresponding to the biological characteristic information;
the judging module is used for traversing the local storage of the server to judge whether the MD5 value exists or not; if so, passing the login request; if not, the login request is rejected.
Wherein, still include:
the registration module is used for receiving a registration request sent by a client; generating the pfx certificate and a random ID corresponding to the pfx certificate according to the registration request; the pfx certificate comprises a pair of public key and private key; returning the public key and the random ID to the client; after the client encrypts a user information file by using the public key to obtain a ciphertext, receiving the ciphertext and the random ID sent by the client; and decrypting the ciphertext by using a private key corresponding to the random ID, and storing the user information file and the corresponding MD5 value in a server local storage.
Wherein, still include:
and the message sending module is used for storing the user information file and the corresponding MD5 value in the local storage of the server and then returning a message instruction of successful registration to the client.
Wherein, still include:
the fingerprint receiving module is used for starting a fingerprint identifier to receive the user fingerprint before the user information file is encrypted by the public key to obtain a ciphertext; and obtaining the user information file by utilizing a fingerprint conversion algorithm.
The present application also provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method as set forth above.
The present application further provides a server comprising a memory and a processor, wherein the memory stores a computer program, and the processor implements the steps of the method described above when calling the computer program in the memory.
The application provides an identity authentication method of a storage system, which comprises the following steps: receiving a login request sent by a client; the login request comprises the biological characteristic information of the login user; the login request comprises the biological characteristic information of the login user; generating a pfx certificate and an ID corresponding to the pfx certificate by using a preset asymmetric encryption algorithm according to the biological characteristic information, and sending the ID and a public key in the pfx certificate to the client; after the client encrypts user account data by using the public key to obtain an encryption request and returns the encryption request and the ID, determining a corresponding private key according to the ID, and decrypting the encryption request by using the private key to obtain an MD5 value corresponding to the biological characteristic information; traversing a server local storage to judge whether the MD5 value exists; if so, passing the login request; if not, the login request is rejected.
The method and the system adopt an asymmetric encryption mode based on the biological characteristic information, only the private key is stored in the server side, the client side only needs to store the public key, and the data security of the server is guaranteed. When a login user logs in, even if the login user obtains the public key stored in the client, the corresponding private key in the server cannot be obtained, and the login user also cannot log in. The application also provides an identity authentication system of the storage system, a computer readable storage medium and a server, which have the beneficial effects and are not described herein again.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of an identity authentication method of a storage system according to an embodiment of the present disclosure;
fig. 2 is a flowchart illustrating a registration process of a storage system according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of an identity authentication system of a storage system according to an embodiment of the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of an identity authentication method of a storage system according to an embodiment of the present application, where the method includes:
s101: receiving a login request sent by a client;
the login request includes biometric information of the login user. What kind of biometric information is not limited herein, and may include fingerprint, iris, and so on. It should be noted that the login request does not include other private information of the user account, and may include a user name, but should not include data such as a password or an authentication code. In the step, only the user side sends a login request to the server, so that the server receives the login request and returns the ID and the public key in the pfx certificate, and the registration operation is distinguished.
S102: generating a pfx certificate and an ID corresponding to the pfx certificate by using a preset asymmetric encryption algorithm according to the biological characteristic information, and sending the ID and a public key in the pfx certificate to a client;
in this step, the storage system end encrypts the biometric information to obtain the pfx certificate and the ID corresponding to the pfx certificate. The preset asymmetric encryption algorithm is not limited, and may be an RSA algorithm, etc.
After being encrypted by an asymmetric encryption algorithm, a pfx certificate can be obtained, wherein the pfx certificate comprises a pair of public key and private key, the ID is used for identifying the pfx certificate, and each pfx certificate has a unique corresponding ID which is used for identifying the pfx certificate.
And after obtaining the pfx certificate and the corresponding ID, sending the public key in the pfx certificate and the ID to the client. It should be noted that the private key of the pfx certificate needs to be always stored in the server side of the storage system, and the private key is prohibited from being sent to the client side.
S103: encrypting user account data by using a public key at a client to obtain an encryption request, returning the encryption request and an ID, determining a corresponding private key according to the ID, and decrypting the encryption request by using the private key to obtain an MD5 value corresponding to the biological characteristic information;
after receiving the public key returned by the storage system server, the client encrypts user account data by using the public key to obtain an encryption request, and then returns the encryption request and the ID to the storage system server.
And after receiving the encryption request returned by the client, the server decrypts the encryption request by using the private key to obtain the MD5 value corresponding to the biological characteristic information. The user account data mainly refers to account information for login, and may include other information besides biometric information, such as a user name, a password, an authentication code, and the like, which is not limited herein. It should be noted that the client may encrypt the user account data only after the server returns the public key and the ID. Of course, the user may be prohibited from entering user account data to secure the account until the client receives the public key and the ID.
Because the client only holds the public key in the pfx certificate, even if the client data is illegally stolen, the account information of the user is still difficult to decrypt only according to the public key, and the account safety of the user is ensured. Meanwhile, when a user logs in through the client, the server generates a pfx certificate and a corresponding unique ID, so that the account data of each user is decrypted by the unique pfx certificate, and a private key required by decryption is only stored in the server, so that the problems of user account leakage and the like caused by tampering of the client can be prevented.
Although the user account data may also include data for verifying the user identity, such as a user name and a password, the user name and the password are easy to steal when the client is invaded or tampered, so the core of the step is to compare the biometric information in the user account data, and even if the user name and the password input by the user are correct, the fingerprint information is wrong, and the user account data can be considered to be stolen.
In the above process, the server determines the private key corresponding to the public key according to the ID so as to decrypt the encryption request. Of course, once the public key in the pfx certificate is exchanged at the client, the corresponding ID is transformed, the server cannot decrypt the encrypted request, and naturally the login request can be directly rejected.
It should be noted that whether the biometric information matches the account in the login request, a corresponding MD5 value may be calculated for the biometric information in the encrypted request.
S104: traversing the local storage of the server to judge whether an MD5 value exists; if yes, entering S105; if not, entering S106;
calculating the MD5 value according to the biometric information, traversing whether the same MD5 value exists in the local storage of the server, if so, confirming that the biometric information is registered in the server, namely, the authentication is passed, and executing S105. If the MD value is not stored locally in the server, S106 should be executed to reject the login request even if the user name and password included in the login request are correct.
S105: through a login request;
s106: the login request is denied.
The method and the system adopt an asymmetric encryption mode based on the biological characteristic information, only the private key is stored in the server side, the client side only needs to store the public key, and the data security of the server is guaranteed. When a login user logs in, even if the login user obtains the public key stored in the client, the corresponding private key in the server cannot be obtained, and the login user also cannot log in.
On the basis of the foregoing embodiment, referring to fig. 2, fig. 2 is a flowchart of a registration process of a storage system provided in an embodiment of the present application, and the following describes a registration process of the storage system:
step one, receiving a registration request sent by a client;
step two, generating a pfx certificate and a random ID corresponding to the pfx certificate according to the registration request; the pfx certificate comprises a pair of public key and private key;
step three, returning the public key and the random ID to the client;
step four, after the client encrypts the user information file by using the public key to obtain a ciphertext, receiving the ciphertext and the random ID sent by the client;
the client starts a fingerprint recognizer to receive the user fingerprint, and a fingerprint conversion algorithm is utilized to obtain a user information file. The fingerprint conversion algorithm is not limited herein.
And fifthly, decrypting the ciphertext by using a private key corresponding to the random ID, and storing the user information file and the corresponding MD5 value in the local storage of the server.
Further, after the fifth step, a message instruction of successful registration may also be returned to the client.
In the following, an identity authentication system of a storage system provided in an embodiment of the present application is introduced, and an identity authentication system described below and an identity authentication method of a storage system described above may be referred to correspondingly.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an identity authentication system of a storage system according to an embodiment of the present application, and the present application further provides an identity authentication system of a storage system, including:
a request receiving module 100, configured to receive, after a client receives a login request of a login user, the login request sent by the client; the login request comprises the biological characteristic information of the login user;
the certificate generation module 200 is configured to generate a pfx certificate and an ID corresponding to the pfx certificate according to the biometric information by using a preset asymmetric encryption algorithm, and send the ID and a public key in the pfx certificate to the client;
the decryption module 300 is configured to, after the client encrypts user account data by using the public key to obtain an encryption request and returns the encryption request and the ID, determine a corresponding private key according to the ID, and decrypt the encryption request by using the private key to obtain an MD5 value corresponding to the biometric information;
the judging module 400 is configured to traverse a server local storage to judge whether the MD5 value exists; if so, passing the login request; if not, the login request is rejected.
Based on the above embodiment, as a preferred embodiment, the method further includes:
the registration module is used for receiving a registration request sent by a client; generating the pfx certificate and a random ID corresponding to the pfx certificate according to the registration request; the pfx certificate comprises a pair of public key and private key; returning the public key and the random ID to the client; after the client encrypts a user information file by using the public key to obtain a ciphertext, receiving the ciphertext and the random ID sent by the client; and decrypting the ciphertext by using a private key corresponding to the random ID, and storing the user information file and the corresponding MD5 value in a server local storage.
Based on the above embodiment, as a preferred embodiment, the method further includes:
and the message sending module is used for storing the user information file and the corresponding MD5 value in the local storage of the server and then returning a message instruction of successful registration to the client.
Based on the above embodiment, as a preferred embodiment, the method further includes:
the fingerprint receiving module is used for starting a fingerprint identifier to receive the user fingerprint before the user information file is encrypted by the public key to obtain a ciphertext; and obtaining the user information file by utilizing a fingerprint conversion algorithm.
The present application also provides a computer readable storage medium having stored thereon a computer program which, when executed, may implement the steps provided by the above-described embodiments. The storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The application also provides a server, which may include a memory and a processor, where the memory stores a computer program, and the processor may implement the steps provided by the foregoing embodiments when calling the computer program in the memory. Of course, the server may also include various network interfaces, power supplies, and the like.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system provided by the embodiment, the description is relatively simple because the system corresponds to the method provided by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present application are explained herein using specific examples, which are provided only to help understand the method and the core idea of the present application. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

Claims (10)

1. An identity authentication method of a storage system, comprising:
receiving a login request sent by a client; the login request comprises the biological characteristic information of the login user;
generating a pfx certificate and an ID corresponding to the pfx certificate by using a preset asymmetric encryption algorithm according to the biological characteristic information, and sending the ID and a public key in the pfx certificate to the client;
after the client encrypts user account data by using the public key to obtain an encryption request and returns the encryption request and the ID, determining a corresponding private key according to the ID, and decrypting the encryption request by using the private key to obtain an MD5 value corresponding to the biological characteristic information;
traversing a server local storage to judge whether the MD5 value exists;
if so, passing the login request;
if not, the login request is rejected.
2. The identity authentication method of claim 1, further comprising:
receiving a registration request sent by a client;
generating the pfx certificate and a random ID corresponding to the pfx certificate according to the registration request; the pfx certificate comprises a pair of public key and private key;
returning the public key and the random ID to the client;
after the client encrypts a user information file by using the public key to obtain a ciphertext, receiving the ciphertext and the random ID sent by the client;
and decrypting the ciphertext by using a private key corresponding to the random ID, and storing the user information file and the corresponding MD5 value in a server local storage.
3. The identity authentication method of claim 2, wherein after storing the user information file and the corresponding MD5 value locally on the server, further comprising:
and returning a message instruction of successful registration to the client.
4. The identity authentication method of claim 2, wherein before the client encrypts the user information file by using the public key to obtain the ciphertext, the method further comprises:
the client starts a fingerprint recognizer to receive the user fingerprint;
and obtaining the user information file by utilizing a fingerprint conversion algorithm.
5. An identity authentication system of a storage system, comprising:
the request receiving module is used for receiving a login request sent by a client; the login request comprises the biological characteristic information of the login user;
the certificate generation module is used for generating a pfx certificate and an ID corresponding to the pfx certificate by using a preset asymmetric encryption algorithm according to the biological characteristic information, and sending the ID and a public key in the pfx certificate to the client;
the decryption module is used for encrypting user account data by using the public key at the client to obtain an encryption request, determining a corresponding private key according to the ID after returning the encryption request and the ID, and decrypting the encryption request by using the private key to obtain an MD5 value corresponding to the biological characteristic information;
the judging module is used for traversing the local storage of the server to judge whether the MD5 value exists or not; if so, passing the login request; if not, the login request is rejected.
6. The identity authentication system of claim 5, further comprising:
the registration module is used for receiving a registration request sent by a client; generating the pfx certificate and a random ID corresponding to the pfx certificate according to the registration request; the pfx certificate comprises a pair of public key and private key; returning the public key and the random ID to the client; after the client encrypts a user information file by using the public key to obtain a ciphertext, receiving the ciphertext and the random ID sent by the client; and decrypting the ciphertext by using a private key corresponding to the random ID, and storing the user information file and the corresponding MD5 value in a server local storage.
7. The identity authentication system of claim 6, further comprising:
and the message sending module is used for storing the user information file and the corresponding MD5 value in the local storage of the server and then returning a message instruction of successful registration to the client.
8. The identity authentication system of claim 6, further comprising:
the fingerprint receiving module is used for starting a fingerprint identifier to receive the user fingerprint before the user information file is encrypted by the public key to obtain a ciphertext; and obtaining the user information file by utilizing a fingerprint conversion algorithm.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4.
10. A server, comprising a memory having a computer program stored therein and a processor that implements the steps of the method according to any one of claims 1-4 when called upon by the processor.
CN201911411097.4A 2019-12-31 2019-12-31 Identity authentication method, system and related device of storage system Pending CN111193743A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911411097.4A CN111193743A (en) 2019-12-31 2019-12-31 Identity authentication method, system and related device of storage system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911411097.4A CN111193743A (en) 2019-12-31 2019-12-31 Identity authentication method, system and related device of storage system

Publications (1)

Publication Number Publication Date
CN111193743A true CN111193743A (en) 2020-05-22

Family

ID=70709624

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911411097.4A Pending CN111193743A (en) 2019-12-31 2019-12-31 Identity authentication method, system and related device of storage system

Country Status (1)

Country Link
CN (1) CN111193743A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112153038A (en) * 2020-09-18 2020-12-29 山东英信计算机技术有限公司 Method and device for secure login, authentication terminal and readable storage medium
CN112351023A (en) * 2020-10-30 2021-02-09 杭州安恒信息技术股份有限公司 Data sharing and transmission method and system
CN112784250A (en) * 2021-01-27 2021-05-11 深圳融安网络科技有限公司 Identity authentication method, client, server and storage medium
CN113268779A (en) * 2021-06-07 2021-08-17 中国联合网络通信集团有限公司 Real-name registration method, device, equipment and storage medium
CN113591153A (en) * 2021-08-13 2021-11-02 杭州安恒信息安全技术有限公司 Data processing method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102664735A (en) * 2012-04-13 2012-09-12 江苏新彩软件有限公司 Implementation method for secure session of mobile phone lottery system based on public key
US20130318354A1 (en) * 2010-06-28 2013-11-28 Bundesdruckerei Gmbh Method for generating a certificate
US20150195278A1 (en) * 2014-01-09 2015-07-09 Brian S. Plotkin Access credentials using biometrically generated public/private key pairs
CN106572076A (en) * 2016-09-27 2017-04-19 山东浪潮商用系统有限公司 Web service access method, client side and server side
CN109522698A (en) * 2018-10-11 2019-03-26 平安科技(深圳)有限公司 User authen method and terminal device based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130318354A1 (en) * 2010-06-28 2013-11-28 Bundesdruckerei Gmbh Method for generating a certificate
CN102664735A (en) * 2012-04-13 2012-09-12 江苏新彩软件有限公司 Implementation method for secure session of mobile phone lottery system based on public key
US20150195278A1 (en) * 2014-01-09 2015-07-09 Brian S. Plotkin Access credentials using biometrically generated public/private key pairs
CN106572076A (en) * 2016-09-27 2017-04-19 山东浪潮商用系统有限公司 Web service access method, client side and server side
CN109522698A (en) * 2018-10-11 2019-03-26 平安科技(深圳)有限公司 User authen method and terminal device based on block chain

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112153038A (en) * 2020-09-18 2020-12-29 山东英信计算机技术有限公司 Method and device for secure login, authentication terminal and readable storage medium
CN112153038B (en) * 2020-09-18 2022-06-07 山东英信计算机技术有限公司 Method and device for secure login, authentication terminal and readable storage medium
CN112351023A (en) * 2020-10-30 2021-02-09 杭州安恒信息技术股份有限公司 Data sharing and transmission method and system
CN112784250A (en) * 2021-01-27 2021-05-11 深圳融安网络科技有限公司 Identity authentication method, client, server and storage medium
CN112784250B (en) * 2021-01-27 2024-04-23 深圳融安网络科技有限公司 Identity authentication method, client, server and storage medium
CN113268779A (en) * 2021-06-07 2021-08-17 中国联合网络通信集团有限公司 Real-name registration method, device, equipment and storage medium
CN113591153A (en) * 2021-08-13 2021-11-02 杭州安恒信息安全技术有限公司 Data processing method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN106612180B (en) Method and device for realizing session identification synchronization
TWI497336B (en) Data security devices and computer program
CN111193743A (en) Identity authentication method, system and related device of storage system
US7925023B2 (en) Method and apparatus for managing cryptographic keys
US8935528B2 (en) Techniques for ensuring authentication and integrity of communications
US7877604B2 (en) Proof of execution using random function
CN106452764B (en) Method for automatically updating identification private key and password system
CN107920052B (en) Encryption method and intelligent device
CN111275419B (en) Block chain wallet signature right confirming method, device and system
JP2005102163A (en) Equipment authentication system, server, method and program, terminal and storage medium
JPWO2007094165A1 (en) Identification system and program, and identification method
CN111901346A (en) Identity authentication system
KR100315387B1 (en) Private Key, Certificate Administration System and Method Thereof
CN110650011A (en) Encryption storage method and encryption storage card based on quantum key
CN112565265A (en) Authentication method, authentication system and communication method between terminal devices of Internet of things
CN110740116B (en) System and method for multi-application identity authentication
CN111510426A (en) Internet of things distribution network encryption method, device and system, electronic equipment and storage medium
JP6533542B2 (en) Secret key replication system, terminal and secret key replication method
JP5622668B2 (en) Application authentication system, application authentication method
CN111934862B (en) Server access method and device, readable medium and electronic equipment
CN116132986A (en) Data transmission method, electronic equipment and storage medium
CN115801232A (en) Private key protection method, device, equipment and storage medium
CN113792314A (en) Secure access method, device and system
KR101484744B1 (en) Private key exposure detecting method and system for user authentication certificate
KR20000039411A (en) Authorization method using coding mechanism and disposable password

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200522