CN111291329A - File viewing method, device, system, server and readable storage medium - Google Patents
File viewing method, device, system, server and readable storage medium Download PDFInfo
- Publication number
- CN111291329A CN111291329A CN201811505348.0A CN201811505348A CN111291329A CN 111291329 A CN111291329 A CN 111291329A CN 201811505348 A CN201811505348 A CN 201811505348A CN 111291329 A CN111291329 A CN 111291329A
- Authority
- CN
- China
- Prior art keywords
- user
- file
- server
- terminal
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 238000003860 storage Methods 0.000 title claims abstract description 24
- 238000004891 communication Methods 0.000 claims description 20
- 238000004590 computer program Methods 0.000 claims description 15
- 230000005540 biological transmission Effects 0.000 claims description 6
- 239000000126 substance Substances 0.000 claims description 3
- 238000007726 management method Methods 0.000 description 50
- 230000008569 process Effects 0.000 description 21
- 238000010586 diagram Methods 0.000 description 18
- 238000005516 engineering process Methods 0.000 description 8
- 210000000554 iris Anatomy 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000012795 verification Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 101000616761 Homo sapiens Single-minded homolog 2 Proteins 0.000 description 3
- 102100021825 Single-minded homolog 2 Human genes 0.000 description 3
- 101000703681 Homo sapiens Single-minded homolog 1 Proteins 0.000 description 2
- 102100031980 Single-minded homolog 1 Human genes 0.000 description 2
- 210000000887 face Anatomy 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000003825 pressing Methods 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a file viewing method, a device, a system, a server and a readable storage medium, wherein the method comprises the following steps: receiving a content viewing request of a user for a charging file sent by a terminal; judging whether the user pays for the charging file or not; if not, receiving the payment request information of the user to the charging file, which is sent by the terminal; and if the FIDO UAF identity information of the user to be authenticated carried in the payment request information passes the authentication, providing the content information of the charging file, and enabling the user to check the content information of the charging file. In the invention, if the server determines that the user does not pay the fee for the charged file to be checked and determines that the user sending the information requesting the fee for the charged file passes the FIDO UAF identity information authentication, the server provides the content information of the charged file for the user, thereby avoiding the free reading of the charged file and the leakage of the file privacy and ensuring the safety management of the charged file.
Description
Technical Field
The present invention relates to the field of file management technologies, and in particular, to a file viewing method, apparatus, system, server, and readable storage medium.
Background
In order to save and share files, users may generally store their own files such as text, music, video, etc. on a platform such as a network disk or a website, etc., and as the content payment is started, many files stored on the platform by users may be set as charging files. If these charging documents are read by network users for free, property loss of document owners may be caused, and there is no way in the prior art to ensure security management of charging documents.
Disclosure of Invention
The invention provides a file viewing method, a device, a system, a server and a readable storage medium, which are used for solving the problem of property loss of a file owner caused by free reading of a charged file in the prior art.
The invention provides a file viewing method, which is applied to a server and comprises the following steps:
receiving a content viewing request of a user for a charging file sent by a terminal;
judging whether the user pays for the charging file or not;
if not, receiving the payment request information of the user to the charging file, which is sent by the terminal; and if the identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication of the UAF (fast online identity authentication) identity authentication protocol of the user to be authenticated, providing the content information of the charging file, and enabling the user to check the content information of the charging file.
Further, the receiving of the content viewing request of the user for the charging file comprises:
receiving a file viewing request of the user sent by a terminal, and sending a file list to the terminal;
and receiving a content viewing request of the user for the charging file in the file list.
Further, after receiving a request for viewing the content of the charging file from the user sent by the terminal, before the determining whether the user has paid for the charging file, the method further includes:
judging whether information that the FIDO UAF identity authentication login of the user is completed and sent by an FIDO server is received;
if yes, the subsequent steps are carried out.
Further, before the determining whether the information sent by the FIDO server that the user has completed FIDO UAF authentication login is received, the method further includes:
judging whether the user carries out FIDO registration or not;
if yes, carrying out the subsequent steps;
and if not, performing FIDO UAF registration and performing subsequent steps.
Further, after receiving a request for viewing the content of the charging file from the user sent by the terminal, before the determining whether the user has paid for the charging file, the method further includes:
judging whether the user is the owner of the charging file;
if not, the subsequent steps are carried out.
Further, before the receiving terminal sends a content viewing request of the user for the charging file, the method further includes:
verifying whether the SM2 certificate of the terminal is legal;
if yes, the subsequent steps are carried out.
Further, the SM2 certificate is a public SM2 algorithm certificate of the FIDO server, which is applied by the terminal to the certificate authority CA through the USBKey.
The invention provides a file viewing device, which is applied to a server and comprises:
the receiving module is used for receiving a content viewing request of a user for the charging file, which is sent by the terminal;
the judging module is used for judging whether the user pays for the charging file;
the transmission module is used for receiving the payment request information of the user to the charging file, which is sent by the terminal, when the judgment result of the first judgment module is negative; and if the identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication of the UAF (fast online identity authentication) identity authentication protocol of the user to be authenticated, providing the content information of the charging file, and enabling the user to check the content information of the charging file.
Further, the receiving module is specifically configured to receive a file viewing request of the user sent by a terminal, and send a file list to the terminal; and receiving a content viewing request of the user for the charging file in the file list.
Further, the determining module is further configured to determine whether information that the FIDO UAF identity authentication login of the user is completed, which is sent by the FIDO server, is received after receiving a content check request of the user for the charging file, which is sent by the terminal; if yes, judging whether the user pays for the charging file;
the judging module is also used for judging whether the user is the owner of the charging file after receiving a content checking request of the charging file sent by the terminal; if not, judging whether the user pays for the charging file;
the judging module is further configured to verify whether the SM2 certificate of the terminal is legal; and if so, receiving a content viewing request of the user for the charging file sent by the terminal.
Further, the determining module is further configured to determine whether the user performs FIDO registration; if so, judging whether the information that the FIDO UAF identity authentication login of the user is completed and sent by the FIDO server is received; and if not, performing FIDO UAF registration, and judging whether the information that the user finishes FIDO UAF identity authentication login sent by the FIDO server is received.
Further, the SM2 certificate is a public SM2 algorithm certificate of the FIDO server, which is applied by the terminal to the certificate authority CA through the USBKey.
Further, the transmission module is specifically configured to determine that the FIDO UAF identity information of the user to be authenticated passes authentication if the information that the user authentication sent by the terminal passes is received; the authenticator in the terminal judges whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDO UAF identity information stored by the automatic storage management ASM module in the terminal, and if so, the user authentication is determined to pass.
The present invention provides a server, comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
the memory has stored therein a computer program which, when executed by the processor, causes the processor to perform the steps of any of the methods described above.
The present invention provides a computer readable storage medium storing a computer program executable by a server, the program, when run on the server, causing the server to perform the steps of any of the methods described above.
The invention provides a file viewing system, which comprises a terminal and a server, wherein the terminal is connected with the server; wherein the content of the first and second substances,
the terminal is used for sending a content viewing request of a user for the charging file to the server; sending the payment request information of the user to the charging file to the server, wherein the payment request information carries the identity information of a fast online identity authentication FIDO identity authentication protocol UAF of the user to be authenticated; receiving the content information of the charging file sent by the server, and enabling the user to check the content information of the charging file;
the server is used for receiving a content viewing request of the user for the charging file and judging whether the user pays for the charging file; if not, receiving the payment request information of the user to the charging file; and if the FIDO UAF identity information of the user to be authenticated is determined to pass the authentication, sending the content information of the charging file to the terminal.
Further, the terminal is specifically configured to send a file viewing request of the user to the server, and receive a file list sent by the server; sending a content viewing request of the user for the charging files in the file list to the server;
the server is specifically configured to receive a file viewing request of the user, and send a file list to the terminal; and receiving a content viewing request of the user for the charging files in the file list.
Further, the terminal is further configured to determine, by an authenticator in the terminal, whether FIDO UAF identity information of the user to be authenticated passes authentication according to FIDO UAF identity information stored by an automatic storage management ASM module in the terminal, and if so, determine that the user passes authentication; sending the information that the user passes the authentication to the server;
the server is specifically configured to determine that the FIDO UAF identity information of the user to be authenticated passes authentication if the information that the user passes authentication is received.
Further, the system further comprises: a FIDO server;
the FIDO server is used for carrying out FIDO UAF identity authentication login information on the user, and if authentication is completed, the FIDO UAF identity authentication login information of the user is sent to the server;
the server is also used for judging whether the information that the FIDO server sends the FIDO that the user finishes FIDO UAF identity authentication login is received after receiving the content checking request of the user to the charging file sent by the terminal; if yes, judging whether the user pays for the charging file;
the server is also used for judging whether the user is the owner of the charging file after receiving a content checking request of the charging file sent by the terminal; if not, judging whether the user pays for the charging file;
the system further comprises: a certificate authority CA;
the server is also used for verifying whether the SM2 certificate of the terminal is legal; and if so, receiving a content viewing request of the user to the charging file sent by the terminal, wherein the SM2 certificate is a SM2 cryptographic algorithm certificate of the FIDO server applied to the CA by the terminal through the USBKey.
Further, the server is further configured to determine whether the user performs FIDO registration; if so, judging whether the information that the FIDO UAF identity authentication login of the user is completed and sent by the FIDO server is received.
The invention provides a file viewing method, a device, a system, a server and a readable storage medium, wherein the method comprises the following steps: receiving a content viewing request of a user for a charging file sent by a terminal; judging whether the user pays for the charging file or not; if not, receiving the payment request information of the user to the charging file, which is sent by the terminal; and if the FIDO UAF identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication, providing the content information of the charging file, and enabling the user to check the content information of the charging file. According to the method and the system, the server receives the content viewing request of the user for the charging file, if the user is determined not to pay for the charging file and the user sending the information requesting the payment for the charging file is determined to pass FIDO UAF identity information authentication, the content information of the charging file is provided for the user, the charging file is prevented from being read freely and the privacy of the file is prevented from being leaked, and the safety management of the charging file is guaranteed.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of a file viewing process provided in embodiment 1 of the present invention;
fig. 2 is a schematic structural diagram of a file viewing system according to embodiment 6 of the present invention;
fig. 3 is a schematic view of a file viewing process provided in embodiment 6 of the present invention;
fig. 4 is a schematic structural diagram of a file viewing system according to embodiment 7 of the present invention;
fig. 5 is a schematic structural diagram of a file viewing system according to embodiment 7 of the present invention;
fig. 6 is a schematic structural diagram of a file viewing system according to embodiment 7 of the present invention;
fig. 7 is a schematic structural diagram of a server according to embodiment 8 of the present invention;
fig. 8 is a schematic diagram of a file viewing apparatus according to an embodiment of the present invention.
Detailed Description
In order to avoid free reading of a charged file and leakage of file privacy and guarantee safety management of the charged file, the embodiment of the invention provides a file viewing method, a device, a system, a server and a readable storage medium.
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1:
fig. 1 is a schematic diagram of a file viewing process provided in an embodiment of the present invention, where the process includes the following steps:
s101: and receiving a content viewing request of the user for the charging file sent by the terminal.
The file viewing process provided by the embodiment of the invention is applied to a server, the server can be a server which stores files and is provided with a file management system, and the server can be understood as a file management relying party server.
The server is connected to the terminal, and is capable of receiving a content check request of a user for a charging file sent by the terminal, where the content check request of the user for the charging file carries identification information of the user and identification information of the charging file, and in addition, the content check request of the user for the charging file may also carry an identification of whether the file is the charging file, specifically, the identification information of the user may be FIDO (Fast Identity on line, Fast Online Identity Authentication) UAF (Universal Authentication Framework Protocol) Identity information of the user, and the FIDO UAF Identity information of the user includes: fingerprint/face/iris and other biological characteristic information, and common account password login and other information.
Corresponding to the document management relying party server, a corresponding client may be installed on the terminal, and the terminal may be understood as the document management relying party client.
The content viewing request of the user for the charging file sent by the terminal may be that a file list is displayed on a display screen of the terminal, the user selects a file of which the user wants to view the content from the file list, the terminal identifies the file selected by the user, the user can directly send identification information of the file to the terminal, and the terminal takes the file of the identification information as the file of which the user wants to view the content.
S102: judging whether the user pays for the charging file or not; if yes, go to S104; if not, proceed to S103.
The server may store a list of users who paid for the charging file, so that the server receives a content viewing request of a user for the charging file, may search whether a user who sent the content viewing request exists in the list of users who paid for the charging file, if so, determine that the user paid for the charging file, and if not, determine that the user did not pay for the charging file.
And the server executes different steps according to different judgment results.
S103: receiving payment request information of the user to the charging file, which is sent by the terminal; and if the FIDO UAF identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication, performing S104.
If the server determines that the user has not paid for the pay file, the user may be allowed to make a payment for the pay file before the content information for the pay file may be provided to the user.
The user can send payment request information to the charging file through the terminal, the payment request information carries FIDO UAF identity information of the user, and the FIDO UAF identity information of the user includes: fingerprint/face/iris and other biological characteristic information, and common account password login and other information. Preferably, the current mainstream biological feature identification modes such as fingerprint identification and face identification and the TEE mode are adopted, identification is directly carried out through the fingerprint or face mode and the like, a dynamic password does not need to be manually input, the use is convenient and fast, the user experience is better, and the identity authentication method based on the multiple biological feature identification modes is suitable for different internet terminals, has strong universality and can be widely applied to multiple scenes.
Specifically, the user can send the payment-requesting information for the charging file through the document management relying party client in the terminal.
The server can confirm whether the FIDO UAF identity information of the user to be authenticated carried in the payment request information passes the authentication, and if the FIDO UAF identity information passes the authentication, the server determines that the user has paid for the charging file.
If the server may store a list of users who paid for the charging file, the server may update the list of users according to the paid users.
The server determines whether the FIDO UAF identity information of the user to be authenticated is authenticated according to the identity authentication result of the user sent by the terminal, or according to the identity information of the user stored by the server.
If the authentication is determined according to the identity authentication result sent by the terminal to the user, determining that the FIDO UAF identity information authentication of the user to be authenticated carried in the payment request information passes the following steps:
if the information that the user authentication is passed and sent by the terminal is received, determining that the FIDO UAF identity information of the user to be authenticated is passed; the authenticator in the terminal judges whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDO UAF identity information stored by an ASM (Automatic Storage Management) module in the terminal, and if so, the authenticator determines that the user passes the authentication.
The terminal is provided with an ASM module and an authenticator, wherein the number of the ASM module can be one or more, and the number of the authenticator can be one or more.
The process that the authenticator in the terminal judges whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDO UAF identity information stored by the ASM module in the terminal can be realized by adopting the prior art, and details are not repeated in the embodiment of the present invention.
S104: and providing the content information of the charging file to enable the user to view the content information of the charging file.
If the server determines that the user has paid for the subscription file, the content information of the subscription file may be provided.
Specifically, the server provides the content information of the charging file, which may be sending the content information of the charging file to the terminal, after the content information of the charging file is received by the terminal, if the charging file is a character, the content information of the charging file is displayed for the user, and if the charging file is music or video, the content information of the charging file is played for the user.
In the embodiment of the invention, the server receives the content viewing request of the user for the charging file, provides the content information of the charging file for the user after determining that the user does not pay for the charging file and determines that the user sending the information requesting the payment of the charging file passes the FIDO UAF identity information authentication, thereby avoiding the free reading of the charging file and the leakage of the file privacy and ensuring the safety management of the charging file.
Example 2:
on the basis of the foregoing embodiment, in the embodiment of the present invention, the receiving a content viewing request of a user for a charging file includes:
receiving a file viewing request of the user sent by a terminal, and sending a file list to the terminal;
and receiving a content viewing request of the user for the charging file in the file list.
To enhance the user's experience, the server may provide the user with a list of files from which the user may select the file that the user wants to view.
The user may send a file viewing request to the server through the terminal, and specifically, the file viewing request may be a request initiated by the terminal to access the file management system, and thus may be understood as a request initiated by the client to access the file management system of the relying party server. Specifically, a user may access a website or an interface of a corresponding file management system through a terminal to implement a file viewing request and the like for a server, that is, the file viewing request carries the website or the interface of the corresponding file management system.
After receiving a file viewing request of a user sent by a terminal, a server may determine a file list corresponding to a website or an interface of a file management system according to the website or the interface of the file management system carried in the file viewing request, that is, a file list included in the file management system.
The server sends the determined file list to the terminal, after the terminal receives the file list, the terminal can display the file list to a user for viewing, after the user views the file list through the terminal, the user can select a file with the content to be viewed from the file list according to the use requirement of the user, and the file is selected by the user through selection operations such as clicking, pressing, double clicking and the like.
The terminal can send the content viewing request carrying the identification information of the user and the identification information of the file to the server after identifying the file selected by the user, and if the file selected by the user is a payment file, the terminal sends the content viewing request carrying the identification information of the user and the identification information of the payment file to the server.
The server may receive a content viewing request from the user for a paid-for file in the file list.
In the embodiment of the invention, the user can select the file which the user wants to view the content from the file list provided by the server, so that the user experience is further improved.
Example 3:
on the basis of the foregoing embodiments, in an embodiment of the present invention, after receiving a content viewing request for a charging file sent by a terminal and before determining whether the user has paid for the charging file, the method further includes:
judging whether information that the FIDO UAF identity authentication login of the user is completed and sent by an FIDO server is received;
if yes, the subsequent steps are carried out.
In order to further avoid the charged file from being read free of charge, after the server receives the content checking request of the user for the charged file, whether the user pays for the charged file may be determined only after the user completes FIDO UAF identity authentication login.
FIDO technology is gaining increasing attention. The FIDO technology integrates a fingerprint face iris and other biological feature identification modes, a TEE authentication technology and a common authentication technology, fully utilizes the safety capacity embedded in the existing hardware equipment, can ensure the safety and reliability of identity authentication, can realize the safe and effective management of wealth payment accounts and the like, and can be widely applied to various scenes.
The user can log in to initiate a login request when using a document management relying party client of the terminal, and can input fingerprint/face/iris and other biological characteristic information and common account password login and other information during login.
When a user initiates a login request through a terminal, the FIDO UAF identity authentication login can be performed on the user through the FIDO server, at the moment, the terminal can be connected with the FIDO server to directly perform communication, so that the information during login is sent to the FIDO server, the terminal can be indirectly communicated with the FIDO server through server connection, so that the information during login is sent to the FIDO server and the like.
The FIDO server may perform FIDO UAF identity authentication login for the user, and the process of the FIDO performing FIDO UAF identity authentication login for the user may specifically be to complete authentication by means of biometric identification, common account password verification, and the like, and the process belongs to the prior art, and is not described in detail in the embodiments of the present invention.
If the FIDO UAF identity authentication of the user passes, the FIDO server determines that FIDO UAF identity authentication login of the user is completed, FIDO sends information that the FIDO UAF identity authentication login of the user is completed to the server, and after the server receives the information that the FIDO UAF identity authentication login of the user is completed, the server determines that the user is in a login state, and then a subsequent judgment process of whether the user pays the charging file can be carried out, so that the charging file is further prevented from being freely read.
If the server does not receive the information that the user has finished FIDO UAF identity authentication login, the user is determined not to be in a login state, and in order to save processing resources of the server, a subsequent judgment process of whether the user pays for the charging file or not can be omitted.
The FIDO server can also send FIDO UAF identity authentication login information of the user to the terminal after determining that FIDO UAF identity authentication login of the user is completed, so that the user using the terminal determines the FIDO UAF identity authentication login information.
In the embodiment of the invention, after the server can receive the content checking request of the user to the charging file, whether the user pays the fee to the charging file can be judged only after whether the user completes FIDO UAF identity authentication login, and the charging file is further prevented from being read free.
Example 4:
on the basis of the foregoing embodiments, in the embodiments of the present invention, before the determining whether the information that the FIDO server sends the information that the user has completed FIDO UAF authentication login is received, the method further includes:
judging whether the user carries out FIDO registration or not;
if yes, carrying out the subsequent steps;
and if not, performing FIDO UAF registration and performing subsequent steps.
In order to further avoid the toll-free file being read, the server may determine whether the user has completed FIDO UAF authentication login after determining that the user has performed FIDO registration.
Before a user initiates a login request at a document management relying party client using a terminal, a server may first determine whether the user has performed FIDO registration, for example, after receiving a file viewing request of the user sent by the terminal, the server may determine whether the user has performed FIDO registration before receiving a content viewing request of the user for a charging file, or after receiving a content viewing request of the user for a charging file, the server may determine whether the user has performed FIDO registration.
The information identified by the FIDO server when performing FIDO UAF identity authentication login on the user can be partially or completely the same as the information of FIDO registration on the user, preferably, the information of FIDO registration on the user comprises biological characteristic information such as fingerprints/faces/irises and the like and information of common account password login and the like, and the information of fingerprint/faces/irises and the like identified by the FIDO server when performing FIDO UAF identity authentication login on the user and/or information of common account password login and the like.
The server may store identification information indicating whether the user has registered, so that the server may determine whether the user has registered, and may determine whether the user has registered FIDO according to whether the file viewing request sent by the user and the content viewing request for the charging file carry or not the identification information of the user, and if the user has not registered and logged in, the file viewing request sent by the user and the content viewing request for the charging file do not carry or not the identification information of the user.
And after judging whether the user performs FIDO registration or not, the server executes different processes according to different judgment results.
If the server determines that the user has performed FIDO registration, the subsequent FIDO server can directly perform the judgment process of identity authentication login of the FIDO UAF of the user.
If the server determines that the user does not perform FIDO registration, FIDO UAF registration can be performed on the user first, and after FIDO UAF registration is completed, a subsequent judgment process that the FIDO server performs identity authentication login on the FIDO UAF of the user is performed.
The FIDO UAF registration process of the user can be completed on the server, or can be completed on the FIDO server, if the FIDO registration process is completed on the server, the information of the FIDO UAF registration of the user can be sent to the FIDO server, so that the subsequent FIDO UAF identity authentication login of the user can be performed; if the FIDO server is used, the server can send the information that the user needs to perform FIDO UAF registration to the FIDO server, and the FIDO server performs FIDO UAF registration of the subsequent user.
The process of performing FIDO UAF registration belongs to the prior art, and is not described in detail in the embodiments of the present invention.
In the embodiment of the invention, the server can judge whether the user completes FIDO UAF identity authentication login after determining that the user performs FIDO registration, thereby further avoiding the toll file from being read free.
Example 5:
on the basis of the foregoing embodiments, in an embodiment of the present invention, after receiving a content viewing request for a charging file sent by a terminal and before determining whether the user has paid for the charging file, the method further includes:
judging whether the user is the owner of the charging file;
if not, the subsequent steps are carried out.
In order to prevent the fee-charging file from being read free of charge, the server may determine whether the user pays for the fee-charging file for a user who is not the owner of the fee-charging file, and may further ensure the privacy of the owner of the fee-charging file.
Each file and the owner corresponding to the file may be stored in the server, and the owner of the file may be an uploader of the file or a creator of the file.
And when the server determines that the user is not the owner of the charging file, the server continuously judges whether the charging file is paid or not.
The server may provide the user with the content information of the file directly when it is determined that the user is the owner of the chargeable file.
Example 6:
on the basis of the foregoing embodiments, in an embodiment of the present invention, before the receiving a content viewing request of a user for a charging file sent by a terminal, the method further includes:
verifying whether the SM2 certificate of the terminal is legal;
if yes, the subsequent steps are carried out.
The SM2 Certificate is a public SM2 algorithm Certificate of the FIDO server, which is applied by the terminal to a CA (Certificate Authority) through a usb key.
In order to further ensure the security of the charging file and avoid the situation that the security of a national secret certificate issued by a non-CA non-formal mechanism cannot be ensured, the PKI technology in the embodiment of the invention adopts the national secret SM2 certificate issued by a formal CA mechanism, the processes of encryption, decryption, signature verification and the like in an FIDO protocol are all modified by using a national secret algorithm, the security reinforcement is further carried out on the system, and the security is higher.
The process of the public SM2 algorithm certificate of the FIDO server applied by the terminal to the CA through the USBKey belongs to the prior art, and is not described in detail in the embodiment of the invention. Specifically, the public SM2 algorithm certificate of the FIDO server to which the terminal applies to the CA may be a public key certificate, and a private key certificate corresponding to the public key certificate is correspondingly stored in the server.
The method comprises the steps that a content checking request of a user for a charging file carries an SM2 certificate, a server judges whether an SM2 certificate of the terminal is legal or not before receiving the content checking request of the user for the charging file sent by the terminal, if the SM2 certificate is legal, the SM2 certificate is determined to be a certificate issued by a regular CA organization, a subsequent process is carried out, if the SM2 certificate is illegal, the certificate issued by a non-regular structure is determined, the subsequent process is not carried out, namely, after the SM2 certificate passes the legal authentication, the subsequent steps of normally receiving and sending data can be carried out.
When the server judges whether the SM2 certificate of the terminal is legal, the server issues the public key certificate of the server to the client, the client initiates a request to the server, the server signs the request by using a private key, the signature is sent to the client after the signature is finished, the client checks the signature by taking the public key certificate, and the public key certificate is legal after the verification is passed, the SM2 certificate of the terminal can be directly judged by the server, and the embodiment of the invention is not limited.
The foregoing embodiments are described below with reference to a specific embodiment, and as shown in fig. 2, the structure diagram of a file viewing system is shown, where the file viewing system includes a CA, a document management relying party server, i.e., a server, a FIDO server, and a terminal, and the terminal includes a document management relying party client, an ASM module, and an authenticator, where the authenticator includes an authenticator 1, an authenticator 2, and an authenticator 3.
Fig. 3 is a schematic flow chart of file viewing based on fig. 2, which includes the following steps:
step 1: the document management relying party client uses a state secret SM2 algorithm certificate of the FIDO server applied to the CA by the USBKey, the CA exports the SIM2 certificate, namely a public key certificate, and writes the SIM1 certificate, namely a private key certificate, into the terminal, and exports the SIM1 certificate, namely a private key certificate, and writes the SIM2 certificate into the server.
Step 2: the document management relying party client initiates a file viewing request of a user.
And step 3: the document management relying party server judges whether the SIM2 certificate verification is passed; if yes, go to step 4, if no, return to step 1.
And 4, step 4: the document management relying party server judges whether the user performs FIDO registration; if yes, performing step 5; if not, performing FIDO UAF registration and performing the step 5.
And 5: the FIDO server performs FIDO UAF identity authentication login of the user, if so, the information that the user completes the FIDO UAF identity authentication login is sent to the document management relying party server, and if not, the information is not sent to the document management relying party server.
Step 6: the document management relying party server judges whether the user is logged in successfully, if so, the step 7 is carried out; if not, returning to the step 5.
And if the information that the user completes FIDO UAF identity authentication login is received, the document management relying party server determines that the user successfully logs in, and if the information is not received, the document management relying party server determines that the user does not successfully log in.
And 7: the document management relying party server sends the file list to the document management relying party client, and the document management relying party client displays the file list.
And 8: the user clicks and selects a file to be viewed in the file list, and the document management relying party client sends a content viewing request of the charging file to the document management relying party server.
And step 9: the document management relying party server judges whether the user needs to pay for the charging file, if so, the step 11 is carried out; if not, go to step 10.
The document management relying party server determines whether the user needs to pay for the charge file by determining whether the user has paid for the charge file.
Step 10: receiving payment request information of the user to the charging file, which is sent by the terminal; and if the identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication of the UAF (fast online identity authentication, FIDO) identity authentication protocol, the step 11 is carried out.
Step 11: providing content information of the billing file.
In the embodiment of the invention, the FIDO protocol is reformed by using a state secret algorithm, the identity verification between client servers is carried out by using a state secret certificate, the file management system is designed, and the FIDO identity authentication technology and the PKI technology are combined and applied to the file system, so that the file management system is mainly used for ensuring the security of file access and account and the convenience of file management.
Example 7:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides a file viewing system, in which a server is specifically a document server, as shown in fig. 4, the file viewing system includes a terminal 401 and a document server 402; wherein the content of the first and second substances,
the terminal 401 is configured to send a content viewing request of a user for a charging file to the document server 402; sending request payment information of the user for the charging file to the document server 402, wherein the request payment information carries FIDO UAF identity information of the user to be authenticated; receiving the content information of the charging file sent by the document server 402, so that the user can view the content information of the charging file;
the document server 402 is configured to receive a content viewing request of the user for the charging file, and determine whether the user has paid for the charging file; if not, receiving the payment request information of the user to the charging file; and if the FIDO UAF identity information of the user to be authenticated is determined to pass the authentication, sending the content information of the charging file to the terminal 401.
The terminal is specifically configured to send a file viewing request of the user to the document server, and receive a file list sent by the document server; sending a content viewing request of the user for the charging files in the file list to the document server;
the document server is specifically configured to receive a file viewing request of the user, and send a file list to the terminal; and receiving a content viewing request of the user for the charging files in the file list.
The terminal is further used for judging whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDO UAF identity information stored by an Automatic Storage Management (ASM) module in the terminal by an authenticator in the terminal, and if so, determining that the user passes the authentication; sending the information that the user passes the authentication to the document server;
the document server is specifically configured to determine that the FIDO UAF identity information of the user to be authenticated passes authentication if the information that the user passes authentication is received.
As shown in fig. 5, the system further includes: the FIDO server 503;
the FIDO server 503 is configured to perform information of FIDO UAF authentication login for the user, and if authentication is completed, send the information that the user has completed FIDO UAF authentication login to the document server;
the document server is also used for judging whether the information that the FIDO server sends the FIDO information that the user finishes FIDO UAF identity authentication login is received after receiving a content checking request of the user to the charging file sent by the terminal; if yes, judging whether the user pays for the charging file.
The document server is further used for judging whether the user is the owner of the charging file after receiving a content checking request of the charging file sent by the terminal; if not, judging whether the user pays for the charging file.
As shown in fig. 6, the system further includes: a CA 604;
the terminal applies for a state secret SM2 algorithm certificate of the FIDO server to a certificate authority CA through a USBKey;
the document server is also used for verifying whether the SM2 certificate of the terminal is legal; if yes, judging whether the user pays for the charging file.
The document server is also used for judging whether the user carries out FIDO registration; and if so, receiving a content viewing request of the user for the charging file sent by the terminal.
In the embodiment of the invention, the document server provides the content information of the charging file for the user after receiving the content viewing request of the user for the charging file, if the user is determined not to pay for the charging file and the user sending the information requesting the charging file is determined to pass FIDOUAF identity information authentication, so that the charging file is prevented from being read free and the privacy of the file is prevented from being leaked, and the safety management of the charging file is ensured.
Example 8:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides a server 700, as shown in fig. 7, including: the system comprises a processor 701, a communication interface 702, a memory 703 and a communication bus 704, wherein the processor 701, the communication interface 702 and the memory 703 complete mutual communication through the communication bus 704;
the memory 703 has stored therein a computer program which, when executed by the processor 701, causes the processor 701 to perform any of the embodiments described above.
The server provided by the embodiment of the invention can be a desktop computer, a server, network side equipment and the like.
The communication bus mentioned in the above server may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface 702 is used for communication between the above-described server and other devices.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Alternatively, the memory may be at least one memory device located remotely from the processor.
The processor may be a general-purpose processor, including a central processing unit, a Network Processor (NP), and the like; but may also be a Digital instruction processor (DSP), an application specific integrated circuit, a field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or the like.
In the embodiment of the invention, when the processor executes the program stored in the memory, the content viewing request of the user for the charging file is received, if the user is determined not to pay for the charging file and the user sending the information requesting the payment for the charging file is determined to pass FIDO UAF identity information authentication, the content information of the charging file is provided for the user, the charging file is prevented from being read free and the privacy of the file is prevented from being leaked, and the safety management of the charging file is ensured.
Example 9:
on the basis of the foregoing embodiments, an embodiment of the present invention further provides a computer storage readable storage medium, in which a computer program executable by a server is stored, and when the program runs on the server, the server is caused to implement any of the foregoing embodiments when executed.
The computer readable storage medium may be any available medium or data storage device that can be accessed by a processor in a server, including but not limited to magnetic memory such as a floppy disk, a hard disk, magnetic tape, a magneto-optical disk (MO), etc., optical memory such as a CD, DVD, BD, HVD, etc., and semiconductor memory such as a ROM, EPROM, EEPROM, nonvolatile memory (NANDFLASH), a Solid State Disk (SSD), etc.
The computer readable storage medium provided by the embodiment of the invention stores a computer program, when the computer program is executed by a processor, the content information of the charging file is provided for a user after the content viewing request of the user for the charging file is received, if the user is determined not to pay for the charging file, and the user sending the payment request information for the charging file is determined to pass FIDO UAF identity information authentication, so that the charging file is prevented from being read free, the privacy of the file is prevented from being leaked, and the safety management of the charging file is ensured.
Fig. 8 is a schematic diagram of a file viewing apparatus according to an embodiment of the present invention, which is applied to a server, and the apparatus includes:
a receiving module 801, configured to receive a content viewing request of a user for a charging file sent by a terminal;
a judging module 802, configured to judge whether the user pays for the charging file;
a transmission module 803, configured to receive payment request information of the user for the charging file sent by the terminal when the determination result of the first determining module 802 is negative; and if the identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication of the UAF (fast online identity authentication) identity authentication protocol of the user to be authenticated, providing the content information of the charging file, and enabling the user to check the content information of the charging file.
The receiving module 801 is specifically configured to receive a file viewing request of the user sent by a terminal, and send a file list to the terminal; and receiving a content viewing request of the user for the charging file in the file list.
The determining module 802 is further configured to determine whether information that the FIDO UAF identity authentication login of the user is completed, which is sent by the FIDO server, is received after receiving a content checking request of the user for the charging file, which is sent by the terminal; if yes, judging whether the user pays for the charging file.
The determining module 802 is further configured to determine whether the user performs FIDO registration; if so, judging whether the information that the FIDO UAF identity authentication login of the user is completed and sent by the FIDO server is received; and if not, performing FIDO UAF registration, and judging whether the information that the user finishes FIDO UAF identity authentication login sent by the FIDO server is received.
The determining module 802 is further configured to determine whether the user is an owner of the charging file after receiving a content checking request of the charging file sent by the terminal from the user; if not, judging whether the user pays for the charging file.
The determining module 802 is further configured to verify whether the SM2 certificate of the terminal is legal; and if so, receiving a content viewing request of the user for the charging file sent by the terminal.
The SM2 certificate is a SM2 cryptographic algorithm certificate of the FIDO server applied by the terminal to the certificate authority CA through the USBKey.
The transmission module 803 is specifically configured to determine that the FIDO UAF identity information of the user to be authenticated passes authentication if the information that the user authentication sent by the terminal passes is received; the authenticator in the terminal judges whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDO UAF identity information stored by the automatic storage management ASM module in the terminal, and if so, the user authentication is determined to pass.
In the embodiment of the invention, the server receives the content viewing request of the user for the charging file, if the user is determined not to pay for the charging file and the user sending the information requesting the charging file is determined to pass FIDO UAF identity information authentication, the content information of the charging file is provided for the user, so that the charging file is prevented from being read free and causing property loss of a file owner, and the safety management of the charging file is ensured.
For the system/apparatus embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference may be made to some descriptions of the method embodiments for relevant points.
It is to be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or operation from another entity or operation without necessarily requiring or implying any actual such relationship or order between such entities or operations.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (19)
1. A file viewing method is applied to a server, and comprises the following steps:
receiving a content viewing request of a user for a charging file sent by a terminal;
judging whether the user pays for the charging file or not;
if not, receiving the payment request information of the user to the charging file, which is sent by the terminal; and if the identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication of the UAF (fast online identity authentication) identity authentication protocol of the user to be authenticated, providing the content information of the charging file, and enabling the user to check the content information of the charging file.
2. The method of claim 1, wherein receiving a user's content viewing request for a billing file comprises:
receiving a file viewing request of the user sent by a terminal, and sending a file list to the terminal;
and receiving a content viewing request of the user for the charging file in the file list.
3. The method as claimed in claim 1, wherein after the receiving terminal sends the user's request for viewing the content of the charging file, before the determining whether the user pays for the charging file, the method further comprises:
judging whether information that the FIDO UAF identity authentication login of the user is completed and sent by an FIDO server is received;
if yes, the subsequent steps are carried out.
4. The method as claimed in claim 3, wherein before the determining whether the information sent by the FIDO server that the user has completed FIDO UAF authentication login is received, the method further comprises:
judging whether the user carries out FIDO registration or not;
if yes, carrying out the subsequent steps;
and if not, performing FIDO UAF registration and performing subsequent steps.
5. The method as claimed in claim 1, wherein after the receiving terminal sends the user's request for viewing the content of the charging file, before the determining whether the user pays for the charging file, the method further comprises:
judging whether the user is the owner of the charging file;
if not, the subsequent steps are carried out.
6. The method according to any one of claims 3 to 5, wherein the method further comprises, before the receiving the request for viewing the content of the charging file by the user sent by the terminal:
verifying whether the SM2 certificate of the terminal is legal;
if yes, the subsequent steps are carried out.
7. The method of claim 6, wherein the SM2 certificate is a SM2 cryptographic algorithm certificate of a FIDO server that the terminal applies for from a Certificate Authority (CA) through a USBKey.
8. The method of claim 1, wherein determining that FIDO UAF identity information of the user to be authenticated carried in the requested payment information is authenticated comprises:
if the information that the user authentication is passed and sent by the terminal is received, determining that the FIDO UAF identity information of the user to be authenticated is passed; the authenticator in the terminal judges whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDO UAF identity information stored by the automatic storage management ASM module in the terminal, and if so, the user authentication is determined to pass.
9. A file viewing device applied to a server, the device comprising:
the receiving module is used for receiving a content viewing request of a user for the charging file, which is sent by the terminal;
the judging module is used for judging whether the user pays for the charging file;
the transmission module is used for receiving the payment request information of the user to the charging file, which is sent by the terminal, when the judgment result of the first judgment module is negative; and if the identity information of the user to be authenticated carried in the payment request information is determined to pass the authentication of the UAF (fast online identity authentication) identity authentication protocol of the user to be authenticated, providing the content information of the charging file, and enabling the user to check the content information of the charging file.
10. The apparatus according to claim 9, wherein the receiving module is specifically configured to receive a file viewing request of the user sent by a terminal, and send a file list to the terminal; and receiving a content viewing request of the user for the charging file in the file list.
11. The apparatus of claim 9, wherein the determining module is further configured to determine whether information that the FIDO server sends the information that the FIDO server completes fidooaf authentication login is received after receiving a content viewing request of the user for the charging file sent by the terminal; if yes, judging whether the user pays for the charging file;
the judging module is also used for judging whether the user is the owner of the charging file after receiving a content checking request of the charging file sent by the terminal; if not, judging whether the user pays for the charging file;
the judging module is further configured to verify whether the SM2 certificate of the terminal is legal; if yes, receiving a content viewing request of the user for the charging file sent by the terminal; the SM2 certificate is a SM2 cryptographic algorithm certificate of the FIDO server applied by the terminal to a certificate authority CA through a USBKey.
12. The apparatus of claim 11, wherein the determining module is further configured to determine whether the user is FIDO registered; if so, judging whether the information that the FIDO UAF identity authentication login of the user is completed and sent by the FIDO server is received; and if not, performing FIDO UAF registration, and judging whether the information that the user finishes FIDO UAF identity authentication login sent by the FIDO server is received.
13. The apparatus according to claim 11, wherein the transmission module is specifically configured to determine that the FIDO UAF identity information of the user to be authenticated is authenticated if the information that the user sent by the terminal is authenticated is received; the authenticator in the terminal judges whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDOUAF identity information stored by the automatic storage management ASM module in the terminal, and if so, the user authentication is determined to pass.
14. A server, comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
the memory has stored therein a computer program which, when executed by the processor, causes the processor to carry out the steps of the method of any one of claims 1 to 8.
15. A computer-readable storage medium, in which a computer program executable by a server is stored, which program, when run on the server, causes the server to carry out the steps of the method according to any one of claims 1 to 8.
16. A file viewing system is characterized by comprising a terminal and a server; wherein the content of the first and second substances,
the terminal is used for sending a content viewing request of a user for the charging file to the server; sending the payment request information of the user to the charging file to the server, wherein the payment request information carries the identity information of a fast online identity authentication FIDO identity authentication protocol UAF of the user to be authenticated; receiving the content information of the charging file sent by the server, and enabling the user to check the content information of the charging file;
the server is used for receiving a content viewing request of the user for the charging file and judging whether the user pays for the charging file; if not, receiving the payment request information of the user to the charging file; and if the FIDO UAF identity information of the user to be authenticated is determined to pass the authentication, sending the content information of the charging file to the terminal.
17. The system according to claim 16, wherein the terminal is specifically configured to send a file viewing request of the user to the server, and receive a file list sent by the server; sending a content viewing request of the user for the charging files in the file list to the server;
the server is specifically configured to receive a file viewing request of the user, and send a file list to the terminal; receiving a content viewing request of the user for the charging files in the file list;
the terminal is further used for judging whether the FIDO UAF identity information of the user to be authenticated passes the authentication according to the FIDO UAF identity information stored by an Automatic Storage Management (ASM) module in the terminal by an authenticator in the terminal, and if so, determining that the user passes the authentication; sending the information that the user passes the authentication to the server;
the server is specifically configured to determine that the FIDO UAF identity information of the user to be authenticated passes authentication if the information that the user passes authentication is received.
18. The system of claim 16, wherein the system further comprises: a FIDO server;
the FIDO server is used for carrying out FIDO UAF identity authentication login information on the user, and if authentication is completed, the FIDO UAF identity authentication login information of the user is sent to the server;
the server is also used for judging whether the information that the FIDO server sends the FIDO that the user finishes FIDO UAF identity authentication login is received after receiving the content checking request of the user to the charging file sent by the terminal; if yes, judging whether the user pays for the charging file;
the server is also used for judging whether the user is the owner of the charging file after receiving a content checking request of the charging file sent by the terminal; if not, judging whether the user pays for the charging file;
the system further comprises: a certificate authority CA;
the server is also used for verifying whether the SM2 certificate of the terminal is legal; and if so, receiving a content viewing request of the user to the charging file sent by the terminal, wherein the SM2 certificate is a SM2 cryptographic algorithm certificate of the FIDO server applied to the CA by the terminal through the USBKey.
19. The system of claim 18, wherein the server is further configured to determine whether the user is FIDO registered; if so, judging whether the information that the FIDO UAF identity authentication login of the user is completed and sent by the FIDO server is received.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811505348.0A CN111291329B (en) | 2018-12-10 | 2018-12-10 | File viewing method, device, system, server and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811505348.0A CN111291329B (en) | 2018-12-10 | 2018-12-10 | File viewing method, device, system, server and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111291329A true CN111291329A (en) | 2020-06-16 |
| CN111291329B CN111291329B (en) | 2023-08-18 |
Family
ID=71028962
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811505348.0A Active CN111291329B (en) | 2018-12-10 | 2018-12-10 | File viewing method, device, system, server and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111291329B (en) |
Citations (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007206850A (en) * | 2006-01-31 | 2007-08-16 | Casio Comput Co Ltd | Login management device and program |
| CN101119193A (en) * | 2006-08-02 | 2008-02-06 | 成都若谷科技开发有限公司 | Digital player with copyright protection and its complement software |
| WO2008059559A1 (en) * | 2006-11-13 | 2008-05-22 | Pioneer Corporation | Content distributing apparatus, content reproducing apparatus, content distributing method, content reproducing method, content distributing program, content reproducing program and computer-readable recording medium |
| CN102149064A (en) * | 2011-01-26 | 2011-08-10 | 宇龙计算机通信科技(深圳)有限公司 | Charging authentication method, mobile terminal and charging authentication server |
| CN102970299A (en) * | 2012-11-27 | 2013-03-13 | 西安电子科技大学 | File safe protection system and method thereof |
| CN103377321A (en) * | 2012-04-24 | 2013-10-30 | 中兴通讯股份有限公司 | DRM (digital rights management) file processing method, terminal device and cloud |
| CN103455735A (en) * | 2013-09-03 | 2013-12-18 | 百度在线网络技术(北京)有限公司 | Electronic payment document processing method and device |
| US20150106882A1 (en) * | 2012-06-29 | 2015-04-16 | Huawei Technologies Co., Ltd. | Method and device for identity authentication |
| CN105554013A (en) * | 2015-12-30 | 2016-05-04 | 深圳数字电视国家工程实验室股份有限公司 | Separate identity authentication apparatus based on USB device, system and method |
| CN105657468A (en) * | 2015-12-30 | 2016-06-08 | 深圳数字电视国家工程实验室股份有限公司 | FIDO remote controller, television payment system and television payment method |
| CN105743903A (en) * | 2016-03-07 | 2016-07-06 | 读者出版传媒股份有限公司 | Audio digital rights management method and system, intelligent terminal and authentication server |
| CN105827571A (en) * | 2015-01-06 | 2016-08-03 | 华为技术有限公司 | UAF (Universal Authentication Framework) protocol based multi-modal biological characteristic authentication method and equipment |
| CN106485486A (en) * | 2015-08-28 | 2017-03-08 | 三星电子株式会社 | The method for processing payment information of electronic equipment and device |
| CN107506619A (en) * | 2017-08-16 | 2017-12-22 | 创元网络技术股份有限公司 | DRM Q digital literary property protection methods and system |
| CN206962853U (en) * | 2017-07-11 | 2018-02-02 | 上海互啊佑智能科技有限公司 | The identity authorization system without close fingerprint recognition based on FIDO UAF |
| KR20180017734A (en) * | 2016-08-10 | 2018-02-21 | 삼성에스디에스 주식회사 | System and method for authentication, user terminal, authentication server and service server for executing the same |
| US20180097640A1 (en) * | 2016-09-13 | 2018-04-05 | Michael Queralt | Mobile Authentication Interoperability For Digital Certificates |
| KR20180087739A (en) * | 2017-01-25 | 2018-08-02 | 주식회사 하이마루 | A FIDO authentication device capable of identity confirmation or non-repudiation and the method thereof |
-
2018
- 2018-12-10 CN CN201811505348.0A patent/CN111291329B/en active Active
Patent Citations (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007206850A (en) * | 2006-01-31 | 2007-08-16 | Casio Comput Co Ltd | Login management device and program |
| CN101119193A (en) * | 2006-08-02 | 2008-02-06 | 成都若谷科技开发有限公司 | Digital player with copyright protection and its complement software |
| WO2008059559A1 (en) * | 2006-11-13 | 2008-05-22 | Pioneer Corporation | Content distributing apparatus, content reproducing apparatus, content distributing method, content reproducing method, content distributing program, content reproducing program and computer-readable recording medium |
| CN102149064A (en) * | 2011-01-26 | 2011-08-10 | 宇龙计算机通信科技(深圳)有限公司 | Charging authentication method, mobile terminal and charging authentication server |
| CN103377321A (en) * | 2012-04-24 | 2013-10-30 | 中兴通讯股份有限公司 | DRM (digital rights management) file processing method, terminal device and cloud |
| US20150106882A1 (en) * | 2012-06-29 | 2015-04-16 | Huawei Technologies Co., Ltd. | Method and device for identity authentication |
| CN102970299A (en) * | 2012-11-27 | 2013-03-13 | 西安电子科技大学 | File safe protection system and method thereof |
| CN103455735A (en) * | 2013-09-03 | 2013-12-18 | 百度在线网络技术(北京)有限公司 | Electronic payment document processing method and device |
| CN105827571A (en) * | 2015-01-06 | 2016-08-03 | 华为技术有限公司 | UAF (Universal Authentication Framework) protocol based multi-modal biological characteristic authentication method and equipment |
| CN106485486A (en) * | 2015-08-28 | 2017-03-08 | 三星电子株式会社 | The method for processing payment information of electronic equipment and device |
| CN105657468A (en) * | 2015-12-30 | 2016-06-08 | 深圳数字电视国家工程实验室股份有限公司 | FIDO remote controller, television payment system and television payment method |
| CN105554013A (en) * | 2015-12-30 | 2016-05-04 | 深圳数字电视国家工程实验室股份有限公司 | Separate identity authentication apparatus based on USB device, system and method |
| CN105743903A (en) * | 2016-03-07 | 2016-07-06 | 读者出版传媒股份有限公司 | Audio digital rights management method and system, intelligent terminal and authentication server |
| KR20180017734A (en) * | 2016-08-10 | 2018-02-21 | 삼성에스디에스 주식회사 | System and method for authentication, user terminal, authentication server and service server for executing the same |
| US20180097640A1 (en) * | 2016-09-13 | 2018-04-05 | Michael Queralt | Mobile Authentication Interoperability For Digital Certificates |
| KR20180087739A (en) * | 2017-01-25 | 2018-08-02 | 주식회사 하이마루 | A FIDO authentication device capable of identity confirmation or non-repudiation and the method thereof |
| CN206962853U (en) * | 2017-07-11 | 2018-02-02 | 上海互啊佑智能科技有限公司 | The identity authorization system without close fingerprint recognition based on FIDO UAF |
| CN107506619A (en) * | 2017-08-16 | 2017-12-22 | 创元网络技术股份有限公司 | DRM Q digital literary property protection methods and system |
Non-Patent Citations (2)
| Title |
|---|
| 叶建清;戴斌;黄鹤汶;黎楚婵;: "FIDO UAF协议对移动支付部署生物识别技术的启示", no. 02 * |
| 薛倩: "《UAF 身份 登录-20-读秀》", 北京:冶金工业出版社, pages: 70 - 71 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111291329B (en) | 2023-08-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102044751B1 (en) | Method for providing reward according to user authentication based on blockchain | |
| CN110692228B (en) | Method and equipment for protecting transaction activity sensitive data based on intelligent contracts in blockchain | |
| CN110537195B (en) | Method for permitting card use and server using same | |
| US11689370B2 (en) | Dynamic management and implementation of consent and permissioning protocols using container-based applications | |
| US10878066B2 (en) | System and method for controlled access to application programming interfaces | |
| EP3100171B1 (en) | Client authentication using social relationship data | |
| WO2017197974A1 (en) | Biometric characteristic-based security authentication method, device and electronic equipment | |
| US20080294894A1 (en) | Binding Content Licenses to Portable Storage Devices | |
| CN110011957B (en) | Security authentication method and device for enterprise account, electronic equipment and storage medium | |
| CN111292174A (en) | Tax payment information processing method and device and computer readable storage medium | |
| CN111832005B (en) | Application authorization method, application authorization device and electronic equipment | |
| CN111143822A (en) | Application system access method and device | |
| CN110599311A (en) | Resource processing method and device, electronic equipment and storage medium | |
| CN110599140B (en) | Digital currency verification method and system | |
| CN109741070B (en) | Account management method and device based on network certificate | |
| CN111553788B (en) | Capital business processing method and device based on big data, electronic equipment and medium | |
| CN111444284A (en) | Intellectual property trading method, system, equipment and computer readable storage medium based on block chain | |
| CN116628652A (en) | Authentication method and device for financial system, electronic equipment and storage medium | |
| CN111291329B (en) | File viewing method, device, system, server and readable storage medium | |
| CN106533685B (en) | Identity authentication method, device and system | |
| CN111415148A (en) | Method and device for non-inductive payment, electronic equipment and storage medium | |
| CN112836195B (en) | Password modification method and device for enterprise bank authentication medium | |
| CN112712365B (en) | Processing method and device for digital certificate | |
| KR101918553B1 (en) | Agent authentication method and apparatus | |
| CN117499122A (en) | Data access method, system, electronic device, storage medium and program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |