CN111431890A - Low-overhead intermediate server proxy transmission authentication method and device - Google Patents

Low-overhead intermediate server proxy transmission authentication method and device Download PDF

Info

Publication number
CN111431890A
CN111431890A CN202010198895.XA CN202010198895A CN111431890A CN 111431890 A CN111431890 A CN 111431890A CN 202010198895 A CN202010198895 A CN 202010198895A CN 111431890 A CN111431890 A CN 111431890A
Authority
CN
China
Prior art keywords
server
client
signature
intermediate server
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010198895.XA
Other languages
Chinese (zh)
Other versions
CN111431890B (en
Inventor
冯杰
周谊成
李嘉伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Ruilisi Technology Co ltd
Original Assignee
Suzhou Ruilisi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Ruilisi Technology Co ltd filed Critical Suzhou Ruilisi Technology Co ltd
Priority to CN202010198895.XA priority Critical patent/CN111431890B/en
Publication of CN111431890A publication Critical patent/CN111431890A/en
Application granted granted Critical
Publication of CN111431890B publication Critical patent/CN111431890B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • AHUMAN NECESSITIES
    • A63SPORTS; GAMES; AMUSEMENTS
    • A63FCARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
    • A63F13/00Video games, i.e. games using an electronically generated display having two or more dimensions
    • A63F13/30Interconnection arrangements between game servers and game devices; Interconnection arrangements between game devices; Interconnection arrangements between game servers
    • A63F13/31Communication aspects specific to video games, e.g. between several handheld game devices at close range
    • AHUMAN NECESSITIES
    • A63SPORTS; GAMES; AMUSEMENTS
    • A63FCARD, BOARD, OR ROULETTE GAMES; INDOOR GAMES USING SMALL MOVING PLAYING BODIES; VIDEO GAMES; GAMES NOT OTHERWISE PROVIDED FOR
    • A63F13/00Video games, i.e. games using an electronically generated display having two or more dimensions
    • A63F13/30Interconnection arrangements between game servers and game devices; Interconnection arrangements between game devices; Interconnection arrangements between game servers
    • A63F13/35Details of game servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a low-overhead intermediate server proxy transmission authentication method.A client establishes communication connection with a master control server and sends a connection request; the method comprises the steps that after the master control server successfully verifies, a universal unique identification code of a client side is obtained, the universal unique identification code and a timestamp of the client side form a byte string, the byte string is encrypted by using a prestored private key to generate a signature, and the universal unique identification code, the timestamp and the signature are used as a token and are sent to the client side; after the client obtains the token, the client establishes communication with the intermediate server, and the intermediate server uniformly receives links of all the clients by using a fixed port appointed with the master control server; and after the intermediate server obtains the message, the universal unique identification code and the timestamp in the head information are taken out, the signature is verified through a pre-stored public key, if the signature is valid, the authentication is successful, and otherwise, the authentication fails. The intermediate server uses a single port to receive a large number of client links, interaction flow is simplified, and safety risk is reduced.

Description

Low-overhead intermediate server proxy transmission authentication method and device
Technical Field
The invention belongs to the technical field of communication authentication, and particularly relates to a low-overhead proxy transmission authentication method and device for an intermediate server.
Background
In order to make the game transmission fast and stable, especially when the game player is far away from the physical space of the game server, the special game acceleration software is needed to realize stable and smooth game experience. Among many game acceleration software (fast game, online UU, etc.), the most common game acceleration scheme is realized through the following steps:
(1) an intermediate server is deployed and made to conform to two characteristics:
1. the game target server transmits the game data by using a special high-speed line;
2. the distance between the intermediate server and the game user is shorter;
(2) the game client firstly transmits with the intermediate server;
(3) the intermediate server obtains the data of the game client and forwards the data to the target game server;
(4) the target game server replies game transmission data to the intermediate server;
(5) the intermediate server returns the game transmission data to the game client.
In this process, the game client actually communicates with the intermediate server, but the game player's intuitive experience is that his client communicates with the target game server. Because the communication between the intermediate server and the target game server adopts a special high-speed line, and simultaneously, the physical distance from the client to the intermediate server is greatly shortened compared with the physical distance from the client to the target game server, and the stability of game data transmission is greatly improved.
In order to accelerate the forwarding of game data only by authenticated players using the intermediate server, the authentication algorithm of the intermediate server becomes especially important. The most common way to authenticate the data stream is to add an authentication field in real time in the transmission message, the authentication field is verified when the data stream passes through the intermediate server, the verified data is forwarded to the target game server, and the data that does not pass the verification is intercepted. In order to ensure that the authentication speed is fast enough and the authentication safety is guaranteed, the authentication process conforms to three major factors of information safety: confidentiality, integrity and authentication, and therefore, the design of the authentication algorithm of the intermediate server is important.
In the traditional server intermediate verification algorithm, before transmission starts, a master control server communicates with an intermediate server to inform an opposite side of a pre-opened port and a port corresponding secret key, so that the intermediate server decrypts each port link data packet by using the secret key informed by the previous master control server to confirm that a client source is reliable. In the verification process, the intermediate server needs to interact with the master control server to obtain the secret key, and an independent interface needs to be opened for each request client to perform one-by-one verification. In the actual use process, hidden dangers such as communication obstacle between the intermediate server and the main control server, communication safety risk during service, conflict between the open port of the intermediate server and the use port of the server and the like exist.
Disclosure of Invention
Aiming at the technical problems, the invention provides a low-overhead intermediate server proxy transmission authentication method, a main control server does not need to communicate with an intermediate server before a client link request is initiated each time, the intermediate server uses a single port to receive a large number of client links, and the intermediate server does not need to communicate with a main server in each authentication process; after the client communicates with the master control server to obtain the message signature, the client can communicate with each intermediate server, so that the safety risk is reduced, the interactive flow is simplified, and the simplified intermediate server proxy transmission authentication process is realized.
The technical scheme of the invention is as follows:
a low-overhead intermediate server proxy transmission authentication method comprises the following steps:
s01: the client establishes communication connection with the master control server and sends a connection request to the master control server;
s02: the method comprises the steps that after the master control server successfully checks, a universal unique identification code of a client side is obtained, the universal unique identification code and a timestamp of the client side form a byte string, the byte string is encrypted by using a prestored private key to generate a signature with a certain byte, and the universal unique identification code, the timestamp and the signature are used as tokens and sent to the client side;
s03: after the client obtains the token, the client establishes communication with the intermediate server, and the intermediate server uniformly receives links of all the clients by using a fixed port appointed with the master control server;
s04: after the intermediate server obtains the message, the universal unique identification code and the timestamp in the head information are taken out, the signature is verified through a pre-stored public key, if the signature is valid, the authentication is successful, otherwise, the authentication fails; after the authentication is successful, the intermediate server establishes connection with the client and forwards a corresponding data packet of the client to the target server; and if the authentication fails, feeding back authentication failure information of the client and canceling the connection.
In a preferred technical scheme, before the communication connection between the client and the master control server is established in step S01, the master control server generates a pair of an encrypted private key and a verification public key according to a signature algorithm, and the master control server sends the public key to all intermediate servers.
In a preferred technical solution, in the step S02, the universal unique identifier is 16 bytes, the timestamp is four bytes, the universal unique identifier and the timestamp form a 20-byte string, and the 20-byte string is encrypted by using a pre-stored private key to generate a 32-byte signature.
In a preferred technical solution, the intermediate server and the target server use a dedicated high-speed line for transmission, and the distance between the intermediate server and the client is shorter than the distance between the target server and the client.
In a preferred technical solution, in step S04, after the intermediate server forwards the corresponding data packet of the client to the target server, the target server replies the transmission data to the intermediate server, and the intermediate server returns the transmission data to the client.
In a preferred technical solution, the step S04 of verifying the signature includes verifying the validity of the signature using a public key, and after the validity passes, determining whether the timestamp exceeds the current time, and if so, indicating that the token is expired, and rejecting the service.
The invention also discloses a low-overhead intermediate server proxy transmission authentication device, which comprises a client, a master control server, an intermediate server and a target server, wherein the intermediate server and the target server use a special high-speed line for transmission, and the distance between the intermediate server and the client is shorter than that between the target server and the client;
the client comprises a connection sending module which is used for establishing communication connection with the master control server and sending a connection request to the master control server;
the master control server comprises a token generation module, a time stamp generation module and a verification module, wherein the token generation module is used for acquiring a universal unique identification code of the client after successful verification, forming a byte string by the universal unique identification code and the time stamp of the client, encrypting the byte string by using a pre-stored private key to generate a signature with a certain byte, and sending the universal unique identification code, the time stamp and the signature to the client as a token;
after obtaining the token, the client establishes communication with the intermediate server;
the intermediate server uniformly receives the links of all the clients by using a fixed port appointed with the master control server; the intermediate server comprises an authentication module, and is used for taking out the universal unique identification code and the timestamp in the header information after the message is obtained, verifying the signature through a prestored public key, if the signature is valid, the authentication is successful, and otherwise, the authentication is failed; after the authentication is successful, the intermediate server establishes connection with the client and forwards a corresponding data packet of the client to the target server; and if the authentication fails, feeding back authentication failure information of the client and canceling the connection.
In the preferred technical scheme, before the client side establishes communication connection with the master control server, the master control server generates a pair of encrypted private keys and a verification public key according to a signature algorithm, and the master control server sends the public key to all intermediate servers.
In a preferred technical scheme, the universal unique identification code is 16 bytes, the timestamp is four bytes, the universal unique identification code and the timestamp form a 20-byte string, and the 20-byte string is encrypted by using a pre-stored private key to generate a 32-byte signature.
In a preferred technical scheme, the signature verification comprises the step of verifying the validity of the signature by using a public key, after the validity passes, whether the timestamp exceeds the current time is judged, and if the timestamp exceeds the current time, the token is expired, and the service is rejected.
Compared with the prior art, the invention has the advantages that:
the authentication method of the invention ensures that the master server does not need to communicate with the intermediate server before the link request of the client is initiated each time. The intermediate server uses a single port to receive a large number of client links, and the intermediate server does not need to communicate with the main server in each authentication process. After the client communicates with the master control server to obtain the message signature, the client can communicate with each intermediate server, so that the safety risk is reduced, the interactive flow is simplified, and the simplified intermediate server proxy transmission authentication process is realized.
Drawings
The invention is further described with reference to the following figures and examples:
FIG. 1 is a flow chart of a low overhead method for proxy transmission authentication of an intermediate server according to the present invention;
FIG. 2 is a diagram illustrating message generation in an embodiment of the present invention;
fig. 3 is a schematic diagram of a message authentication process in the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings in conjunction with the following detailed description. It should be understood that the description is intended to be exemplary only, and is not intended to limit the scope of the present invention. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present invention.
Example (b):
the preferred embodiments of the present invention will be further described with reference to the accompanying drawings.
A low-overhead intermediate server proxy transmission authentication device comprises a client, a master control server, an intermediate server and a target server, wherein the target server can be a game server, the intermediate server is a data proxy server, game data are forwarded by the intermediate server to achieve the purpose of acceleration, the intermediate server and the target server use a special high-speed line for transmission, and the distance between the intermediate server and the client is shorter than that between the target server and the client. The main control server has high concurrent processing capacity and can simultaneously receive and process all client connections within the bearing range of the server. All data of the client comes from interaction with the master server (including registration, login, obtaining keys required to connect to the intermediate server, etc.). The master control server interacts with the intermediate server and collects data of the intermediate server for statistics.
The client comprises a connection sending module which is used for establishing communication connection with the main control server and sending a connection request to the main control server; and the client is also used for establishing communication with the intermediate server after obtaining the token.
The master control server comprises a token generation module, a time stamp generation module and a verification module, wherein the token generation module is used for acquiring a universal unique identification code of the client after successful verification, forming a byte string by the universal unique identification code and the time stamp of the client, encrypting the byte string by using a pre-stored private key to generate a signature with a certain byte, and sending the universal unique identification code, the time stamp and the signature to the client as a token;
the intermediate server uniformly receives the links of all the clients by using a fixed port appointed with the master control server; the intermediate server comprises an authentication module, and is used for taking out the universal unique identification code and the timestamp in the header information after the message is obtained, verifying the signature through a prestored public key, if the signature is valid, the authentication is successful, and otherwise, the authentication is failed; after the authentication is successful, the intermediate server establishes connection with the client and forwards a corresponding data packet of the client to the target server; and if the authentication fails, feeding back authentication failure information of the client and canceling the connection.
Before the client-side establishes communication connection with the master control server, the master control server generates a pair of encrypted private keys and a verification public key according to a signature algorithm, and the master control server sends the public keys to all intermediate servers.
The universal unique identification code is 16 bytes, the timestamp is four bytes, the universal unique identification code and the timestamp form a 20-byte string, and the 20-byte string is encrypted by using a pre-stored private key to generate a 32-byte signature.
Verifying the signature comprises verifying the validity of the signature by using a public key, judging whether the time stamp exceeds the current time after the validity passes, and if so, indicating that the token is overdue and rejecting the service.
The authentication method of the present invention is shown in fig. 1, and includes the following steps:
1. client request procedure
The master control server generates a pair of encrypted private keys and verification public keys by using signature algorithms such as B L S and the like, and the master control server sends the public keys to all the intermediate servers, so that the communication process of the public keys with all the intermediate servers is finished.
When the client needs to use one or more intermediate servers, the client communicates with the master control server, and the master control server verifies that the following information is obtained by using the secret key: the first 16 bytes in the 16-byte Universal Unique Identifier (UUID) of the user and the 4-byte timestamp form a 20-byte string, the 20-byte string is encrypted by using a private key to generate a 32-byte signature, and the 32-byte signature, the UUID and the timestamp are used as a token and are sent to the client. In the process of requesting connection by the client, the master control server does not need to interact with each intermediate server. The message structure of the token is shown in fig. 2.
2. Intermediate server verification process
The method of the invention is different from the common algorithm which uses the port number and the secret key for verification, but uses a single port to communicate all the connections, thereby reducing the occupied number of the ports and improving the safety.
After the intermediate server obtains the message, the intermediate server takes out 20 bytes of 16 bytes corresponding to the UUID in the header information and 4 bytes of the timestamp, verifies the signature for the 20 bytes through the public key, if the signature is valid, the authentication is successful, otherwise, the authentication is failed, and the message authentication process is as shown in fig. 3.
The signature verification comprises the steps that firstly, the validity of the signature is verified by using a public key, after the validity is passed, whether the time stamp exceeds the current time or not is judged, if yes, the token is overdue, and the service is rejected.
After the authentication is successful, the intermediate server establishes connection with the client, and forwards a corresponding data packet of the client to the game server, so that the game acceleration is realized. And if the authentication fails, feeding back authentication failure information of the client and canceling the connection.
And after the intermediate server forwards the corresponding data packet of the client to the target server, the target server replies transmission data to the intermediate server, and the intermediate server transmits the transmission data back to the client.
It is to be understood that the above-described embodiments of the present invention are merely illustrative of or explaining the principles of the invention and are not to be construed as limiting the invention. Therefore, any modification, equivalent replacement, improvement and the like made without departing from the spirit and scope of the present invention should be included in the protection scope of the present invention. Further, it is intended that the appended claims cover all such variations and modifications as fall within the scope and boundaries of the appended claims or the equivalents of such scope and boundaries.

Claims (10)

1. A low-overhead intermediate server proxy transmission authentication method is characterized by comprising the following steps:
s01: the client establishes communication connection with the master control server and sends a connection request to the master control server;
s02: the method comprises the steps that after the master control server successfully checks, a universal unique identification code of a client side is obtained, the universal unique identification code and a timestamp of the client side form a byte string, the byte string is encrypted by using a prestored private key to generate a signature with a certain byte, and the universal unique identification code, the timestamp and the signature are used as tokens and sent to the client side;
s03: after the client obtains the token, the client establishes communication with the intermediate server, and the intermediate server uniformly receives links of all the clients by using a fixed port appointed with the master control server;
s04: after the intermediate server obtains the message, the universal unique identification code and the timestamp in the head information are taken out, the signature is verified through a pre-stored public key, if the signature is valid, the authentication is successful, otherwise, the authentication fails; after the authentication is successful, the intermediate server establishes connection with the client and forwards a corresponding data packet of the client to the target server; and if the authentication fails, feeding back authentication failure information of the client and canceling the connection.
2. The method for proxy transmission authentication of an intermediate server with low overhead as claimed in claim 1, wherein before the step S01, the client establishes communication connection with the master server, the master server generates a pair of encrypted private key and verification public key according to a signature algorithm, and the master server sends the public key to all the intermediate servers.
3. The method for proxy transmission authentication of an intermediary server with low overhead as claimed in claim 1, wherein in the step S02, the universally unique identification code is 16 bytes, the timestamp is four bytes, the universally unique identification code and the timestamp form a 20-byte string, and the 20-byte string is encrypted by using a pre-stored private key to generate a 32-byte signature.
4. The method as claimed in claim 1, wherein the intermediate server transmits with the target server via a dedicated high-speed line, and the distance between the intermediate server and the client is shorter than that between the target server and the client.
5. The method for proxy transmission authentication of an intermediate server with low overhead as claimed in claim 1, wherein in step S04, after the intermediate server forwards the corresponding data packet of the client to the target server, the target server replies transmission data to the intermediate server, and the intermediate server forwards the transmission data to the client.
6. The method as claimed in claim 1, wherein the step S04 of verifying the signature includes using a public key to verify the validity of the signature, and after the validity passes, determining whether the timestamp exceeds the current time, and if so, determining that the token has expired and the service is rejected.
7. The low-overhead intermediate server proxy transmission authentication device is characterized by comprising a client, a master control server, an intermediate server and a target server, wherein the intermediate server and the target server use a special high-speed line for transmission, and the distance between the intermediate server and the client is shorter than that between the target server and the client;
the client comprises a connection sending module which is used for establishing communication connection with the master control server and sending a connection request to the master control server;
the master control server comprises a token generation module, a time stamp generation module and a verification module, wherein the token generation module is used for acquiring a universal unique identification code of the client after successful verification, forming a byte string by the universal unique identification code and the time stamp of the client, encrypting the byte string by using a pre-stored private key to generate a signature with a certain byte, and sending the universal unique identification code, the time stamp and the signature to the client as a token;
after obtaining the token, the client establishes communication with the intermediate server;
the intermediate server uniformly receives the links of all the clients by using a fixed port appointed with the master control server; the intermediate server comprises an authentication module, and is used for taking out the universal unique identification code and the timestamp in the header information after the message is obtained, verifying the signature through a prestored public key, if the signature is valid, the authentication is successful, and otherwise, the authentication is failed; after the authentication is successful, the intermediate server establishes connection with the client and forwards a corresponding data packet of the client to the target server; and if the authentication fails, feeding back authentication failure information of the client and canceling the connection.
8. The low-overhead intermediate server proxy transmission authentication device of claim 7, wherein before the client establishes a communication connection with the master server, the master server generates a pair of an encrypted private key and a verification public key according to a signature algorithm, and the master server sends the public keys to all intermediate servers.
9. The low-overhead proxy transmission authentication device for intermediary server according to claim 7, wherein the universally unique identifier is 16 bytes, the timestamp is four bytes, the universally unique identifier and the timestamp form a 20-byte string, and the 20-byte string is encrypted by using a pre-stored private key to generate a 32-byte signature.
10. The low-overhead intermediate server proxy transmission authentication device of claim 7, wherein the verifying the signature comprises verifying the validity of the signature by using a public key, and after the validity is passed, determining whether the timestamp exceeds the current time, and if so, indicating that the token is expired, and rejecting the service.
CN202010198895.XA 2020-03-20 2020-03-20 Low-overhead intermediate server proxy transmission authentication method and device Active CN111431890B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010198895.XA CN111431890B (en) 2020-03-20 2020-03-20 Low-overhead intermediate server proxy transmission authentication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010198895.XA CN111431890B (en) 2020-03-20 2020-03-20 Low-overhead intermediate server proxy transmission authentication method and device

Publications (2)

Publication Number Publication Date
CN111431890A true CN111431890A (en) 2020-07-17
CN111431890B CN111431890B (en) 2021-12-03

Family

ID=71549676

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010198895.XA Active CN111431890B (en) 2020-03-20 2020-03-20 Low-overhead intermediate server proxy transmission authentication method and device

Country Status (1)

Country Link
CN (1) CN111431890B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113014565A (en) * 2021-02-19 2021-06-22 北京天维信通科技有限公司 Zero trust architecture for realizing port scanning prevention and service port access method and equipment
CN114844648A (en) * 2022-04-25 2022-08-02 北京市商汤科技开发有限公司 Data verification method, data processing method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101141251A (en) * 2006-09-08 2008-03-12 华为技术有限公司 Method, system and equipment of message encryption signature in communication system
CN103634359A (en) * 2012-08-27 2014-03-12 阿里巴巴集团控股有限公司 Proxy server identification method and device
US20140286331A1 (en) * 2013-03-22 2014-09-25 National Taipei University Of Technology Multi-traversal method for nat in break-in
CN106712932A (en) * 2016-07-20 2017-05-24 腾讯科技(深圳)有限公司 Secret key management method, device and system
CN110545173A (en) * 2019-07-29 2019-12-06 大众问问(北京)信息科技有限公司 method and device for safety verification and request sending

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101141251A (en) * 2006-09-08 2008-03-12 华为技术有限公司 Method, system and equipment of message encryption signature in communication system
CN103634359A (en) * 2012-08-27 2014-03-12 阿里巴巴集团控股有限公司 Proxy server identification method and device
US20140286331A1 (en) * 2013-03-22 2014-09-25 National Taipei University Of Technology Multi-traversal method for nat in break-in
CN106712932A (en) * 2016-07-20 2017-05-24 腾讯科技(深圳)有限公司 Secret key management method, device and system
CN110545173A (en) * 2019-07-29 2019-12-06 大众问问(北京)信息科技有限公司 method and device for safety verification and request sending

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113014565A (en) * 2021-02-19 2021-06-22 北京天维信通科技有限公司 Zero trust architecture for realizing port scanning prevention and service port access method and equipment
CN114844648A (en) * 2022-04-25 2022-08-02 北京市商汤科技开发有限公司 Data verification method, data processing method and device

Also Published As

Publication number Publication date
CN111431890B (en) 2021-12-03

Similar Documents

Publication Publication Date Title
CN111835752B (en) Lightweight authentication method based on equipment identity and gateway
US8028329B2 (en) Proxy authentication network
US7533257B2 (en) Server authentication verification method on user terminal at the time of extensible authentication protocol authentication for internet access
JP5099568B2 (en) Method and system for mutual authentication of entities based on a trusted third party
US8417955B2 (en) Entity bidirectional authentication method and system
EP1372292B1 (en) Secure key exchange with mutual authentication
US7945779B2 (en) Securing a communications exchange between computers
CN112039918B (en) Internet of things credible authentication method based on identification cryptographic algorithm
CN111431890B (en) Low-overhead intermediate server proxy transmission authentication method and device
US8966263B2 (en) System and method of network equipment remote access authentication in a communications network
CN108243166A (en) A kind of identity identifying method and system based on USBKey
US20100088399A1 (en) Enterprise security setup with prequalified and authenticated peer group enabled for secure DHCP and secure ARP/RARP
KR20040073329A (en) A method and a system for authenticating a user at a network access while the user is making a connection to the Internet
US20120303951A1 (en) Method and system for registering a drm client
CN113098863B (en) TLS + MQTT protocol-based Internet of things double-authentication method and system
US11652647B2 (en) Authentication system and computer readable medium
CN114499898A (en) Block chain cross-chain secure access method and device
US20120102319A1 (en) System and Method for Reliably Authenticating an Appliance
JP2001177513A (en) Authenticating method in communication system, center equipment, and recording medium with authentication program recorded thereon
JP2001186122A (en) Authentication system and authentication method
CN102668450B (en) Identity based network policy enablement
CN114430324B (en) On-line rapid identity verification method based on hash chain
US20110055571A1 (en) Method and system for preventing lower-layer level attacks in a network
CN105577699B (en) A kind of secure access authentication method of two-way dynamic non-stop layer authentication
JP2024506915A (en) Zero trust authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant