CN111953698A - Interface security access method and system based on quantum computing cloud platform - Google Patents
Interface security access method and system based on quantum computing cloud platform Download PDFInfo
- Publication number
- CN111953698A CN111953698A CN202010823487.9A CN202010823487A CN111953698A CN 111953698 A CN111953698 A CN 111953698A CN 202010823487 A CN202010823487 A CN 202010823487A CN 111953698 A CN111953698 A CN 111953698A
- Authority
- CN
- China
- Prior art keywords
- token
- client
- server
- request
- cloud platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N10/00—Quantum computing, i.e. information processing based on quantum-mechanical phenomena
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The invention discloses an interface security access method and system based on a quantum computing cloud platform, belonging to the field of interface security access, aiming at solving the technical problem of reducing the load of a website, not needing to check a user and a password each time and realizing an authorization mode of verifying multiple accesses at one time, and adopting the technical scheme that: the method comprises the following specific steps: s1, the client requests login by using a user name and a password; s2, the server receives the request to verify the user name and the password; s3, after the verification is successful, the server side issues a Token and then sends the Token to the client side; s4, after the client receives the Token, the Token is stored and put into the cookie of the client; s5, when the client requests the server for resources each time, the Token issued by the server needs to be taken; s6, the server receives the request and then verifies the Token carried in the client request. The system comprises a login module, a user name and password verification module, an issuing module, a storage module, a request module and a Token verification module.
Description
Technical Field
The invention relates to the field of interface security access, in particular to an interface security access method and system based on a quantum computing cloud platform.
Background
Due to the particularities of the operating environment of a quantum computing chip, its core components typically operate at very low temperatures. Therefore, a lot of external auxiliary equipment is needed to be added for erecting the test system and researching equipment, quantum computing integrates all service tools based on the limitation of the physical problem, and the integrated whole is the quantum computing cloud platform.
The quantum computing cloud platform can bring convenience to users, can be accessed anytime and anywhere, and can solve the problem of interface protocols of multiple platforms. But in order to prevent unexpected traffic surges to websites such as attacks and the like, it is necessary to perform traffic limitation at the front-back interface service. Since http is a stateless protocol, it does not know who accessed our applications. The user is regarded as a client, and the client passes identity authentication by using a user name and a password, but the authentication is carried out again next time the client sends a request again. Therefore, how to reduce the load of the website, without checking the user and the password each time, and realizing the authorization mode of verifying multiple accesses at one time is a technical problem to be solved urgently at present.
Disclosure of Invention
The technical task of the invention is to provide an interface security access method and system based on a quantum computing cloud platform, so as to solve the problem of how to reduce the load of a website, and realize the authorization mode of verifying multiple accesses without verifying a user and a password each time.
The technical task of the invention is realized in the following way, and the interface security access method based on the quantum computing cloud platform specifically comprises the following steps:
s1, the client requests login by using a user name and a password;
s2, the server receives the request to verify the user name and the password;
s3, after the verification is successful, the server side issues a Token and then sends the Token to the client side;
s4, after the client receives the Token, the Token is stored and put into the cookie of the client;
s5, when the client requests the server for resources each time, the Token issued by the server needs to be taken;
s6, the server receives the request, and then verifies the Token carried in the client request:
and if the verification is successful, returning the requested data to the client.
Preferably, the production of Token is specifically as follows:
and generating a message digest of the maximum expiration timestamps of the key and the Token given by the user through the hmac sha1 algorithm, splicing the message digest and the maximum expiration timestamp through "# #", and then performing base64 encoding to generate the final Token.
Preferably, in step S6, the Token carried in the request of the verification client is specifically as follows:
s601, performing base64 decoding on the Token to obtain a maximum expiration timestamp and a message digest of the Token;
s602, judging whether Token is expired:
if not, executing step S603;
secondly, if the time is expired, the Token is invalid;
s603, performing hmac sha1 algorithm operation on the maximum expiration timestamp obtained from the Token (note that the key is the same as the key for generating the Token);
s604, comparing the generated abstract with the message abstract acquired through Token:
firstly, if the two message digests are equal, the Token is effective;
and secondly, if the two message digests are not equal, the Token is invalid.
Preferably, after the client logs in for the first time, when the server receives the http request again, only the Token is recognized, as long as the Token is taken each time, the server intercepts all requests, and then verifies the validity of the Token:
if the code is legal, releasing;
and if the right is illegal, the right is returned and the right is failed.
An interface security access system based on a quantum computing cloud platform comprises,
the login module is used for requesting login of a client through a user name and a password;
the user name and password verification module is used for receiving a request at the server to verify the user name and the password;
the issuing module is used for issuing a Token by the server side after the verification is successful and then sending the Token to the client side;
the storage module is used for storing the Token and placing the Token into the cookie of the client after the client receives the Token;
the request module is used for taking Token issued by the server when the client requests the server for resources each time;
the Token verification module is used for the server side to receive the request and then verify the Token carried in the client side request: and if the verification is successful, returning the requested data to the client.
Preferably, the production of Token is specifically as follows:
and generating a message digest of the maximum expiration timestamps of the key and the Token given by the user through the hmac sha1 algorithm, splicing the message digest and the maximum expiration timestamp through "# #", and then performing base64 encoding to generate the final Token.
Preferably, the Token verification module comprises,
the decoding submodule is used for carrying out base64 decoding on the Token to obtain a maximum expiration timestamp of the Token and a message digest;
the judgment submodule is used for judging whether the Token is expired:
if not, performing hmac sha1 algorithm operation on the maximum expiration timestamp obtained from Token (note that the key is the same as the key generating Token);
secondly, if the time is expired, the Token is invalid;
a comparison submodule for comparing the generated digest with the message digest obtained by Token:
firstly, if the two message digests are equal, the Token is effective;
and secondly, if the two message digests are not equal, the Token is invalid.
Preferably, after the client logs in for the first time, when the server receives the http request again, only the Token is recognized, as long as the Token is taken each time, the server intercepts all requests, and then verifies the validity of the Token:
if the code is legal, releasing;
and if the right is illegal, the right is returned and the right is failed.
An electronic device, comprising: a memory and at least one processor;
wherein the memory stores computer-executable instructions;
the at least one processor executes the memory-stored computer-executable instructions to cause the at least one processor to perform the quantum computing cloud platform-based interface security access method described above.
A computer-readable storage medium, in which computer-executable instructions are stored, and when a processor executes the computer, the interface security access method based on the quantum computing cloud platform is implemented.
The interface security access method and system based on the quantum computing cloud platform have the following advantages:
the method and the system reduce the load of the website, do not need to check the user and the password every time, and complete the interface security access control of the cloud platform; the Token is a login success certificate, after login succeeds, an information certificate is generated according to a certain rule, the login state of the user is stored, and the server only needs to verify whether the Token is legal or not according to the defined rule;
the authentication method using the Token mechanism of the invention does not need to store the login record of the user at the server end, realizes the authorization mode of verifying multiple accesses at one time, and the quantum computing cloud platform controls the access of the service interface by adopting the mode based on the Token mechanism, thereby reducing the access pressure of the website and improving the security of the website;
and (III) when the user requests login successfully, generating a record of the user at the server, storing the id in the cookie, carrying the cookie next time the user sends a request to the server again, verifying the user information in the cookie by the server, and returning the data requested by the user to the client if the user passes the verification.
Drawings
The invention is further described below with reference to the accompanying drawings.
Fig. 1 is a flow chart of an interface security access method based on a quantum computing cloud platform.
Detailed Description
The interface security access method and system based on the quantum computing cloud platform of the present invention are described in detail below with reference to the drawings and specific embodiments of the specification.
Example 1:
as shown in fig. 1, the interface security access method based on the quantum computing cloud platform of the present invention specifically includes:
s1, the client requests login by using a user name and a password;
s2, the server receives the request to verify the user name and the password;
s3, after the verification is successful, the server side issues a Token and then sends the Token to the client side;
s4, after the client receives the Token, the Token is stored and put into the cookie of the client;
s5, when the client requests the server for resources each time, the Token issued by the server needs to be taken;
s6, the server receives the request, and then verifies the Token carried in the client request:
and if the verification is successful, returning the requested data to the client. The method comprises the following specific steps:
s601, performing base64 decoding on the Token to obtain a maximum expiration timestamp and a message digest of the Token;
s602, judging whether Token is expired:
if not, executing step S603;
secondly, if the time is expired, the Token is invalid;
s603, performing hmac sha1 algorithm operation on the maximum expiration timestamp obtained from the Token (note that the key is the same as the key for generating the Token);
s604, comparing the generated abstract with the message abstract acquired through Token:
firstly, if the two message digests are equal, the Token is effective;
and secondly, if the two message digests are not equal, the Token is invalid.
Wherein, the generation of Token is specifically as follows:
and generating a message digest of the maximum expiration timestamps of the key and the Token given by the user through the hmac sha1 algorithm, splicing the message digest and the maximum expiration timestamp through "# #", and then performing base64 encoding to generate the final Token.
After the client logs in for the first time, when the server receives the http request again, only the Token is recognized, as long as the Token is taken each time, the server intercepts all the requests, and then the validity of the Token is verified:
if the code is legal, releasing;
and if the right is illegal, the right is returned and the right is failed.
Example 2:
the interface security access system based on the quantum computing cloud platform comprises,
the login module is used for requesting login of a client through a user name and a password;
the user name and password verification module is used for receiving a request at the server to verify the user name and the password;
the issuing module is used for issuing a Token by the server side after the verification is successful and then sending the Token to the client side;
the storage module is used for storing the Token and placing the Token into the cookie of the client after the client receives the Token;
the request module is used for taking Token issued by the server when the client requests the server for resources each time;
the Token verification module is used for the server side to receive the request and then verify the Token carried in the client side request: if the verification is successful, returning the requested data to the client; the Token verification module includes a function of,
the decoding submodule is used for carrying out base64 decoding on the Token to obtain a maximum expiration timestamp of the Token and a message digest;
the judgment submodule is used for judging whether the Token is expired:
if not, performing hmac sha1 algorithm operation on the maximum expiration timestamp obtained from Token (note that the key is the same as the key generating Token);
secondly, if the time is expired, the Token is invalid;
a comparison submodule for comparing the generated digest with the message digest obtained by Token:
firstly, if the two message digests are equal, the Token is effective;
and secondly, if the two message digests are not equal, the Token is invalid.
Wherein, the generation of Token is specifically as follows:
and generating a message digest of the maximum expiration timestamps of the key and the Token given by the user through the hmac sha1 algorithm, splicing the message digest and the maximum expiration timestamp through "# #", and then performing base64 encoding to generate the final Token.
After the client logs in for the first time, when the server receives the http request again, only the Token is recognized, as long as the Token is taken each time, the server intercepts all the requests, and then the validity of the Token is verified:
if the code is legal, releasing;
and if the right is illegal, the right is returned and the right is failed.
Example 3:
an embodiment of the present invention further provides an electronic device, including: a memory and a processor;
wherein the memory stores computer-executable instructions;
the at least one processor executes the memory-stored computer-executable instructions to cause the at least one processor to perform a quantum computing cloud platform-based interface security access method as in embodiment 1.
Example 4:
the embodiment of the invention also provides a computer-readable storage medium, wherein a plurality of instructions are stored, and the instructions are loaded by the processor, so that the processor executes the interface security access method based on the quantum computing cloud platform in any embodiment of the invention. Specifically, a system or an apparatus equipped with a storage medium on which software program codes that realize the functions of any of the above-described embodiments are stored may be provided, and a computer (or a CPU or MPU) of the system or the apparatus is caused to read out and execute the program codes stored in the storage medium.
In this case, the program code itself read from the storage medium can realize the functions of any of the above-described embodiments, and thus the program code and the storage medium storing the program code constitute a part of the present invention.
Examples of the storage medium for providing the program code include a floppy disk, a hard disk, a magneto-optical disk, an optical disk (e.g., CD-ROM, CD-R, CD-RW, DVD-ROM, DVD-R interface security access method and system M, DVD-RW, DVD + RW based on a quantum computing cloud platform), a magnetic tape, a nonvolatile memory card, and a ROM. Alternatively, the program code may be downloaded from a server computer via a communications network.
Further, it should be clear that the functions of any one of the above-described embodiments may be implemented not only by executing the program code read out by the computer, but also by causing an operating system or the like operating on the computer to perform a part or all of the actual operations based on instructions of the program code.
Further, it is to be understood that the program code read out from the storage medium is written to a memory provided in an expansion board inserted into the computer or to a memory provided in an expansion unit connected to the computer, and then causes a CPU or the like mounted on the expansion board or the expansion unit to perform part or all of the actual operations based on instructions of the program code, thereby realizing the functions of any of the above-described embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. An interface security access method based on a quantum computing cloud platform is characterized by comprising the following steps:
s1, the client requests login by using a user name and a password;
s2, the server receives the request to verify the user name and the password;
s3, after the verification is successful, the server side issues a Token and then sends the Token to the client side;
s4, after the client receives the Token, the Token is stored and put into the cookie of the client;
s5, when the client requests the server for resources each time, the Token issued by the server needs to be taken;
s6, the server receives the request, and then verifies the Token carried in the client request:
and if the verification is successful, returning the requested data to the client.
2. The interface security access method based on the quantum computing cloud platform as claimed in claim 1, wherein the Token is generated as follows:
and generating a message digest of the maximum expiration timestamps of the key and the Token given by the user through the hmac sha1 algorithm, splicing the message digest and the maximum expiration timestamp through "# #", and then performing base64 encoding to generate the final Token.
3. The interface security access method based on the quantum computing cloud platform of claim 1, wherein the authentication in step S6 performed by the client request includes the following specific steps:
s601, performing base64 decoding on the Token to obtain a maximum expiration timestamp and a message digest of the Token;
s602, judging whether Token is expired:
if not, executing step S603;
secondly, if the time is expired, the Token is invalid;
s603, performing hmac sha1 algorithm operation on the maximum expiration timestamp obtained from the Token;
s604, comparing the generated abstract with the message abstract acquired through Token:
firstly, if the two message digests are equal, the Token is effective;
and secondly, if the two message digests are not equal, the Token is invalid.
4. The interface security access method based on the quantum computing cloud platform as claimed in any one of claims 1-3, wherein after the client logs in for the first time, when the server receives the http request again, only the Token is recognized, as long as the Token is taken each time, the server intercepts all requests, and then verifies the validity of the Token:
if the code is legal, releasing;
and if the right is illegal, the right is returned and the right is failed.
5. An interface security access system based on a quantum computing cloud platform is characterized by comprising,
the login module is used for requesting login of a client through a user name and a password;
the user name and password verification module is used for receiving a request at the server to verify the user name and the password;
the issuing module is used for issuing a Token by the server side after the verification is successful and then sending the Token to the client side;
the storage module is used for storing the Token and placing the Token into the cookie of the client after the client receives the Token;
the request module is used for taking Token issued by the server when the client requests the server for resources each time;
the Token verification module is used for the server side to receive the request and then verify the Token carried in the client side request: and if the verification is successful, returning the requested data to the client.
6. The interface security access system based on the quantum computing cloud platform of claim 5, wherein the Token is generated as follows:
and generating a message digest of the maximum expiration timestamps of the key and the Token given by the user through the hmac sha1 algorithm, splicing the message digest and the maximum expiration timestamp through "# #", and then performing base64 encoding to generate the final Token.
7. The interface security access system based on quantum computing cloud platform of claim 5, wherein the Token verification module comprises,
the decoding submodule is used for carrying out base64 decoding on the Token to obtain a maximum expiration timestamp of the Token and a message digest;
the judgment submodule is used for judging whether the Token is expired:
if the time stamp is not expired, performing hmac sha1 algorithm operation on the maximum expiration time stamp obtained from Token;
secondly, if the time is expired, the Token is invalid;
a comparison submodule for comparing the generated digest with the message digest obtained by Token:
firstly, if the two message digests are equal, the Token is effective;
and secondly, if the two message digests are not equal, the Token is invalid.
8. The interface security access system based on the quantum computing cloud platform as claimed in any one of claims 5 to 7, wherein after the client logs in for the first time, when the server receives the http request again, only the Token is recognized, as long as the Token is taken each time, the server intercepts all requests, and then verifies the validity of the Token:
if the code is legal, releasing;
and if the right is illegal, the right is returned and the right is failed.
9. An electronic device, comprising: a memory and at least one processor;
wherein the memory stores computer-executable instructions;
the at least one processor executing the memory-stored computer-executable instructions causes the at least one processor to perform the quantum computing cloud platform-based interface security access method of any of claims 1 to 4.
10. A computer-readable storage medium, wherein computer-executable instructions are stored in the computer-readable storage medium, and when a processor executes the computer, the interface security access method based on a quantum computing cloud platform as claimed in claims 1 to 4 is implemented.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010823487.9A CN111953698A (en) | 2020-08-17 | 2020-08-17 | Interface security access method and system based on quantum computing cloud platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010823487.9A CN111953698A (en) | 2020-08-17 | 2020-08-17 | Interface security access method and system based on quantum computing cloud platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111953698A true CN111953698A (en) | 2020-11-17 |
Family
ID=73341961
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010823487.9A Pending CN111953698A (en) | 2020-08-17 | 2020-08-17 | Interface security access method and system based on quantum computing cloud platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111953698A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115348307A (en) * | 2022-08-11 | 2022-11-15 | 中国工商银行股份有限公司 | Online server protection method and device, computer equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107809317A (en) * | 2017-11-09 | 2018-03-16 | 郑州云海信息技术有限公司 | A kind of identity identifying method and system based on token digital signature |
| WO2018064881A1 (en) * | 2016-10-09 | 2018-04-12 | 武汉斗鱼网络科技有限公司 | Method and system for saving user login state for use in ios client terminal |
| CN111371805A (en) * | 2020-03-17 | 2020-07-03 | 北京工业大学 | Token-based unified identity authentication interface and method |
-
2020
- 2020-08-17 CN CN202010823487.9A patent/CN111953698A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018064881A1 (en) * | 2016-10-09 | 2018-04-12 | 武汉斗鱼网络科技有限公司 | Method and system for saving user login state for use in ios client terminal |
| CN107809317A (en) * | 2017-11-09 | 2018-03-16 | 郑州云海信息技术有限公司 | A kind of identity identifying method and system based on token digital signature |
| CN111371805A (en) * | 2020-03-17 | 2020-07-03 | 北京工业大学 | Token-based unified identity authentication interface and method |
Non-Patent Citations (2)
| Title |
|---|
| CLOSEFRIEN_D1C2: "系统token的相关问题", 《HTTPS://WWW.JIANSHU.COM/P/8C98BC558293,简书》 * |
| 周小董: "python产生token及token验证", 《HTTPS://BLOG.CSDN.NET/XC_ZHOU/ARTICLE/DETAILS/80687825,CSDN》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115348307A (en) * | 2022-08-11 | 2022-11-15 | 中国工商银行股份有限公司 | Online server protection method and device, computer equipment and storage medium |
| CN115348307B (en) * | 2022-08-11 | 2024-04-09 | 中国工商银行股份有限公司 | Online server protection method, online server protection device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109309683B (en) | Token-based client identity authentication method and system | |
| CN102201915B (en) | Terminal authentication method and device based on single sign-on | |
| CN108600203A (en) | Secure Single Sign-on method based on Cookie and its unified certification service system | |
| CN100512201C (en) | Method for dealing inserted-requested message of business in groups | |
| US8719915B2 (en) | Method for improving network application security and the system thereof | |
| CN112491881A (en) | Cross-platform single sign-on method, system, electronic equipment and storage medium | |
| CN112671720B (en) | Token construction method, device and equipment for cloud platform resource access control | |
| CN103179134A (en) | Single sign on method and system based on Cookie and application server thereof | |
| CN111884811B (en) | Block chain-based data evidence storing method and data evidence storing platform | |
| KR101817152B1 (en) | Method for providing trusted right information, method for issuing user credential including trusted right information, and method for obtaining user credential | |
| CN111818088A (en) | Authorization mode management method and device, computer equipment and readable storage medium | |
| CN111371725A (en) | Method for improving security of session mechanism, terminal equipment and storage medium | |
| CN104580256A (en) | Method and device for logging in through user equipment and verifying user's identity | |
| CN111275419A (en) | Block chain wallet signature right confirming method, device and system | |
| CN111835514A (en) | Method and system for realizing safe interaction of front-end and back-end separated data | |
| CN112153041A (en) | Method and system for realizing multisystem single sign-on based on user synchronization | |
| CN111147525A (en) | Authentication method, system, server and storage medium based on API gateway | |
| CN114301617A (en) | Identity authentication method and device for multi-cloud application gateway, computer equipment and medium | |
| CN112434054A (en) | Audit log updating method and device | |
| CN111355730A (en) | Platform login method, device, equipment and computer readable storage medium | |
| KR102372503B1 (en) | Method for providing authentification service by using decentralized identity and server using the same | |
| CN111953698A (en) | Interface security access method and system based on quantum computing cloud platform | |
| CN112685718A (en) | Method for invalidating original access token during multi-terminal login of same account based on OAuth protocol | |
| CN112272093A (en) | Token management method, electronic equipment and readable storage medium | |
| CN117176402A (en) | Unified identity authentication method, device and medium of operating system platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201117 |
|
| RJ01 | Rejection of invention patent application after publication |