CN112104646B - Method and system for safety transmission of app data interface - Google Patents
Method and system for safety transmission of app data interface Download PDFInfo
- Publication number
- CN112104646B CN112104646B CN202010959821.3A CN202010959821A CN112104646B CN 112104646 B CN112104646 B CN 112104646B CN 202010959821 A CN202010959821 A CN 202010959821A CN 112104646 B CN112104646 B CN 112104646B
- Authority
- CN
- China
- Prior art keywords
- token
- key
- access
- certificate
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method for safety transmission of an app data interface, which comprises the following steps: step 1, carrying a randomly generated key to request to acquire a credential interface when an app client is started; step 2, the server generates a certificate access _ token according to the key, sets the certificate expiration time, and returns the certificate access _ token, the certificate expiration time and the server time to the client; step 3, the app client stores and maintains the certificate access _ token locally, and synchronizes the timing server time; step 4, the app client carries the key, the certificate access _ token and the current timestamp to request a service data interface; step 5, the server side carries out validity check on the certificate access _ token and the current timestamp, and returns Des encrypted data by using a key; and 6, the app client receives and decrypts the data by using the key, so that the data can be effectively protected, and the safety of the app client is improved.
Description
Technical Field
The invention relates to the technical field of computer communication, in particular to a method and a system for safety transmission of an app data interface.
Background
After an app is online, due to various interests, a third party may use a program to capture a data interface on the app, steal data for their use, and thus cause a loss to the company. How to design a general data interface security scheme to effectively protect data becomes a factor that must be considered before an app is online.
The prior art discloses a 'RestFul-based data interface secure exchange method', which is disclosed as follows: CN109462595A, published date: 2019.03.12, the method comprising: 1) firstly, a server creates an authentication certificate and an identity certificate; 2) the client inputs authentication qualification, and after the authentication qualification is passed, the server generates an identity token and the timeliness of the token; 3) and the client inputs the identity token again, the server confirms the identity token, timeliness and information authority, and the data exchange action is completed by opening the data exchange interface after the identity token, timeliness and information authority pass. By uniformly managing the verification and the token and using the timeliness of the system cache as timeliness management, the system memory overhead can be greatly reduced, the risks of data verification and exchange before different systems are reduced, and the reliability and the safety of system exchange are improved. Although the patent also mentions the token and timeliness, the credential generation method and flow of the patent are different from the patent, and the credential of the patent contains information required by decryption data, and subsequent interface data transmission between the client and the server needs to be obtained through decryption.
Disclosure of Invention
In order to overcome the above problems, an object of the present invention is to provide a method for secure transmission of an app data interface, which can effectively protect data and improve the security of an app client.
The invention is realized by adopting the following scheme: a method of app data interface security transport, the method comprising the steps of:
step 1, carrying a randomly generated key to request to acquire a credential interface when an app client is started;
step 2, the server generates a certificate access _ token according to the key of the app client, sets the certificate expiration time, and returns the certificate access _ token, the certificate expiration time and the server time to the client;
step 3, the app client locally stores and maintains the certificate access _ token, and synchronously clocks the time of the server;
step 4, the app client carries the key, the certificate access _ token and the current timestamp to request a service data interface;
step 5, the server side carries out validity check on the certificate access _ token and the current timestamp of the app client side, and carries out Des encryption on the data by using the key;
and 6, receiving and decrypting the data by the app client by using the key.
Further, the step 2 is further specifically: the server side obtains a key, and generates a certificate access _ token according to the access _ token which is md5(key + md5 key), wherein the md5 key is stored in the server side and is not exposed, the generated certificate access _ token is stored in a redis memory database, the certificate expiration time is set, and the certificate access _ token, the certificate expiration time and the server side time are returned to the client side.
Further, in step 3, the app client stores and maintains the credential access _ token locally, and after obtaining the server time, a thread is started in the app client to synchronize the increase of the maintenance timestamp, so as to ensure that there is no excessive error between the client and the server time.
Further, when a service data interface is requested in step 4, it is first checked whether the expiration time of the voucher exceeds the current timestamp to determine whether the voucher is expired, if not, the service data interface is requested, and if yes, a new voucher is obtained again according to step 1.
Further, the step 5 further specifically includes the following steps:
step 5.1: checking whether the error between the current timestamp and the current server time exceeds the preset time or not, and if so, returning to be illegal;
step 5.2: receiving a parameter key and a certificate access _ token, using an md5 key on a server to generate a local certificate access _ token _ check, wherein the access _ token _ check is md5(key + md5 key), checking whether the access _ token and the generated access _ token _ check are equal, and returning to be illegal if the access _ token and the generated access _ token _ check are unequal;
step 5.3: reading a redis key of the server and the generated access _ token _ check, judging that the key is expired if the redis key exists or the generated access _ token _ check does not exist, and returning to be illegal;
step 5.4: after the validity is verified, performing Des encryption on the data by using the key, and returning the encrypted data EnData;
step 5.5: and returning the encrypted data EnData to the home page of the client.
The invention also provides a system for the safety transmission of the app data interface, which comprises a certificate acquisition module, a certificate generation module, a data storage module, a data request interface module, a validity check module and a data decryption module;
the credential obtaining module is used for carrying a randomly generated key to request for obtaining a credential interface when the app client is started;
the voucher generation module generates a voucher access _ token through the server according to the key of the app client, sets voucher expiration time, and returns the voucher access _ token, the voucher expiration time and the server time to the client;
the data storage module is used for locally storing and maintaining the voucher access _ token through the app client and synchronously timing the time of the server;
the data request interface module requests a service data interface through the app client carrying the key, the certificate access _ token and the current timestamp;
the validity check module is used for carrying out validity check on a certificate access _ token and a current timestamp of the app client through the server side, and carrying out Des encryption on data by using a key;
and the data decryption module receives the data through the app client and decrypts the data by using the key.
Further, the credential generating module is further specifically: the server side obtains the key, generates a certificate access _ token according to the access _ token which is md5(key + md5 key), wherein the md5 key is stored in the server side and is not exposed, stores the generated certificate access _ token into a redis memory database, sets the certificate expiration time, and returns the certificate access _ token, the certificate expiration time and the server side time to the client side.
Furthermore, the app client in the data storage module locally stores and maintains the credential access _ token, and after the server time is obtained, a thread is started in the app client to synchronously maintain the increase of the timestamp, so that the time of the client and the server cannot have an excessive error.
Furthermore, when a service data interface is requested in the data interface requesting module, whether the expiration time of the certificate exceeds the current timestamp is checked to judge whether the certificate is expired, if not, the service data interface is requested, and if yes, a new certificate is obtained again according to the certificate obtaining module.
Further, the implementation manner of the validity checking module is further specifically that:
checking whether the error between the current timestamp and the current server time exceeds the preset time or not, and if so, returning to be illegal;
receiving a parameter key and a certificate access _ token, using an md5 key on a server to generate a local certificate access _ token _ check, wherein the access _ token _ check is md5(key + md5 key), checking whether the access _ token and the generated access _ token _ check are equal, and returning to be illegal if the access _ token and the generated access _ token _ check are unequal;
reading a redis key of the server and the generated access _ token _ check, judging that the key is expired if the redis key exists or the generated access _ token _ check does not exist, and returning to be illegal;
after the validity is verified, performing Des encryption on the data by using the key, and returning the encrypted data EnData;
and returning the encrypted data EnData to the home page of the client.
The invention has the beneficial effects that: according to the invention, the app client acquires the certificate from the server, the certificate is obtained after encryption processing, the certificate contains information required by decryption data, subsequent interface data transmission between the client and the server needs to be acquired through decryption, and the server is provided with a series of validity checks, so that the data acquired from the server by the client is safer, and the security of the app client is improved.
Drawings
FIG. 1 is a schematic flow diagram of the process of the present invention.
Fig. 2 is a schematic block diagram of the system of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings.
Referring to fig. 1, a method for secure transmission of app data interface according to the present invention includes the following steps:
step 1, carrying a randomly generated key to request to acquire a credential interface when an app client is started;
step 2, the server generates a certificate access _ token according to the key of the app client, sets the certificate expiration time, and returns the certificate access _ token, the certificate expiration time and the server time to the client;
step 3, the app client stores and maintains the certificate access _ token locally and synchronously clocks the time of the server;
step 4, the app client carries a key, a certificate access _ token and a current timestamp (which is synchronously timed by the obtained server time), and requests a service data interface;
step 5, the server side carries out validity check on the certificate access _ token and the current timestamp of the app client side, and carries out Des encryption on the data by using the key;
and 6, receiving and decrypting the data by the app client by using the key.
The invention is further illustrated below with reference to a specific embodiment:
a method of app data interface security transfer, comprising the steps of:
because the interface is a general interface scheme, the following examples show how an app home page reads a GetHomeData interface to ensure data security, and other service interfaces are the same. The interface domain name is designated www.api.com.
Step 1: the user opens the app client to start:
step 1.1: an 8-bit key, such as X2JU89S0, is randomly generated, which is later used to obtain the security credential access _ token and decrypt the returned encrypted data.
Step 1.2: and requesting to acquire a certificate interface, www.api.com/GetACCESS Tokenkey ═ X2JU89S 0.
Step 2: the server receives the request for obtaining the certificate:
step 2.1: the parameter key is acquired, and access _ token is generated to md5(key + md5 key) according to the following rule, and the md5 key is stored in the server and is not exposed to the outside.
Step 2.2: and storing the generated access _ token into a redis memory database, and setting the cache expiration time for 2 hours.
Step 2.3: returning 3 data of the client, the certificate access _ token, the certificate expiration time expire and the current timestamp of the server.
And step 3: the client receives the data returned by the credential interface:
step 3.1: and storing the key, the certificate access _ token and the certificate expiration time expire locally. Credentials for a service request data interface within 2 hours of a future expiration time.
Step 3.2: after the server timestamp is obtained, a thread is started in the app to synchronously maintain the increase of the timestamp, so that the server timestamp is ensured not to have an overlarge error.
And 4, step 4: user access to app home page:
step 4.1: and (4) checking whether expire exceeds timeout, judging whether the voucher access _ token is expired, and repeating the step (1) to request the voucher if the voucher access _ token is expired.
Step 4.2: carry key, access _ token, and time request header data interface, address as follows www.api.com/GetHomeDatakey ═ X2JU89S0& access _ token ═ xxxxxxxx. & time request ═ 1598710771696;
and 5: the server receives a request for acquiring home page data:
step 5.1: and checking whether the timestamp and the current server time are 5 seconds in error. If so, illegal is returned.
Step 5.2: and receiving the parameters key and access _ token, and performing local access _ token _ check generation by using an md5 key on the server, wherein the access _ token _ check is md5(key + md5 key), checking whether the access _ token and the generated access _ token _ check are equal, and if the access _ token and the generated access _ token _ check are not equal, returning to the illegal process.
Step 5.3: and reading the redis key and the generated access _ token _ check, judging that the redis key and the generated access _ token _ check are expired if the redis key and the generated access _ token _ check exist, and returning to be illegal.
Step 5.4: after the validity is verified, Data is encrypted, for example, json of Data to be returned is Data, and Des of the Data is encrypted by using the received parameter key to obtain EnData.
And step 5.5: and returning the encrypted data EnData to the home page of the client.
Step 6: and the app client receives the encrypted home page data EnData, decrypts Des by using the locally stored key, and successfully obtains the home page data.
Referring to fig. 2, the present invention further provides a system for secure transmission of app data interface, where the system includes a credential obtaining module, a credential generating module, a data storage module, a data interface requesting module, a validity checking module, and a data decrypting module;
the credential obtaining module is used for carrying a randomly generated key to request to obtain a credential interface when the app client is started;
the voucher generation module generates a voucher access _ token through the server according to the key of the app client, sets voucher expiration time, and returns the voucher access _ token, the voucher expiration time and the server time to the client;
the data storage module is used for locally storing and maintaining the voucher access _ token through the app client and synchronously timing the time of the server;
the data requesting interface module requests a service data interface by carrying a key, a certificate access _ token and a current timestamp by the app client;
the legality checking module is used for carrying out legality checking on a certificate access _ token and a current timestamp of the app client through the server side, and carrying out Des encryption on data by using a key;
and the data decryption module receives the data through the app client and decrypts the data by using the key.
Wherein the credential generation module is further specifically: the server side obtains a key, and generates a certificate access _ token according to the access _ token which is md5(key + md5 key), wherein the md5 key is stored in the server side and is not exposed, the generated certificate access _ token is stored in a redis memory database, the certificate expiration time is set, and the certificate access _ token, the certificate expiration time and the server side time are returned to the client side.
And after the app client in the data storage module locally stores and maintains the certificate access _ token and obtains the time of the server, a thread is started in the app client to synchronously maintain the increase of the timestamp, so that the time of the client and the time of the server are not subjected to overlarge errors.
When the business data interface is requested in the data requesting interface module, whether the expiration time of the certificate exceeds the current timestamp is checked to judge whether the certificate is expired, if not, the business data interface is requested, and if so, a new certificate is obtained again according to the certificate obtaining module.
In addition, in the present invention, the implementation manner of the validity checking module is further specifically:
checking whether the error between the current timestamp and the current server time exceeds a preset time or not, and if so, returning to be illegal;
receiving a parameter key and a certificate access _ token, using an md5 key on a server to generate a local certificate access _ token _ check, wherein the access _ token _ check is md5(key + md5 key), checking whether the access _ token and the generated access _ token _ check are equal, and returning to be illegal if the access _ token and the generated access _ token _ check are unequal;
reading a redis key of the server and the generated access _ token _ check, judging that the key is expired if the redis key exists or the generated access _ token _ check does not exist, and returning to be illegal;
after the validity is verified, performing Des encryption on the data by using the key, and returning the encrypted data EnData;
and returning the encrypted data EnData to the home page of the client.
The above description is only a preferred embodiment of the present invention, and all equivalent changes and modifications made in accordance with the claims of the present invention should be covered by the present invention.
Claims (4)
1. A method of app data interface security transmission, characterized by: the method comprises the following steps:
step 1, carrying a randomly generated key to request to acquire a credential interface when an app client is started;
step 2, the server generates a certificate access _ token according to the key of the app client, sets the certificate expiration time, and returns the certificate access _ token, the certificate expiration time and the server time to the client;
the step 2 is further specifically as follows: the method comprises the steps that a server side obtains a key of an app client side, a certificate access _ token is generated according to access _ token = md5(key + md5 key), wherein the md5 key is stored in the server side and is not exposed, the generated certificate access _ token is stored in a redis memory database, the expiration time of the certificate is set, and the certificate access _ token, the expiration time of the certificate and the time of the server side are returned to the client side;
step 3, the app client locally stores and maintains the certificate access _ token, and synchronously clocks the time of the server;
step 4, the app client carries the key, the certificate access _ token and the current timestamp to request a service data interface;
step 5, the server side carries out validity check on the certificate access _ token and the current timestamp of the app client side, and carries out Des encryption on the data by using the key;
the step 5 further comprises the following steps:
step 5.1: checking whether the error between the current timestamp and the current server time exceeds the preset time or not, and if so, returning to be illegal;
step 5.2: receiving a parameter key and a certificate access _ token, using an md5 key on a server to generate a local certificate access _ token _ check, checking whether the access _ token and the generated access _ token _ check are equal or not by using the access _ token _ check = md5(key + md5 key), and returning to be illegal if the access _ token and the generated access _ token _ check are unequal;
step 5.3: reading a redis key of the server and the generated access _ token _ check, judging that the key is expired if the redis key exists or the generated access _ token _ check does not exist, and returning to be illegal;
step 5.4: after the validity is verified, performing Des encryption on the data by using the key, and returning the encrypted data EnData;
step 5.5: returning the encrypted data EnData to the home page of the client;
and 6, receiving and decrypting the data by the app client by using the key.
2. The method for secure transmission of app data interface according to claim 1, wherein: when the service data interface is requested in the step 4, it is first checked whether the expiration time of the voucher exceeds the current timestamp to determine whether the voucher is expired, if not, the service data interface is requested, and if so, a new voucher is obtained again according to the step 1.
3. A system for app data interface security transfer, characterized by: the system comprises a certificate acquisition module, a certificate generation module, a data storage module, a request data interface module, a validity check module and a data decryption module;
the credential obtaining module is used for carrying a randomly generated key to request to obtain a credential interface when the app client is started;
the voucher generation module generates a voucher access _ token through the server according to the key of the app client, sets voucher expiration time, and returns the voucher access _ token, the voucher expiration time and the server time to the client;
the credential generation module further specifically comprises: the method comprises the steps that a server side obtains a key of an app client side, a certificate access _ token is generated according to access _ token = md5(key + md5 key), wherein the md5 key is stored in the server side and is not exposed, the generated certificate access _ token is stored in a redis memory database, the expiration time of the certificate is set, and the certificate access _ token, the expiration time of the certificate and the time of the server side are returned to the client side;
the data storage module is used for locally storing and maintaining a certificate access _ token through an app client and synchronously timing the time of the server;
the data request interface module requests a service data interface through the app client carrying the key, the certificate access _ token and the current timestamp;
the legality checking module is used for carrying out legality checking on a certificate access _ token and a current timestamp of the app client through the server side, and carrying out Des encryption on data by using a key;
the validity check module is further implemented by the following steps:
checking whether the error between the current timestamp and the current server time exceeds the preset time or not, and if so, returning to be illegal;
receiving a parameter key and a certificate access _ token, using an md5 key on a server to generate a local certificate access _ token _ check, checking whether the access _ token and the generated access _ token _ check are equal or not by using the access _ token _ check = md5(key + md5 key), and returning to be illegal if the access _ token and the generated access _ token _ check are unequal;
reading a key in the redis of the server and the generated access _ token _ check, judging that the key is overdue if the key exists or does not exist, and returning to be illegal;
after the validity is verified, performing Des encryption on the data by using the key, and returning the encrypted data EnData;
returning the encrypted data EnData to the home page of the client;
and the data decryption module receives the data through the app client and decrypts the data by using the key.
4. The system for secure transmission of app data interface according to claim 3, wherein: when the business data interface is requested in the data requesting interface module, whether the expiration time of the certificate exceeds the current timestamp is checked to judge whether the certificate is expired, if not, the business data interface is requested, and if so, a new certificate is obtained again according to the certificate obtaining module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010959821.3A CN112104646B (en) | 2020-09-14 | 2020-09-14 | Method and system for safety transmission of app data interface |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010959821.3A CN112104646B (en) | 2020-09-14 | 2020-09-14 | Method and system for safety transmission of app data interface |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112104646A CN112104646A (en) | 2020-12-18 |
| CN112104646B true CN112104646B (en) | 2022-07-19 |
Family
ID=73751879
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010959821.3A Active CN112104646B (en) | 2020-09-14 | 2020-09-14 | Method and system for safety transmission of app data interface |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112104646B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116015955B (en) * | 2023-01-04 | 2023-12-01 | 三峡高科信息技术有限责任公司 | Configurable method for verifying validity security of uploading file in application system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104836664A (en) * | 2015-03-27 | 2015-08-12 | 腾讯科技(深圳)有限公司 | Method for executing business processing, device for executing business processing and system for executing business processing |
| CN109150910A (en) * | 2018-10-11 | 2019-01-04 | 平安科技(深圳)有限公司 | Log in token generation and verification method, device and storage medium |
| CN109547445A (en) * | 2018-11-27 | 2019-03-29 | 北京酷我科技有限公司 | A kind of method and system that verifying client network requests are legal |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10972273B2 (en) * | 2017-06-14 | 2021-04-06 | Ebay Inc. | Securing authorization tokens using client instance specific secrets |
-
2020
- 2020-09-14 CN CN202010959821.3A patent/CN112104646B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104836664A (en) * | 2015-03-27 | 2015-08-12 | 腾讯科技(深圳)有限公司 | Method for executing business processing, device for executing business processing and system for executing business processing |
| CN109150910A (en) * | 2018-10-11 | 2019-01-04 | 平安科技(深圳)有限公司 | Log in token generation and verification method, device and storage medium |
| CN109547445A (en) * | 2018-11-27 | 2019-03-29 | 北京酷我科技有限公司 | A kind of method and system that verifying client network requests are legal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112104646A (en) | 2020-12-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106534175B (en) | Open platform authorization identifying system and method based on OAuth agreement | |
| CN101872399B (en) | Dynamic digital copyright protection method based on dual identity authentication | |
| CN103685282B (en) | A kind of identity identifying method based on single-sign-on | |
| CN108259437B (en) | HTTP access method, HTTP server and system | |
| CN110611569B (en) | Authentication method and related equipment | |
| CN109379192B (en) | Login verification processing method, system and device | |
| CN111814132B (en) | Security authentication method and device, security authentication chip and storage medium | |
| CN109274650A (en) | A kind of management system and method that electron image is had access to | |
| CN110035035B (en) | Secondary authentication method and system for single sign-on | |
| CN112565265A (en) | Authentication method, authentication system and communication method between terminal devices of Internet of things | |
| CN117692241A (en) | Authorization method, system, equipment and readable storage medium | |
| CN112104646B (en) | Method and system for safety transmission of app data interface | |
| CN113505353B (en) | Authentication method, authentication device, authentication equipment and storage medium | |
| CN112118243B (en) | Identity authentication method and system, and Internet application login method and system | |
| CN111541708B (en) | Identity authentication method based on power distribution | |
| CN111600864B (en) | Method and device for verifying access service interface based on token authentication multidimensional | |
| CN110807210A (en) | Information processing method, platform, system and computer storage medium | |
| CN113992336B (en) | Encryption network offline data trusted exchange method and device based on block chain | |
| CN111935164B (en) | Https interface request method | |
| KR20230089520A (en) | Access token management system and method using blockchain | |
| CN113794568A (en) | Interface security verification method, interface access method, device, equipment and medium | |
| JP7017477B2 (en) | User authority authentication system | |
| CN116318899B (en) | Data encryption and decryption processing method, system, equipment and medium | |
| CN115580495B (en) | Data auditing method and device, electronic equipment and storage medium | |
| CN113421085B (en) | Smart card dynamic password authentication method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |