CN112149067A - Software authorization method, terminal equipment, authorization server and storage medium - Google Patents
Software authorization method, terminal equipment, authorization server and storage medium Download PDFInfo
- Publication number
- CN112149067A CN112149067A CN202011052301.0A CN202011052301A CN112149067A CN 112149067 A CN112149067 A CN 112149067A CN 202011052301 A CN202011052301 A CN 202011052301A CN 112149067 A CN112149067 A CN 112149067A
- Authority
- CN
- China
- Prior art keywords
- authorization
- software
- terminal equipment
- certificate
- authentication information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 318
- 238000000034 method Methods 0.000 title claims abstract description 60
- 230000008569 process Effects 0.000 claims description 20
- 238000012795 verification Methods 0.000 claims description 13
- 238000012163 sequencing technique Methods 0.000 claims description 4
- 230000009286 beneficial effect Effects 0.000 abstract description 2
- 238000004519 manufacturing process Methods 0.000 description 46
- 230000003993 interaction Effects 0.000 description 8
- 230000006870 function Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 238000012360 testing method Methods 0.000 description 3
- 230000004913 activation Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 210000001503 joint Anatomy 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000005192 partition Methods 0.000 description 2
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Radar, Positioning & Navigation (AREA)
- Remote Sensing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application discloses a software authorization method, which comprises the following steps: acquiring authentication information of the terminal equipment, and encrypting the authentication information to obtain a hardware fingerprint; determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirement of the terminal equipment, and sending the hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints; and if the authorization certificate is received, authorizing the target software in the terminal equipment by using the authorization certificate. The method and the device can realize multi-software automatic authorization based on a multi-authorization concept. The application also discloses a terminal device, an authorization server and a storage medium, which have the beneficial effects.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a software authorization method, a terminal device, an authorization server, and a storage medium.
Background
With the continuous development of the internet industry, users can obtain the use authorization of different software by paying fees. Software developers can perform modular control on software, algorithms and the like through software authorization so as to realize multi-dimensional profit.
In the related art, software authorization is mainly realized based on a dongle. The dongle is a hardware-software combined encrypted product, and has a certain storage space, when the hardware of the dongle is inserted into the device, security verification can be performed, and if the software verification fails, the software cannot be normally started. However, the above scheme for software authorization based on the dongle requires manual authorization and authentication, and when there are a plurality of softwares in the terminal device that require authorization, a plurality of dongles are required, and automatic authorization of the softwares cannot be realized.
Therefore, how to implement multi-software automatic authorization based on the multi-authorization concept is a technical problem that needs to be solved by those skilled in the art at present.
Disclosure of Invention
The application aims to provide a software authorization method, a terminal device, an authorization server and a storage medium, which can realize multi-software automatic authorization based on a multi-authorization concept.
In order to solve the above technical problem, the present application provides a software authorization method, which is applied to a terminal device, and the software authorization method includes:
acquiring authentication information of the terminal equipment, and encrypting the authentication information to obtain a hardware fingerprint;
determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirement of the terminal equipment, and sending the hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints;
and if the authorization certificate is received, authorizing the target software in the terminal equipment by using the authorization certificate.
Optionally, the sending the hardware fingerprint to the plurality of authorization servers includes:
sequencing a plurality of authorization servers to obtain a fingerprint sending sequence, and determining a current authorization server according to the fingerprint sending sequence;
sending the hardware fingerprint to a current authorization server;
and if an authorization certificate returned by the current authorization server is received, determining a new current authorization server according to the fingerprint sending sequence, and executing the step of sending the hardware fingerprint to the current authorization server.
Optionally, authorizing the target software in the terminal device by using the authorization certificate, including:
decrypting the authorization certificate to obtain certificate content;
and carrying out information verification on the certificate content, and judging that the target software in the terminal equipment is successfully authorized after the verification is successful.
Optionally, the process of the authorization server returning the authorization certificate according to the hardware fingerprint includes:
decrypting the hardware fingerprint to obtain authentication information, and inquiring order information corresponding to the authentication information;
judging whether the software residual authorization number in the order information is greater than 0;
and if so, generating the authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment.
Optionally, after generating the authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, the method further includes:
updating the software residual authorization number in the order information;
and if the updated residual authorization number of the software is smaller than a preset value, returning prompt information to the terminal equipment.
Optionally, the authentication information includes a hardware code, an MAC address, a random parameter, and user identity information of the terminal device.
The application also provides a software authorization method, which is applied to an authorization server and comprises the following steps:
receiving a hardware fingerprint sent by terminal equipment; the hardware fingerprint is obtained by encrypting authentication information of the terminal equipment;
decrypting the hardware fingerprint to obtain authentication information, and inquiring order information corresponding to the authentication information;
judging whether the software residual authorization number in the order information is greater than 0;
if so, generating an authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment, so that the terminal equipment can authorize the target software by using the authorization certificate.
The present application further provides a terminal device, including:
the fingerprint generation module is used for acquiring authentication information and encrypting the authentication information to obtain a hardware fingerprint;
the fingerprint uploading module is used for determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirements of the terminal equipment and sending the hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints;
and the software authorization module is used for authorizing the target software in the terminal equipment by using the authorization certificate if the authorization certificate is received.
The present application further provides an authorization server, comprising:
the fingerprint receiving module is used for receiving a hardware fingerprint sent by the terminal equipment; the hardware fingerprint is obtained by encrypting authentication information of the terminal equipment;
the order information inquiry module is used for decrypting the hardware fingerprint to obtain authentication information and inquiring the order information corresponding to the authentication information;
the certificate issuing module is used for judging whether the software residual authorization number in the order information is greater than 0; if so, generating an authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment, so that the terminal equipment can authorize the target software by using the authorization certificate.
The application also provides a storage medium, on which a computer program is stored, which when executed implements the steps performed by the software authorization method.
The application provides a software authorization method, which is applied to terminal equipment and comprises the following steps: acquiring authentication information of the terminal equipment, and encrypting the authentication information to obtain a hardware fingerprint; determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirement of the terminal equipment, and sending the hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints; and if the authorization certificate is received, authorizing the target software in the terminal equipment by using the authorization certificate.
According to the method and the device, the terminal equipment needing software authorization acquires the authentication information first, obtains the hardware fingerprint by encrypting the authentication information, and sends the hardware fingerprint to the authorization server for information authentication. According to the method and the system, the authorization servers needing interaction are determined according to the authorization requirements of the terminal equipment, and the hardware fingerprints are sent to the authorization servers, so that the authorization servers return corresponding authorization certificates, and then the authorization certificates are used for authorizing the target software in the terminal equipment. The software authorization scheme provided by the application is realized based on information interaction between the terminal equipment and the authorization server, manual participation in a process is not needed, and automatic authorization of multiple software can be realized. The application also provides a terminal device, an authorization server and a storage medium, which have the beneficial effects and are not repeated herein.
Drawings
In order to more clearly illustrate the embodiments of the present application, the drawings needed for the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings can be obtained by those skilled in the art without inventive effort.
Fig. 1 is a flowchart of a software authorization method according to an embodiment of the present application;
fig. 2 is a flowchart of a method for an authorization server to return an authorization certificate according to an embodiment of the present application;
FIG. 3 is a flowchart of a software authorization method according to an embodiment of the present application;
fig. 4 is a schematic diagram illustrating a batch software authorization method that can be implemented in a production line according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, fig. 1 is a flowchart of a software authorization method according to an embodiment of the present application.
The specific steps may include:
s101: acquiring authentication information of the terminal equipment, and encrypting the authentication information to obtain a hardware fingerprint;
the embodiment can be applied to terminal equipment requiring software authorization, and the specific terminal equipment can be terminal equipment in a production link of a production line so as to realize online authorization of the production line. The authentication information of the terminal device is information for describing the identity of the terminal device, and the authentication information may include a hardware code, an MAC address, a random parameter, and user identity information. The hardware code is a unique hardware identifier of the terminal equipment; the random parameter may be a parameter related to time, for example, a hash value of the current time may be used as the random parameter; and the user identity information is the account of the terminal equipment which is logged in by the user. In this step, the hardware fingerprint may be obtained by encrypting the authentication information through a plurality of encryption algorithms, and as a feasible implementation manner, the present embodiment may encrypt the authentication information by using an RSA encryption algorithm to generate the hardware fingerprint.
S102: determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirements of the terminal equipment, and sending hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints;
each terminal device can have its corresponding authorization requirement, and the authorization requirement can include an authorization requirement of algorithm software, an authorization requirement of database software, an authorization requirement of a system program, and the like. Each authorization requirement needs a corresponding authorization certificate to complete software authorization, and the authorization server is a device for issuing the authorization certificate to the terminal device, so that each authorization requirement has a corresponding authorization server, and a plurality of authorization servers corresponding to the authorization requirements can be determined after the authorization requirements of the terminal device are obtained.
The terminal equipment sends the hardware fingerprints to the plurality of authorization servers, the authorization servers can decrypt the hardware fingerprints to obtain authentication information, and corresponding order information is inquired according to the authentication information. The order information includes the total number of software purchases, the authorized number of software and the remaining authorized number of software. And if the residual authorization number of the software is greater than 0, generating an authorization certificate according to the order information, and returning the authorization certificate to the terminal equipment. As a feasible implementation manner, the present embodiment may simultaneously send the hardware fingerprints to the corresponding authorization servers respectively, and the present embodiment may also send the hardware fingerprints to the corresponding authorization servers sequentially in turn.
Specifically, the operation of sending hardware fingerprints in turn may include the following steps:
step 1: sequencing a plurality of authorization servers to obtain a fingerprint sending sequence, and determining a current authorization server according to the fingerprint sending sequence;
step 2: sending the hardware fingerprint to a current authorization server;
and step 3: if receiving an authorization certificate returned by the current authorization server, judging whether to send hardware fingerprints to all authorization servers, and if so, ending the process; if not, determining a new current authorization server according to the fingerprint sending sequence, and entering the step 2.
Through the process of sending the fingerprint information in turn, after the authorization certificate of the current software is received, the authorization certificate of the next software can be requested from the next authorization server, so that multi-software authorization is realized.
S103: and if the authorization certificate is received, authorizing the target software in the terminal equipment by using the authorization certificate.
Before this step, there may also be an operation of determining whether an authorization certificate is received, and if the authorization certificate is received, the target software in the terminal device may be authorized by using the content included in the authorization certificate. Specifically, the process of authorizing the target software in the terminal device by using the authorization certificate may include: decrypting the authorization certificate to obtain certificate content; and carrying out information verification on the certificate content, and judging that the target software in the terminal equipment is successfully authorized after the verification is successful. The target software is the software with authorization requirement.
As a possible implementation manner, if the terminal device waits for the preset time period without receiving the authorization certificate after sending the hardware fingerprint to the authorization server, the operation of sending the hardware fingerprint to the authorization server in S102 may be repeatedly executed.
In this embodiment, the terminal device that needs software authorization first acquires the authentication information, obtains the hardware fingerprint by encrypting the authentication information, and sends the hardware fingerprint to the authorization server for information authentication. In this embodiment, an authorization server that needs to interact is determined according to an authorization requirement of a terminal device, and a hardware fingerprint is sent to a plurality of authorization servers, so that the plurality of authorization servers return corresponding authorization certificates, and then a plurality of target software in the terminal device are authorized by using the authorization certificates. The software authorization scheme provided by the embodiment is realized based on information interaction between the terminal equipment and the authorization server, manual participation in the process is not required, and multi-software automatic authorization can be realized.
It can be understood that, in order to reduce the difficulty of docking the terminal device with the authorization server, the terminal device in this embodiment may also support an authorization server extension function, and when a product needs to access a new authorization server, a connection with the new authorization server may be established only by configuring a new IP address and a new port number in the terminal device. Through the mode, when the product authorization scheme is adjusted or the authorized parties need to be increased or decreased, the terminal equipment can be quickly accessed to the seamless butt joint authorized parties only by modifying the configuration file, and the production efficiency and the production line flexibility are guaranteed.
Referring to fig. 2, fig. 2 is a flowchart of a method for an authorization server to return an authorization certificate according to an embodiment of the present application, where the operation of S102 in the embodiment corresponding to fig. 1 is further described in this embodiment, a further implementation may be obtained by combining the embodiment with the embodiment corresponding to fig. 1, and the embodiment may include the following steps:
s201: and decrypting the hardware fingerprint to obtain authentication information, and inquiring order information corresponding to the authentication information.
In this embodiment, the order information corresponding to the user identity information may be queried according to the user identity information in the authentication information.
S202: judging whether the software residual authorization number in the order information is greater than 0; if yes, entering S203; if not, the process proceeds to S204.
S203: and generating the authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment.
In this embodiment, the product type and the authorization deadline of the software that needs to be authorized in the terminal device may be determined according to the authentication information, and then the corresponding authorization certificate is generated by a preset encryption algorithm based on the product type and the authorization deadline.
S204: and returning prompt information that the residual authorization number of the software is insufficient to the terminal equipment.
As a possible implementation manner, after the authorization certificate is generated according to the product type and the authorization duration corresponding to the authentication information, the remaining authorization number of the software in the order information may also be updated. After the software residual authorization number is updated, whether the current software residual authorization number is smaller than a preset numerical value or not can be judged, if so, prompt information can be returned to the terminal equipment so as to prompt a user to continuously purchase a product.
Referring to fig. 3, fig. 3 is a flowchart of a software authorization method according to an embodiment of the present application.
The specific steps may include:
s301: receiving a hardware fingerprint sent by terminal equipment;
the hardware fingerprint is obtained by encrypting authentication information of the terminal equipment;
s302: decrypting the hardware fingerprint to obtain authentication information, and inquiring order information corresponding to the authentication information;
s303: judging whether the software residual authorization number in the order information is greater than 0; if yes, entering S304; if not, the flow is ended.
S304: and generating an authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment so that the terminal equipment can authorize the target software by using the authorization certificate.
In this embodiment, the terminal device that needs software authorization first acquires the authentication information, obtains the hardware fingerprint by encrypting the authentication information, and sends the hardware fingerprint to the authorization server for information authentication. And the authorization server returns an authorization certificate after the hardware fingerprint passes the authentication, so that the terminal equipment authorizes the target software in the terminal equipment by using the authorization certificate. The software authorization scheme provided by the embodiment is realized based on information interaction between the terminal equipment and the authorization server, manual participation in the process is not needed, automatic authorization of the terminal equipment can be realized, and software authorization efficiency is improved.
Referring to fig. 4, fig. 4 is a schematic diagram illustrating a principle of a batch software authorization method that can be implemented on a production line according to an embodiment of the present disclosure, and this embodiment provides a batch software authorization method that can be implemented on a production line, which not only can ensure security of software works, but also enables enterprises participating in development and design to master production and sales data, shares product benefits at the first time, and derives an application scenario of multi-authorization production. Fig. 4 describes a scheme in which a device (client) requests authorization certificates of two types of software in sequence, and the specific process is as follows:
step 1.0, starting an authorization flow and mobile phone authentication information by a production line;
step 1.1, uploading a hardware fingerprint to an authorization server (i) through http;
step 1.2, an authorization server generates an authorization certificate;
step 1.3, an authorization server issues an authorization certificate for equipment verification;
step 2.1, uploading the hardware fingerprint to an authorization server II through http;
step 2.2, the authorization server generates an authorization certificate;
step 2.3, the authorization server issues an authorization certificate for equipment verification.
The embodiment can be realized by the production line client and the authorization server which run in the terminal equipment to be authorized, the number of the authorization servers can be determined according to the number of the authorized parties, the production line client in the terminal equipment to be authorized can initiate applications to different authorization servers in turn, and the authorization flow can quickly ensure the production efficiency of the production line. Specifically, in this embodiment, information transmitted between the production line client and the authorization server is encrypted. For example, the client uploads the authentication information by using an RSA encryption algorithm, and the server generates the authorization certificate by using an AES encryption algorithm and a digital signature, so that the security of data transmission and authorization encryption is ensured. In addition, the production line production section can synchronously receive the product types and the authorization time limit issued by the server, and can carry out secondary classification on the products according to the authorization time limit, so that the management of a production line supply chain is facilitated.
In the embodiment, the data interaction is carried out between the operating production line client of the terminal equipment to be authorized and the authorization server, so that the authorization flow is simplified to meet the requirement of production line production efficiency, the butt joint difficulty of clients is reduced, the extended function of the authorization server is supported, and when a product needs to be accessed into a new authorization server, the connection can be established only by configuring the production line client. The production line client can comprise the following functions: the method comprises the steps of configuration editor, function test, label generator, single-path image test, double-path image test, software upgrading and batch upgrading. The following software authorization processes can be automatically completed by automatically operating a production line client in the equipment production link:
step 1, starting an authorization process and collecting authentication information.
Because the production line client program runs at the equipment end, the production line production link can be automatically executed. The production line client end collects authentication information which can comprise hardware codes, MAC addresses, random parameters, user identity information and the like, and the authentication information is used for generating hardware fingerprints by using an RSA encryption algorithm.
And 2, uploading the hardware fingerprint.
Before uploading the hardware fingerprint, the production line client establishes connection with an authorization server with an appointed IP and port number, and then uploads the hardware fingerprint to the server after the connection is established.
And 3, the server generates an authorization certificate.
And when the authorization server receives the hardware fingerprint, the original authentication information is decrypted through RSA, the order information of the corresponding user in the database is matched, and whether authorization is provided or not is determined according to the residual quantity of the product. And if the authorization can be provided, generating an authorization certificate through AES encryption according to the product type and the authorization deadline, and verifying and canceling the residual quantity of the products in the order information in the database after the authorization certificate is generated.
The authorization server can obtain order data from the order system, the order data comprises user information, order information and activation information, the authorization server can collect the quantity of the same product in all orders placed by a user, authorization verification and cancellation are not matched with orders and only matched with the product, the total quantity of a residual product is reduced by one, and when the authorization quantity is lower than an alarm value, the authorization server returns alarm information to the production line client so as to remind a client to continuously purchase the product. In addition, the background of the authorization server can also provide a query interface for a user to log in and query the product activation detail information in real time.
And 4, issuing a certificate for equipment verification.
After the authorization server issues the authorization certificate to the production line client, the production line client writes the certificate content of the authorization certificate into the device memory partition to prevent loss. When the equipment is started, the certificate content is read in, the AES is used for decryption to obtain the hardware, the random number information, the equipment type, the authorization deadline and other information of the equipment, and the equipment can be started normally after all the information is verified successfully.
The above embodiment provides a batch software authorization scheme that can be implemented on a production line, which can ensure synchronization between equipment authorization and production and improve production efficiency. The online authorization is carried out in the production line production link, so that the equipment can be enabled normally after leaving the factory, and the user experience is improved. The scheme can ensure that a plurality of companies participating in product research and development share product benefits in a public and transparent manner, all information interaction is completed at the production line client and the authorization server, the authorization flow is concise, the message response is quick, the production efficiency of the production line is ensured, and batch synchronous authorization can be realized. In the implementation process of the embodiment, information transmission is encrypted, and the authorized medium is stored in the device memory partition in a character string manner, so that the risk of hardware loss and damage is avoided. In addition, the production line production link can synchronously receive the product types and the authorization time limit issued by the server, and the production workshop can perform secondary classification on the products according to the authorization time limit, so that the management of a production line supply chain is facilitated.
The present application further provides a terminal device, including:
the fingerprint generation module is used for acquiring authentication information and encrypting the authentication information to obtain a hardware fingerprint;
the fingerprint uploading module is used for determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirements of the terminal equipment and sending the hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints;
and the software authorization module is used for authorizing the target software in the terminal equipment by using the authorization certificate if the authorization certificate is received.
In this embodiment, the terminal device that needs software authorization first acquires the authentication information, obtains the hardware fingerprint by encrypting the authentication information, and sends the hardware fingerprint to the authorization server for information authentication. In this embodiment, an authorization server that needs to interact is determined according to an authorization requirement of a terminal device, and a hardware fingerprint is sent to a plurality of authorization servers, so that the plurality of authorization servers return corresponding authorization certificates, and then a plurality of target software in the terminal device are authorized by using the authorization certificates. The software authorization scheme provided by the embodiment is realized based on information interaction between the terminal equipment and the authorization server, manual participation in the process is not required, and multi-software automatic authorization can be realized.
Further, the fingerprint uploading module includes:
the server determining unit is used for sequencing the authorization servers to obtain a fingerprint sending sequence and determining the current authorization server according to the fingerprint sending sequence;
the fingerprint sending unit is used for sending the hardware fingerprint to a current authorization server;
and the circulating unit is used for determining a new current authorization server according to the fingerprint sending sequence and starting a working process corresponding to the fingerprint sending unit if receiving the authorization certificate returned by the current authorization server.
Further, the software authorization module is used for decrypting the authorization certificate to obtain the certificate content; and the terminal equipment is also used for carrying out information verification on the certificate content and judging that the target software in the terminal equipment is successfully authorized after the verification is successful.
Further, the process of the authorization server returning the authorization certificate according to the hardware fingerprint includes:
decrypting the hardware fingerprint to obtain authentication information, and inquiring order information corresponding to the authentication information;
judging whether the software residual authorization number in the order information is greater than 0;
and if so, generating the authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment.
Further, the method also comprises the following steps:
the data updating module is used for updating the software residual authorization number in the order information after generating the authorization certificate according to the product type and the authorization deadline corresponding to the authentication information; and if the updated residual authorization number of the software is smaller than a preset value, returning prompt information to the terminal equipment.
Further, the authentication information includes a hardware code, a MAC address, a random parameter, and user identity information of the terminal device.
The present application further provides an authorization server, comprising:
the fingerprint receiving module is used for receiving a hardware fingerprint sent by the terminal equipment; the hardware fingerprint is obtained by encrypting authentication information of the terminal equipment;
the order information inquiry module is used for decrypting the hardware fingerprint to obtain authentication information and inquiring the order information corresponding to the authentication information;
the certificate issuing module is used for judging whether the software residual authorization number in the order information is greater than 0; if so, generating an authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment, so that the terminal equipment can authorize the target software by using the authorization certificate.
In this embodiment, the terminal device that needs software authorization first acquires the authentication information, obtains the hardware fingerprint by encrypting the authentication information, and sends the hardware fingerprint to the authorization server for information authentication. And the authorization server returns an authorization certificate after the hardware fingerprint passes the authentication, so that the terminal equipment authorizes the target software in the terminal equipment by using the authorization certificate. The software authorization scheme provided by the embodiment is realized based on information interaction between the terminal equipment and the authorization server, manual participation in the process is not needed, automatic authorization of the terminal equipment can be realized, and software authorization efficiency is improved.
Since the embodiment of the device portion and the embodiment of the method portion correspond to each other, please refer to the description of the embodiment of the method portion for the embodiment of the device portion, which is not repeated here.
The present application also provides a storage medium having a computer program stored thereon, which when executed, may implement the steps provided by the above-described embodiments. The storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Claims (10)
1. A software authorization method is applied to a terminal device and comprises the following steps:
acquiring authentication information of the terminal equipment, and encrypting the authentication information to obtain a hardware fingerprint;
determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirement of the terminal equipment, and sending the hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints;
and if the authorization certificate is received, authorizing the target software in the terminal equipment by using the authorization certificate.
2. The software authorization method according to claim 1, wherein the sending the hardware fingerprint to the plurality of authorization servers comprises:
sequencing a plurality of authorization servers to obtain a fingerprint sending sequence, and determining a current authorization server according to the fingerprint sending sequence;
sending the hardware fingerprint to a current authorization server;
and if an authorization certificate returned by the current authorization server is received, determining a new current authorization server according to the fingerprint sending sequence, and executing the step of sending the hardware fingerprint to the current authorization server.
3. The software authorization method according to claim 1, wherein authorizing the target software in the terminal device by using the authorization certificate comprises:
decrypting the authorization certificate to obtain certificate content;
and carrying out information verification on the certificate content, and judging that the target software in the terminal equipment is successfully authorized after the verification is successful.
4. The software authorization method according to any of claims 1 to 3, characterized in that the process of the authorization server returning the authorization certificate according to the hardware fingerprint comprises:
decrypting the hardware fingerprint to obtain authentication information, and inquiring order information corresponding to the authentication information;
judging whether the software residual authorization number in the order information is greater than 0;
and if so, generating the authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment.
5. The software authorization method according to claim 4, further comprising, after generating the authorization certificate according to the product type and the authorization duration corresponding to the authentication information:
updating the software residual authorization number in the order information;
and if the updated residual authorization number of the software is smaller than a preset value, returning prompt information to the terminal equipment.
6. The software authorization method according to claim 1, characterized in that the authentication information comprises a hardware code, a MAC address, a random parameter and user identity information of the terminal device.
7. A software authorization method is applied to an authorization server and comprises the following steps:
receiving a hardware fingerprint sent by terminal equipment; the hardware fingerprint is obtained by encrypting authentication information of the terminal equipment;
decrypting the hardware fingerprint to obtain authentication information, and inquiring order information corresponding to the authentication information;
judging whether the software residual authorization number in the order information is greater than 0;
if so, generating an authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment, so that the terminal equipment can authorize the target software by using the authorization certificate.
8. A terminal device, comprising:
the fingerprint generation module is used for acquiring authentication information and encrypting the authentication information to obtain a hardware fingerprint;
the fingerprint uploading module is used for determining a plurality of authorization servers corresponding to the terminal equipment according to the authorization requirements of the terminal equipment and sending the hardware fingerprints to the plurality of authorization servers so that the plurality of authorization servers respectively return corresponding authorization certificates according to the hardware fingerprints;
and the software authorization module is used for authorizing the target software in the terminal equipment by using the authorization certificate if the authorization certificate is received.
9. An authorization server, comprising:
the fingerprint receiving module is used for receiving a hardware fingerprint sent by the terminal equipment; the hardware fingerprint is obtained by encrypting authentication information of the terminal equipment;
the order information inquiry module is used for decrypting the hardware fingerprint to obtain authentication information and inquiring the order information corresponding to the authentication information;
the certificate issuing module is used for judging whether the software residual authorization number in the order information is greater than 0; if so, generating an authorization certificate according to the product type and the authorization deadline corresponding to the authentication information, and returning the authorization certificate to the terminal equipment, so that the terminal equipment can authorize the target software by using the authorization certificate.
10. A storage medium having stored thereon computer-executable instructions which, when loaded and executed by a processor, carry out the steps of a software authorization method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011052301.0A CN112149067B (en) | 2020-09-29 | 2020-09-29 | Software authorization method, terminal equipment, authorization server and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011052301.0A CN112149067B (en) | 2020-09-29 | 2020-09-29 | Software authorization method, terminal equipment, authorization server and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112149067A true CN112149067A (en) | 2020-12-29 |
| CN112149067B CN112149067B (en) | 2022-10-18 |
Family
ID=73895296
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011052301.0A Active CN112149067B (en) | 2020-09-29 | 2020-09-29 | Software authorization method, terminal equipment, authorization server and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112149067B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112286553A (en) * | 2020-10-27 | 2021-01-29 | 北京深思数盾科技股份有限公司 | User lock upgrading method, device, system, electronic equipment and storage medium |
| CN113761505A (en) * | 2021-11-09 | 2021-12-07 | 云丁网络技术(北京)有限公司 | Method and equipment for processing information |
| CN115001749A (en) * | 2022-05-05 | 2022-09-02 | 中科创达软件股份有限公司 | Device authorization method, device and medium |
| CN116070178A (en) * | 2023-04-06 | 2023-05-05 | 恒银金融科技股份有限公司 | Software authorization method and system based on mobile terminal code scanning |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104486322A (en) * | 2014-12-10 | 2015-04-01 | 武汉光谷信息技术股份有限公司 | Terminal access authentication authorization method and terminal access authentication authorization system |
| CN111079091A (en) * | 2019-11-21 | 2020-04-28 | 中国民航信息网络股份有限公司 | Software security management method and device, terminal and server |
| CN111708991A (en) * | 2020-06-17 | 2020-09-25 | 腾讯科技(深圳)有限公司 | Service authorization method, service authorization device, computer equipment and storage medium |
-
2020
- 2020-09-29 CN CN202011052301.0A patent/CN112149067B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104486322A (en) * | 2014-12-10 | 2015-04-01 | 武汉光谷信息技术股份有限公司 | Terminal access authentication authorization method and terminal access authentication authorization system |
| CN111079091A (en) * | 2019-11-21 | 2020-04-28 | 中国民航信息网络股份有限公司 | Software security management method and device, terminal and server |
| CN111708991A (en) * | 2020-06-17 | 2020-09-25 | 腾讯科技(深圳)有限公司 | Service authorization method, service authorization device, computer equipment and storage medium |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112286553A (en) * | 2020-10-27 | 2021-01-29 | 北京深思数盾科技股份有限公司 | User lock upgrading method, device, system, electronic equipment and storage medium |
| CN113761505A (en) * | 2021-11-09 | 2021-12-07 | 云丁网络技术(北京)有限公司 | Method and equipment for processing information |
| CN115001749A (en) * | 2022-05-05 | 2022-09-02 | 中科创达软件股份有限公司 | Device authorization method, device and medium |
| CN115001749B (en) * | 2022-05-05 | 2024-02-09 | 中科创达软件股份有限公司 | Equipment authorization method, device, equipment and medium |
| CN116070178A (en) * | 2023-04-06 | 2023-05-05 | 恒银金融科技股份有限公司 | Software authorization method and system based on mobile terminal code scanning |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112149067B (en) | 2022-10-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112149067B (en) | Software authorization method, terminal equipment, authorization server and storage medium | |
| CN109462588B (en) | Decentralized data transaction method and system based on block chain | |
| CN108197891B (en) | Electronic signing device and method based on block chain | |
| CN109961292B (en) | Block chain verification code application method, equipment and storage medium | |
| CN106230784B (en) | Equipment verification method and device | |
| CN100472550C (en) | Method for generating licence and method and apparatus for providing contents using the same | |
| CN111740966B (en) | Data processing method based on block chain network and related equipment | |
| CN112383611B (en) | File evidence storing method and system based on block chain and server | |
| CN110069909B (en) | Method and device for login of third-party system without secret | |
| US8863241B2 (en) | System and method for managing usage rights of software applications | |
| CN111522809A (en) | Data processing method, system and equipment | |
| CN111489164A (en) | Electric power transaction method and device based on Internet of things identification and block chain and electronic equipment | |
| CN108259183B (en) | Attention method, attention device, attention electronic equipment and attention medium | |
| CN114168928B (en) | Method, device, storage medium and system for acquiring identity authentication information | |
| CN108846671B (en) | Online secure transaction method and system based on block chain | |
| WO2019136860A1 (en) | Method, apparatus, electronic device, and medium for determining legitimacy of following | |
| CN111464295B (en) | Bank card making method and device | |
| CN104392150A (en) | Software authorization superposition control device and software authorization superposition control method | |
| CN107241341B (en) | Access control method and device | |
| CN109600354A (en) | Network identity validation System and method for | |
| CN106716401A (en) | Data interaction processing method, device and system | |
| CN112543181B (en) | System and method for authenticating security authentication equipment through network | |
| CN113497827B (en) | Information sharing method and equipment | |
| CN115454362A (en) | Method, device and equipment for realizing remote printing and storage medium | |
| CN111131227B (en) | Data processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |