CN112543166A - Real name login method and device - Google Patents
Real name login method and device Download PDFInfo
- Publication number
- CN112543166A CN112543166A CN201910894390.4A CN201910894390A CN112543166A CN 112543166 A CN112543166 A CN 112543166A CN 201910894390 A CN201910894390 A CN 201910894390A CN 112543166 A CN112543166 A CN 112543166A
- Authority
- CN
- China
- Prior art keywords
- identity
- account
- information
- public key
- real
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a real-name login method and a real-name login device, wherein the method comprises the following steps: receiving a first signal of a first account for requesting to log in to a third-party application system through an application program, wherein the first signal carries a first digital identity public key of the first account; acquiring a first identity certificate corresponding to the first digital identity public key; and acquiring first real name information of the first account from the first identity certificate, and sending a second signal to the application program. By adopting the scheme, before logging in different application systems, a user firstly acquires the identity certificate corresponding to the digital identity public key, decrypts the identity certificate to acquire the plaintext of the real-name information, and then logs in a third-party application system by using the real-name information, so that the efficiency of real-name authentication is accelerated, the intercommunication, mutual trust and mutual recognition of the digital identities among platforms and systems are realized, and the problem that the logging in different systems is time-consuming and labor-consuming in a real-name authentication mode in the related technology is solved.
Description
Technical Field
The present application relates to but not limited to the field of blockchains, and in particular, to a method and an apparatus for real-name login.
Background
In the related technology, the existing digital identity is generally realized based on the Oauth technology, each area, department and system respectively builds an identity system, each identity system is independent and not communicated with each other, the identity systems need to establish a complex identity account mapping relation to achieve mutual authentication and mutual trust, and once the number of account systems needing to be communicated is large, time and labor are wasted, which is very difficult.
Aiming at the problem that logging in different systems in the related art in a real-name authentication mode wastes time and labor, no effective solution is available at present.
Disclosure of Invention
The embodiment of the application provides a method, a device, a method and a device for real-name login, and aims to at least solve the problem that logging in different systems in a real-name authentication mode in the related art wastes time and labor.
According to another embodiment of the present application, there is also provided a method for real name login, including: receiving a first signal of a first account for requesting to log in to a third-party application system through an application program, wherein the first signal carries a first digital identity public key of the first account; acquiring a first identity certificate corresponding to the first digital identity public key; acquiring first real name information of the first account from the first identity certificate, and sending a second signal to the application program, wherein the second signal comprises: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
According to another embodiment of the present application, there is also provided a mobile terminal including: the application program is used for receiving request information of a first account request for logging in a third-party application system, wherein the request information carries account information of the first account or a first digital identity public key; the trusted identity component is used for receiving a first signal of a first account request for logging in a third-party application system through the application program, wherein the first signal carries a first digital identity public key of the first account; and for obtaining a first identity credential corresponding to the first digital identity public key; the first identity certificate is also used for acquiring first real name information of the first account; and a second signal for sending to the application, wherein the second signal comprises: a first digital identity public key of the first account number, first real name information of the first account number, and a first signature of a first digital identity private key of the first account number; the application program is further configured to receive the second signal and send the second signal to the third-party application system, where the first digital identity public key in the second signal is used for verifying the first signature by the third-party application system.
According to another embodiment of the present application, there is also provided a method for real-name login to a third-party application system, including: the third-party application system receives a second signal transmitted by an application program, wherein the second signal comprises: a first digital identity public key of a first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account, wherein the first account is an account for logging in the application program; and verifying the first signature by adopting the first digital identity public key, and logging in the third-party application system by using the real name information of the first account after the first signature passes the verification.
According to another embodiment of the present application, there is also provided an apparatus for real name login, including: the system comprises a first receiving module, a second receiving module and a third party application system, wherein the first receiving module is used for receiving a first signal that a first account is used for requesting to log in to the third party application system through an application program, and the first signal carries a first digital identity public key of the first account; a first obtaining module, configured to obtain a first identity credential corresponding to the first digital identity public key; a first sending module, configured to obtain first real name information of the first account from the first identity credential, and send a second signal to the application program, where the second signal includes: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
According to another embodiment of the present application, there is also provided an apparatus for logging in a third party application system with a real name, which is applied to the third party application system, and includes: a second receiving module, configured to receive a second signal transmitted by an application program, where the second signal includes: a first digital identity public key of a first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account, wherein the first account is an account of the application program; and the verification module is used for verifying the first signature by adopting the first digital identity public key and logging in the third-party application system by using the real name information of the first account after the first signature passes verification.
According to a further embodiment of the present application, there is also provided a storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
According to yet another embodiment of the present application, there is also provided an electronic device, comprising a memory in which a computer program is stored and a processor arranged to run the computer program to perform the steps of any of the above method embodiments.
According to the method, a first signal that a first account is used for requesting to log in to a third-party application system through an application program is received, wherein the first signal carries a first digital identity public key of the first account; acquiring a first identity certificate corresponding to the first digital identity public key; acquiring first real name information of the first account from the first identity certificate, and sending a second signal to the application program, wherein the second signal comprises: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification. By adopting the scheme, before logging in different application systems, a user firstly acquires the identity certificate corresponding to the digital identity public key, decrypts the identity certificate to acquire the plaintext of the real-name information, and then logs in a third-party application system by using the real-name information, so that the efficiency of real-name authentication is accelerated, the intercommunication, mutual trust and mutual recognition of the digital identities among platforms and systems are realized, and the problem that the logging in different systems is time-consuming and labor-consuming in a real-name authentication mode in the related technology is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a block diagram of a hardware structure of a mobile terminal according to a method for real-name login in an embodiment of the present application;
FIG. 2 is a flow diagram of a method of real name entry according to an embodiment of the present application;
fig. 3 is a schematic diagram of an overall structure of a real-name authentication system according to an embodiment of the present application;
FIG. 4 is a schematic illustration of real-name information sharing across platforms according to another example of the present application;
fig. 5 is a flow chart of trusted identity platform digital identity initialization and real-name identity information sharing according to another example of the present application.
Detailed Description
The present application will be described in detail below with reference to the accompanying drawings in conjunction with embodiments. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
Example one
The method provided by the first embodiment of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Taking a mobile terminal as an example, fig. 1 is a hardware structure block diagram of a mobile terminal of a method for real-name login according to an embodiment of the present application, and as shown in fig. 1, the mobile terminal may include one or more processors 102 (only one is shown in fig. 1) (the processor 102 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA), and a memory 104 for storing data, and optionally, the mobile terminal may further include a transmission device 106 for communication function and an input/output device 108. It will be understood by those skilled in the art that the structure shown in fig. 1 is only an illustration, and does not limit the structure of the mobile terminal. For example, the mobile terminal may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The memory 104 may be used to store software programs and modules of application software, such as program instructions/modules corresponding to the method of real name login in the embodiment of the present application, and the processor 102 executes various functional applications and data processing by running the software programs and modules stored in the memory 104, so as to implement the method described above. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the mobile terminal over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 106 is used for receiving or transmitting data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the mobile terminal. In one example, the transmission device 106 includes a Network adapter (NIC) that can be connected to other Network devices through a base station to communicate with the internet. In one example, the transmission device 106 can be a Radio Frequency (RF) module, which is used to communicate with the internet in a wireless manner.
In this embodiment, a method for real-name login operating in the mobile terminal is provided, and fig. 2 is a flowchart of the method for real-name login according to the embodiment of the present application, and as shown in fig. 2, the flowchart includes the following steps:
step S202, receiving a first signal that a first account is used for requesting to log in to a third-party application system through an application program, wherein the first signal carries a first digital identity public key of the first account;
step S204, acquiring a first identity certificate corresponding to the first digital identity public key;
step S206, obtaining first real name information of the first account from the first identity credential, and sending a second signal to the application program, where the second signal includes: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
By adopting the scheme, before logging in different application systems, a user firstly acquires the identity certificate corresponding to the digital identity public key, decrypts the identity certificate to acquire the plaintext of real-name information, and then logs in a third-party application system by using the real-name information, so that the efficiency of real-name authentication is accelerated, the intercommunication, mutual trust and mutual authentication of digital identities among platforms and systems are realized, and the problem that the logging in different systems is time-consuming and labor-consuming in a real-name authentication mode in the related technology is solved.
Optionally, receiving a first signal that the first account requests to log in to the third-party application system through the application program includes: the first signal is used for requesting to log in to the application program, and the application program triggers the request for logging in to the third-party application system.
Optionally, before acquiring a first identity credential corresponding to the first digital identity public key, initiating login authorization verification for the first account, receiving first identity information input by the first account, and verifying whether the first identity information matches local identity information, where the local identity information is pre-stored identity information corresponding to the first digital identity public key.
Optionally, initiating a login authorization verification for the first account, receiving first identity information input by the first account, and verifying whether the first identity information matches local identity information, includes: acquiring a local identity authentication model corresponding to the first digital identity public key from a locally stored digital identity list, wherein the local identity authentication model stores the local identity information; initiating a login authorization validation for the first account using the local authentication model; receiving the first identity information input by the first account, and verifying whether the first identity information is matched with the local identity information, wherein the first identity information at least comprises one of the following information: face identification information, iris information, fingerprint information, and PIN information.
Optionally, after detecting that the first identity information matches the local identity information, the local identity identifier generates a first identity identifier login token for the first account, and submits the first digital identity public key and the first identity identifier login token to the digital identity identifier.
Optionally, obtaining the first identity credential corresponding to the first digital identity public key includes one of: when detecting that a local identity certificate corresponding to the first digital identity public key is locally stored, taking the local identity certificate as the first identity certificate; and when detecting that a local identity certificate corresponding to the first digital identity public key is not stored locally, acquiring a first identity certificate corresponding to the first digital identity public key from a blockchain network, wherein the identity certificates of different account numbers are stored in nodes in the blockchain network.
Optionally, when it is detected that a local identity credential corresponding to the first digital identity public key is not locally stored, acquiring a first identity credential corresponding to the first digital identity public key from a blockchain network, including: transmitting the following request information to the blockchain network: the first digital identity public key, the timestamp and a second signature of a first digital identity private key of the first account number; and receiving a first identity certificate corresponding to the first digital identity public key returned by the blockchain network. The signature algorithm of the second signature of the first digital identity private key of the first account may be any hash algorithm, preferably SM3, and the second signature is obtained by hash-encrypting the timestamp with the first digital identity private key. The real-name information on which the identity document is based may originate from a real-name authentication center, such as a bank, a public security database, etc. in the related art.
Optionally, obtaining first real name information of the first account from the first identity credential includes: transmitting the first identity certificate to a digital identity certificate discriminator by an identity certificate discriminator for decryption to acquire a plaintext of the first real-name information, wherein the first identity certificate is acquired by encrypting the plaintext of the first real-name information in advance; the digital identity certificate authenticator signs the first real-name information plaintext by using a first digital identity private key of the first account to obtain a first signature of the first digital identity private key of the first account, and encrypts the first real-name information plaintext by using a public key of the third-party application system to form first real-name information; and the identity certificate authenticator receives the signature and the first real-name information sent by the digital identity authenticator.
Optionally, after sending a second signal to the application program, the application program sends the second signal to the third-party application system, where the third-party application system verifies that the first digital identity public key in the second signal passes, and after verifying the first signature, decrypts the first real-name information using a private key of the third-party application system to obtain a plaintext of the first real-name information.
Optionally, the first identity credential stores the following information: the hash value of the plaintext of the first real-name information and the storage address of the plaintext of the first real-name information; or, a ciphertext obtained by encrypting the first real-name information plaintext by using the first digital identity public key is stored in the first identity certificate.
According to another embodiment of the present application, there is also provided a method for real-name login to a third-party application system, including:
step one, a third-party application system receives a second signal transmitted by an application program, wherein the second signal comprises: a first digital identity public key of a first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account, wherein the first account is an account for logging in the application program;
and step two, the first signature is verified by adopting the first digital identity public key, and after the first signature passes the verification, the third-party application system is logged in by using the real name information of the first account.
By adopting the scheme, the third-party application system receives the second signal transmitted by the application program, then verifies the information carried in the second signal, and after the verification is passed, the third-party application system is logged in by the real-name information, so that the problem of low security when the application program logs in the third-party application system is solved, and the system security is greatly improved by verifying the first digital identity public key and the signature.
Optionally, and after passing the above verification, establishing a session with the application using the first real-name information, including: and decrypting the first real-name information by using a private key of the third-party application system to obtain a first real-name information plaintext, and establishing a session with the application program according to the first real-name information plaintext.
Optionally, before a third-party application system receives a second signal transmitted by an application program, the third-party application system registers to the blockchain network; the third-party application system initiates a registration request signal to the application program for establishing connection with the application program, wherein the registration request signal includes: the login address of the third-party application system and the public key of the third-party application system. By adopting the scheme, the third-party application system is registered in the blockchain network, the registration information can comprise information of an organization mechanism where the application system is located and the like, and the third-party application system is also registered in the application program, so that the third-party application system can be ensured to log in the third-party application system through the application program.
Optionally, the third party application system registers with the blockchain network through the second block, including: the third party application system is registered to a blockchain network, comprising: the third-party application system transmits authentication data to the blockchain network, wherein the blockchain network generates a uplink certificate and transmits an uplink public notice after the authentication data passes authentication, and the uplink certificate comprises: the certificate generation time, the certificate version number, the encryption and decryption algorithm identification and the organization identity information. The uplink certificate is an identity certificate of a third-party application system.
The following description is made in conjunction with another embodiment of the present application.
Fig. 3 is a schematic diagram of an overall structure of a real-name authentication system according to an embodiment of the present application, and as shown in fig. 3, a block chain and asymmetric encryption technology are used by a block chain-based trusted identity authentication platform to implement intercommunication, mutual trust, and mutual authentication of digital identities between each platform and each system. As shown in fig. 3, the block chain-based trusted identity authentication platform includes: the system comprises a trusted identity component provided for an application program APP terminal, a trusted identity application component provided for a third-party application system, a real-name authentication center, a block chain trusted identity authentication service and a block chain network.
APP integrated trusted identity components (such as trusted identity SDK), functions including: the method comprises the steps of digital identity generation management, a digital identity transmission protocol, local identity right confirming management, identity authorization management, material authorization management, real-name authentication and digital identity storage backup. The digital identity generation management is that a key pair is generated by adopting an asymmetric encryption algorithm during real-name authentication, for example, common asymmetric encryption algorithms such as SM2 and ECC are supported, a digital identity file is generated according to a specific file format and is safely stored in a client; the local identity right-confirming management comprises the steps of integrating local identity authentication means such as living face identification, iris identification, fingerprint identification, local PIN code and the like, finishing the binding of a user digital identity and a user local identity authentication mode, finishing authentication by adopting human body characteristics and realizing the login without an account number and a password; material authorization management includes the updating, usage management and maintenance of the user's identity credentials. The digital identity transmission protocol comprises the steps of interacting with a block chain credible identity authentication service, and performing real-name information authentication, updating and maintenance; the identity authorization management comprises the steps of providing a digital identity local identity authentication login interface, calling the APP account module when logging in, and logging in the digital identity.
The third-party application system comprises an application account management system, a real-name authentication and trusted identity application component. Wherein, the trusted identity application component functions include: digital identity generation management, digital identity transmission protocol, application identity certificate management and user identity certificate generation. The trusted identity application component is an application package which is provided for a third-party application system to access a block chain-based trusted identity authentication platform. And providing digital identity management, third-party application system identity certificate management, digital identity and identity certificate validity verification, a real-name authentication function interface and a user identity certificate generation, release and uplink for a third-party application system. The trusted identity application component encapsulates a standard block chain network API (application program interface), shields a block chain technology for a third-party application system, reduces the complexity of accessing the third-party application system, and enables the third-party application system to be integrated quickly. And the trusted identity application component interacts with the real-name authentication center to finish the real-name authentication of the user, generates a user identity certificate by the trusted identity application component, and releases the uplink through the block chain network API. Specifically, the trusted identity application component interacts with the block chain trusted identity authentication service through the API interface of the block chain network, performs uplink publicity on the generated user identity credential information, and performs user identity information authentication through the block chain network.
The real-name authentication center integrates an industry-recognized authentication source and is used for providing real-name authentication service, and the real-name authentication channel aggregation comprises public security identity card authentication, public security face recognition authentication, bank card authentication, corporate authentication and the like, so that the user real-name authentication service is provided for a third-party application system. Industry-recognized and authoritative authentication sources are the basis for identity information sharing, mutual authentication and mutual trust.
The block chain trusted identity authentication service is used for providing identity information authentication service for the APP and the third-party application system. The block chain trusted identity authentication comprises trusted identity authentication management and trusted identity block chain read-write, a standard block chain network API interface is packaged by an application program integrated trusted identity component and a third-party application system integrated trusted identity application component, the application program integrated trusted identity component and the third-party application system integrated trusted identity application component can access a block chain network through a block chain trusted identity authentication service, and the third-party application system uploads or obtains a user identity certificate to or from the block chain network through the block chain trusted identity authentication service; the application obtains a user identity credential or a third party application identity credential from the blockchain network through a blockchain trusted identity authentication service.
The blockchain network creates a voucher ledger for storing and disclosing identity vouchers. The block chain network only receives a read-write chain request of the block chain credible identity authentication service, and controls the block chain data security sharing application through the block chain credible identity authentication service.
The scheme of the embodiment relates to a block chain technology and an asymmetric encryption technology (supporting common encryption algorithms such as SM2 and ECC), wherein the asymmetric encryption technology generates a public and private key pair, a public key and a private key generate a digital identity file according to a special format, and the public key is used as a user account unified identifier; the public key is bound with the user real-name information during real-name authentication, and the real-name identity information is linked and publicized and shared.
A trusted identity authentication system based on a block chain platform adopts a digital identity + real-name identity certificate mode, digital identity information (a special file formed by a public and private key pair) is safely stored in a client, and safe backup and recovery can be performed at a far end (such as a server, a cloud disk and the like) according to the user intention; the real-name identity certificate is published in the block chain network and used for real-name information sharing and identity verification. Wherein, real name identity voucher includes: the real-name information is encrypted by a digital identity public key of a user to obtain ciphertext, digital identity public key information of the user, authentication mode information, a public key of a user identity authentication system, a signature of the user identity authentication system and the like; alternatively, the real-name identity credentials include: the real-name information hash, the real-name information storage address, the user digital identity public key information, the authentication mode information, the user identity authentication system public key, the user identity authentication system signature and the like. The authentication mode information includes but is not limited to a public security identity authentication mode, a public security face recognition authentication mode, a bank card authentication mode, an industrial and commercial person authentication mode and the like; the public key of the user identity authentication system is a public key of a third-party application system which authenticates the real-name information of the user and issues the user identity certificate; the signature of the user identity authentication system is signature information obtained by carrying out Hash encryption on other information except the user digital identity public key information and the user identity authentication system public key in the real-name identity certificate by using a private key of a third-party application system which authenticates the user real-name information and issues the user identity certificate.
Optionally, the first scheme of storing the identity credential JSON of the user is as follows: the user real-name information is stored in the real-name identity certificate for sharing by encrypting the user digital identity public key.
Or, the identity credential of the user is stored in a JSON mode according to a scheme II: the identity certificate stores a user real-name information HASH value and a user real-name information storage address, the client application program obtains the real-name information through a safety means, and the third-party application system verifies the user real-name information through the real-name identity certificate.
The embodiment aims to achieve the purpose of mutual authentication and mutual authentication of identity information among platforms, the mutual authentication and mutual authentication are firstly real-name authentication sources to be approved by people, and public security identity card authentication, public security face identification authentication, bank card authentication, corporate law worker authentication and the like provided by a real-name authentication center are authoritative and credible authentication sources, so that the authority and the credibility of identity data are ensured. And secondly, sharing and storing the identity information through an effective public key encryption and a block chain distribution technology, and ensuring the sharing safety of the identity information by utilizing the anti-tampering characteristic of the block chain.
Fig. 4 is a schematic diagram of cross-platform sharing of real-name information according to another example of the present application, as shown in fig. 4, a trusted identity authentication platform binds each application account with user real-name information through a user digital identity (a special format file formed by a public and private key) by using cryptography and a real-name authentication technology, the real-name identity information is encrypted by using a digital identity public key, and the real-name identity information is shared by using a block chain distributed database characteristic; the digital identity file is independently kept by a user, and the user can share real name information of the user by importing the digital identity into different terminals such as APP (application) programs and the like.
Fig. 5 is a flowchart of a trusted identity platform digital identity initialization and real-name identity information sharing process according to another example of the present application, as shown in fig. 5, including the following steps:
step 1, a user opens an APP, triggers a login function of an APP account module, and realizes login of a first account to an APP application program, wherein the login process can be an APP account login process in the related technology, and the following process is realized by a trusted identity component integrated by the APP application program;
step 2, triggering a local digital identity login API provided by the trusted identity component by the APP, and supporting a login mode of a first account digital identity (digital identity public key);
step 3, after receiving the application program login request, the local identity identifier acquires the last login digital identity information from the bound identity list or the digital identity information logged in according to the APP request, and acquires a local identity identification model supported by the digital identity information from the local digital identity list;
step 4, initializing an identity authentication model according to the local identity authentication model, and displaying the identity authentication model to the first account for authorized login;
step 5, the first account completes login authorization through a living face, an iris, a fingerprint, a PIN code and the like;
and 6, after the authorization of the first account is finished, the local identity identifier generates a first identity identification login token, and the local identity identifier submits the first digital identity public key and the first identity identification login token to the digital identity identifier to initialize the digital identity. The digital identity authentication device is used for verifying the first digital identity public key, initializing the digital identity, and providing the digital identity functions of encryption, decryption, signature verification and the like for other components.
And 7, the local identity certificate identifier submits the first digital identity public key to the identity certificate identifier, so that the identity certificate identifier can acquire the first identity certificate corresponding to the first digital identity public key according to the first digital identity public key.
And 8, the identity certificate discriminator loads the first identity certificate according to the first digital identity public key. When detecting that a local identity certificate corresponding to the first digital identity public key is locally stored (the local identity certificate is locally stored as long as the local identity certificate is logged in), taking the local identity certificate as the first identity certificate; when detecting that the local identity certificate corresponding to the first digital identity public key is not stored locally, the first identity certificate is obtained in step 9.
And 9, when detecting that a local identity certificate corresponding to the first digital identity public key is not stored locally, acquiring a first identity certificate corresponding to the first digital identity public key from a blockchain network by an identity certificate discriminator, wherein the identity certificates of different account numbers are stored in nodes in the blockchain network. Specifically, the identity certificate discriminator obtains the first identity certificate on the blockchain network through the trusted identity certificate service, and the request information includes: the signature algorithm of the second signature of the first digital identity private key can be any hash algorithm, preferably SM3, and the second signature is obtained by hash-encrypting the timestamp with the first digital identity private key. And the trusted identity authentication service verifies the second signature according to the first digital identity public key, and acquires the identity certificate from the blockchain network by using the first digital identity public key after the verification is passed. The trusted identity card service returns the first identity credential to the identity credential authenticator.
Preferably, when it is detected that a local identity credential corresponding to the first digital identity public key is locally stored, the identity credential authenticator may retrieve the first identity credential from the blockchain network through the trusted identity authentication service to verify the validity of the local identity credential. The identity certificate discriminator verifies the validity of the local identity certificate by comparing the local identity certificate with a private key signature value of the identity certificate obtained on the blockchain, wherein the private key signature value is applied with identity authentication.
Step 10, acquiring real-name information, wherein the identity certificate discriminator hands the first identity certificate to the digital identity discriminator to decrypt the real-name information, acquiring a first real-name information plaintext, signing the first real-name information plaintext by using a first digital identity private key to obtain a first signature of the first digital identity private key, encrypting the first real-name information plaintext by using a public key of a third-party application system to obtain first real-name information, and finally returning the first real-name information and the first signature to the identity certificate discriminator;
the identity certificate authenticator sends the first digital identity public key of the first account, the first real name information of the first account and the first signature of the first digital identity private key of the first account to the local identity authenticator.
Step 11, digital identity login, where the APP application acquires a digital identity login request parameter from its integrated trusted identity component, and submits the digital identity login request to the third-party application system, where the request parameter (i.e. the second signal) includes: the system comprises a first digital identity public key, first real name information and a first signature;
and step 12, the third-party application system receives the login request parameters, delivers the login request parameters to a trusted identity application component integrated with the third-party application system, performs digital identity verification, signature verification and first real name information decryption on the login user to obtain real name information plaintext, the signature verification is completed by returning the login state and session information of the first account of the application program, at this time, the first account logs in the third-party application system by the real name information, and the application system can generate the session information to perform service initialization.
Specifically, the third-party application system receives the login request of the APP, and firstly obtains an identity certificate corresponding to the first digital identity public key from the blockchain network through the trusted identity authentication service, so that the validity of the first identity certificate is verified; if the first identity certificate is legal, namely the user identity is legal, verifying the first signature; after the first signature is verified to be legal, decrypting the first real-name information through a private key of a third-party application system; the decrypted first real-name information plaintext is encrypted by adopting a first digital identity public key and then is compared with the real-name information contained in the first identity certificate for verification; after the verification is completed, the third-party application system starts service initialization, generates session information of the third-party application system, and processes the service request of the first account at this time.
From the above digital identity login process, the user logs in the third-party application program with real-name information through the application program, and the following work needs to be completed, including the following processes:
step 1, the APP terminal calls an integrated trusted identity component to complete the initialization of the digital identity and the initialization of an identity certificate of a first account of a user and provide the generation of real-name information login parameters.
And 2, the third-party application system needs to integrate the trusted identity application component to complete the digital identity verification of the first account, signature verification, information encryption and decryption, service of the third-party application system and the like.
The APP in the related art is generally an application integration framework, and provides basic capability, and integrates application services based on the basic capability. The credible identity authentication platform not only authenticates the identity of the user using the application program, but also authenticates the participating organization and a third-party application system, issues digital identities, generates identity authentication certificates and the like. In the trusted identity authentication platform, all participants use legal digital identities and identity certificates as the basis of interactive authentication.
According to another example of the present application, a login process of a third-party application system based on a trusted identity authentication platform is further provided, which includes the following steps:
step 1, a third-party application system registers to a blockchain network. Specifically, the third-party application system firstly performs registration authentication on the trusted identity authentication service of the trusted identity authentication platform, and the registration information includes: organization/organization information (organization/organization social unified social credit code, organization information name) of the third-party application system, information (application system name, application system public key, application system description, application system real-name level requirement, application system real-name information requirement, application system description) of the third-party application system and the like. After the verification and the authentication are carried out by an administrator of a real-name application system of the credible identity authentication platform, an identity certificate uplink public notice of a third-party application system is generated; the identity credential information of the third-party application system comprises: the identity certificate generation timestamp, the identity certificate version number, the encryption and decryption algorithm identification, the identity information of the organization where the third-party application system is located and the like;
step 2, the third party application system initiates a registration request signal to an application program for establishing connection with the application program, wherein the registration request signal includes: the login address of the third-party application system and the public key of the third-party application system. Specifically, a specific entrance of the third-party application system is displayed on the APP for a user to perform a third-party application system service application operation, and the third-party application system provides an entrance address (login address) of the third-party application system and a public key of the third-party application system to the APP application program; the entry address is used as a third-party application system login callback, and the public key of the third-party application system is used as a third-party application system identifier and is used when the third-party application system validity is verified and the request parameter is encrypted;
step 3, the user clicks the third-party application system entrance to authorize the login of the third-party application system;
step 4, initializing the parameters of the third-party application system;
specifically, the trusted identity component of the APP submits the public key of the third-party application to the block chain trusted identity authentication service, and authenticates the validity of the third-party application system. The third-party application system legality is that a third-party application system identity certificate corresponding to a third-party application system public key is searched from a blockchain network through a blockchain trusted identity certificate service, if the third-party application system identity certificate exists and the authentication state is available, the third-party application system identity certificate is legal, and the third-party application system completes initialization of parameters of an application program. And then, the user can log in the third-party application system by real-name information through the application program by adopting the method, which is not described herein any more.
By adopting the scheme, the whole process can be seen that the digital identity and the real-name information are universal on each platform, only the application program and the application system are required to integrate the trusted identity (application) component to generate the digital identities of the user and the application system, the digital identity and the identity certificate authentication is completed on the trusted identity authentication platform, the integrity and the safety of the authentication information are ensured through the block chain, and the authentication information is shared through the distributed data.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present application.
Example two
In this embodiment, a device for real-name login is further provided, and the device is used to implement the foregoing embodiments and preferred embodiments, which have already been described and are not described again. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
According to another embodiment of the present application, there is also provided an apparatus for real name login, including:
the system comprises a first receiving module, a second receiving module and a third party application system, wherein the first receiving module is used for receiving a first signal that a first account is used for requesting to log in to the third party application system through an application program, and the first signal carries a first digital identity public key of the first account;
a first obtaining module, configured to obtain a first identity credential corresponding to the first digital identity public key;
a first sending module, configured to obtain first real name information of the first account from the first identity credential, and send a second signal to the application program, where the second signal includes: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
Optionally, the first signal is used to request login to the application program, and the application program triggers the request to login to the third-party application system.
Optionally, the first obtaining module further includes a local identity identifier, configured to initiate login authorization verification for the first account before obtaining a first identity credential corresponding to the first digital identity public key, receive first identity information input by the first account, and verify whether the first identity information matches local identity information, where the local identity information is identity information that is pre-stored and corresponds to the first digital identity public key.
Optionally, the local identity identifier is further configured to obtain a local identity identifier model corresponding to the first digital identity public key from a locally stored digital identity list, where the local identity identifier model stores the local identity information; initiating a login authorization validation for the first account using the local authentication model; and the system is used for receiving the first identity information input by the first account and verifying whether the first identity information is matched with the local identity information, wherein the first identity information at least comprises one of the following information: face identification information, iris information, fingerprint information, and PIN information.
Optionally, the first obtaining module further includes a digital identity identifier, and after detecting that the first identity information matches with the local identity information, the local identity identifier generates a first identity authentication login token of the first account, and submits the first digital identity public key and the first identity authentication login token to the digital identity identifier.
Optionally, the first obtaining module further includes an identity credential discriminator, where the identity credential discriminator is configured to use a local identity credential as the first identity credential when detecting that a local identity credential corresponding to the first digital identity public key is locally stored; or, the method is configured to acquire, when it is detected that a local identity credential corresponding to the first digital identity public key is not locally stored, a first identity credential corresponding to the first digital identity public key from a blockchain network, where nodes in the blockchain network store identity credentials of different accounts.
Optionally, the identity credential authenticator is further configured to transmit the following request information to the blockchain network: the first digital identity public key, the timestamp and a second signature of a first digital identity private key of the first account number; and receiving a first identity certificate corresponding to the first digital identity public key returned by the blockchain network.
Optionally, the first obtaining module is configured to obtain first real name information of the first account from the first identity credential, and includes: transmitting the first identity certificate to a digital identity certificate discriminator by an identity certificate discriminator for decryption to acquire a plaintext of the first real-name information, wherein the first identity certificate is acquired by encrypting the plaintext of the first real-name information in advance; the digital identity certificate authenticator signs the first real-name information plaintext by using a first digital identity private key of the first account to obtain a first signature of the first digital identity private key of the first account, and encrypts the first real-name information plaintext by using a public key of the third-party application system to form first real-name information; and the identity certificate authenticator receives the signature and the first real-name information sent by the digital identity authenticator.
Optionally, after the first sending module sends the second signal to the application program, the application program sends the second signal to the third-party application system, where the third-party application system verifies that the first digital identity public key in the second signal passes, and after the signature is verified, the ciphertext is decrypted by using the private key of the third-party application system to obtain the plaintext of the first real name information.
Optionally, the first identity credential stores the following information: the hash value of the plaintext of the first real-name information and the storage address of the plaintext of the first real-name information; or, a ciphertext obtained by encrypting the first real-name information plaintext by using the first digital identity public key is stored in the first identity certificate.
According to another embodiment of the present application, there is also provided an apparatus for logging in a third party application system with a real name, which is applied to the third party application system, and includes:
a second receiving module, configured to receive a second signal transmitted by an application program, where the second signal includes: a first digital identity public key of a first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account, wherein the first account is an account of the application program;
and the verification module is used for verifying the first signature by adopting the first digital identity public key and logging in the third-party application system by using the real name information of the first account after the first signature passes verification.
Optionally, the verification module is further configured to decrypt the first real-name information by using a private key of the third-party application system to obtain a first real-name information plaintext, and establish a session with the application program according to the first real-name information plaintext.
Optionally, the second receiving module is further configured to register to a blockchain network; the third-party application system initiates a registration request signal to the application program for establishing connection with the application program, wherein the registration request signal includes: the login address of the third-party application system and the public key of the third-party application system.
Optionally, the second receiving module is further configured to transmit authentication data to the blockchain network, where the blockchain network generates a uplink credential and uplink a public transport after the authentication data passes authentication, where the uplink credential includes: the certificate generation time, the certificate version number, the encryption and decryption algorithm identification and the organization identity information.
It should be noted that, the above modules may be implemented by software or hardware, and for the latter, the following may be implemented, but not limited to: the modules are all positioned in the same processor; alternatively, the modules are respectively located in different processors in any combination.
EXAMPLE III
According to another embodiment of the present application, there is also provided a mobile terminal including:
the application program is used for receiving request information of a first account request for logging in a third-party application system, wherein the request information carries account information of the first account or a first digital identity public key;
the trusted identity component is used for receiving a first signal of a first account request for logging in a third-party application system through the application program, wherein the first signal carries a first digital identity public key of the first account; and for obtaining a first identity credential corresponding to the first digital identity public key; the first identity certificate is also used for acquiring first real name information of the first account; and a second signal for sending to the application, wherein the second signal comprises: a first digital identity public key of the first account number, first real name information of the first account number, and a first signature of a first digital identity private key of the first account number;
the application program is further configured to receive the second signal and send the second signal to the third-party application system, where the first digital identity public key in the second signal is used for verifying the first signature by the third-party application system.
Example four
Embodiments of the present application also provide a storage medium. Alternatively, in the present embodiment, the storage medium may be configured to store program codes for performing the following steps:
s1, receiving a first signal that a first account is used for requesting to log in to a third-party application system through an application program, wherein the first signal carries a first digital identity public key of the first account;
s2, acquiring a first identity certificate corresponding to the first digital identity public key;
s3, obtaining first real name information of the first account from the first identity credential, and sending a second signal to the application program, where the second signal includes: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
Optionally, in this embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
Embodiments of the present application further provide an electronic device comprising a memory having a computer program stored therein and a processor configured to execute the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
s1, receiving a first signal that a first account is used for requesting to log in to a third-party application system through an application program, wherein the first signal carries a first digital identity public key of the first account;
s2, acquiring a first identity certificate corresponding to the first digital identity public key;
s3, obtaining first real name information of the first account from the first identity credential, and sending a second signal to the application program, where the second signal includes: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
It will be apparent to those skilled in the art that the modules or steps of the present application described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present application is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (17)
1. A method for real-name login is characterized by comprising the following steps:
receiving a first signal of a first account for requesting to log in to a third-party application system through an application program, wherein the first signal carries a first digital identity public key of the first account;
acquiring a first identity certificate corresponding to the first digital identity public key;
acquiring first real name information of the first account from the first identity certificate, and sending a second signal to the application program, wherein the second signal comprises: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
2. The method of claim 1, wherein receiving a first signal that a first account is used to request login to a third party application system via an application program comprises:
the first signal is used for requesting to log in to the application program, and the application program triggers the request for logging in to the third-party application system.
3. The method of claim 1, wherein prior to obtaining the first identity credential corresponding to the first digital identity public key, the method further comprises:
and initiating login authorization verification on the first account, receiving first identity information input by the first account, and verifying whether the first identity information is matched with local identity information, wherein the local identity information is prestored identity information corresponding to the first digital identity public key.
4. The method of claim 3, wherein initiating a login authorization verification for the first account, receiving the first identity information entered by the first account, verifying whether the first identity information matches local identity information, comprises:
acquiring a local identity authentication model corresponding to the first digital identity public key from a locally stored digital identity list, wherein the local identity authentication model stores the local identity information;
initiating a login authorization validation for the first account using the local authentication model;
receiving the first identity information input by the first account, and verifying whether the first identity information is matched with the local identity information, wherein the first identity information at least comprises one of the following information: face identification information, iris information, fingerprint information, and PIN information.
5. The method of claim 4, wherein upon detecting that the first identity information matches the local identity information, the method further comprises:
and generating a first authentication login token of the first account by a local identity authenticator, and submitting the first digital identity public key and the first authentication login token to the digital identity authenticator.
6. The method of claim 1, wherein obtaining the first identity credential corresponding to the first digital identity public key comprises one of:
when detecting that a local identity certificate corresponding to the first digital identity public key is locally stored, taking the local identity certificate as the first identity certificate;
and when detecting that a local identity certificate corresponding to the first digital identity public key is not stored locally, acquiring a first identity certificate corresponding to the first digital identity public key from a blockchain network, wherein the identity certificates of different account numbers are stored in nodes in the blockchain network.
7. The method of claim 6, wherein upon detecting that no local identity credentials corresponding to the first digital identity public key are stored locally, obtaining a first identity credential corresponding to the first digital identity public key from a blockchain network comprises:
transmitting the following request information to the blockchain network: the first digital identity public key, the timestamp and a second signature of a first digital identity private key of the first account number; and receiving a first identity certificate corresponding to the first digital identity public key returned by the blockchain network.
8. The method of claim 1, wherein obtaining the first real name information of the first account from the first identity credential comprises:
transmitting the first identity certificate to a digital identity certificate discriminator by an identity certificate discriminator for decryption to acquire a plaintext of the first real-name information, wherein the first identity certificate is acquired by encrypting the plaintext of the first real-name information in advance;
the digital identity certificate authenticator signs the first real-name information plaintext by using a first digital identity private key of the first account to obtain a first signature of the first digital identity private key of the first account, and encrypts the first real-name information plaintext by using a public key of the third-party application system to form first real-name information;
and the identity certificate authenticator receives the signature and the first real-name information sent by the digital identity authenticator.
9. The method according to any one of claims 1 to 8,
the first identity credential stores the following information: the hash value of the plaintext of the first real-name information and the storage address of the plaintext of the first real-name information;
or, a ciphertext obtained by encrypting the first real-name information plaintext by using the first digital identity public key is stored in the first identity certificate.
10. A mobile terminal, comprising:
the application program is used for receiving request information of a first account request for logging in a third-party application system, wherein the request information carries account information of the first account or a first digital identity public key;
the trusted identity component is used for receiving a first signal of a first account request for logging in a third-party application system through the application program, wherein the first signal carries a first digital identity public key of the first account; and for obtaining a first identity credential corresponding to the first digital identity public key; the first identity certificate is also used for acquiring first real name information of the first account; and a second signal for sending to the application, wherein the second signal comprises: a first digital identity public key of the first account number, first real name information of the first account number, and a first signature of a first digital identity private key of the first account number;
the application program is further configured to receive the second signal and send the second signal to the third-party application system, where the first digital identity public key in the second signal is used for verifying the first signature by the third-party application system.
11. A method for logging in a third-party application system by real names is characterized by comprising the following steps:
the third-party application system receives a second signal transmitted by an application program, wherein the second signal comprises: a first digital identity public key of a first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account, wherein the first account is an account for logging in the application program;
and verifying the first signature by adopting the first digital identity public key, and logging in the third-party application system by using the real name information of the first account after the first signature passes the verification.
12. The method of claim 11, wherein before the third party application system receives the second signal transmitted by the application program, the method further comprises:
the third party application system registers to a blockchain network;
the third-party application system initiates a registration request signal to the application program for establishing connection with the application program, wherein the registration request signal includes: the login address of the third-party application system and the public key of the third-party application system.
13. The method of claim 12, wherein registering the third party application system with a blockchain network comprises:
the third-party application system transmits authentication data to the blockchain network, wherein the blockchain network generates a uplink certificate and transmits an uplink public notice after the authentication data passes authentication, and the uplink certificate comprises: the certificate generation time, the certificate version number, the encryption and decryption algorithm identification and the organization identity information.
14. An apparatus for real name login, comprising:
the system comprises a first receiving module, a second receiving module and a third party application system, wherein the first receiving module is used for receiving a first signal that a first account is used for requesting to log in to the third party application system through an application program, and the first signal carries a first digital identity public key of the first account;
a first obtaining module, configured to obtain a first identity credential corresponding to the first digital identity public key;
a first sending module, configured to obtain first real name information of the first account from the first identity credential, and send a second signal to the application program, where the second signal includes: a first digital identity public key of the first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account; and the second signal is sent to the third-party application system by the application program for verification.
15. A device for logging in a third-party application system by real name is applied to the third-party application system, and is characterized by comprising:
a second receiving module, configured to receive a second signal transmitted by an application program, where the second signal includes: a first digital identity public key of a first account, first real name information of the first account, and a first signature of a first digital identity private key of the first account, wherein the first account is an account of the application program;
and the verification module is used for verifying the first signature by adopting the first digital identity public key and logging in the third-party application system by using the real name information of the first account after the first signature passes verification.
16. A storage medium having a computer program stored thereon, wherein the computer program is arranged to perform the method of any of claims 1 to 9, or any of claims 11 to 13 when executed.
17. An electronic device comprising a memory and a processor, wherein the memory has stored therein a computer program, and the processor is arranged to execute the computer program to perform the method of any of claims 1 to 9, or any of claims 11 to 13.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910894390.4A CN112543166B (en) | 2019-09-20 | 2019-09-20 | Real name login method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910894390.4A CN112543166B (en) | 2019-09-20 | 2019-09-20 | Real name login method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112543166A true CN112543166A (en) | 2021-03-23 |
| CN112543166B CN112543166B (en) | 2023-07-21 |
Family
ID=75012532
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910894390.4A Active CN112543166B (en) | 2019-09-20 | 2019-09-20 | Real name login method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112543166B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113221093A (en) * | 2021-05-25 | 2021-08-06 | 成都佰纳瑞信息技术有限公司 | Single sign-on system, method, equipment and product based on block chain |
| CN113268779A (en) * | 2021-06-07 | 2021-08-17 | 中国联合网络通信集团有限公司 | Real-name registration method, device, equipment and storage medium |
| CN113706283A (en) * | 2021-10-28 | 2021-11-26 | 江苏荣泽信息科技股份有限公司 | Double-chain retrieval and tracing method based on real estate transaction |
| CN114900321A (en) * | 2022-07-14 | 2022-08-12 | 云上人和物联科技有限公司 | Autonomous real-name electronic identity certificate generation system and method |
| CN114978596A (en) * | 2022-04-24 | 2022-08-30 | 捷德(中国)科技有限公司 | Registration and processing method and device for ownership of digital assets |
| CN118410469A (en) * | 2024-07-01 | 2024-07-30 | 蚂蚁科技集团股份有限公司 | Application verification method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106878327A (en) * | 2017-03-22 | 2017-06-20 | 江苏金易达供应链管理有限公司 | Towards the login method of auto service platform |
| CN107196966A (en) * | 2017-07-05 | 2017-09-22 | 北京信任度科技有限公司 | The identity identifying method and system of multi-party trust based on block chain |
| CN109829722A (en) * | 2019-02-22 | 2019-05-31 | 兴唐通信科技有限公司 | A kind of user identity real name identification method of electronic fare payment system |
| CN109862041A (en) * | 2019-03-27 | 2019-06-07 | 深圳市网心科技有限公司 | A kind of digital identification authentication method, unit, system and storage medium |
-
2019
- 2019-09-20 CN CN201910894390.4A patent/CN112543166B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106878327A (en) * | 2017-03-22 | 2017-06-20 | 江苏金易达供应链管理有限公司 | Towards the login method of auto service platform |
| CN107196966A (en) * | 2017-07-05 | 2017-09-22 | 北京信任度科技有限公司 | The identity identifying method and system of multi-party trust based on block chain |
| CN109829722A (en) * | 2019-02-22 | 2019-05-31 | 兴唐通信科技有限公司 | A kind of user identity real name identification method of electronic fare payment system |
| CN109862041A (en) * | 2019-03-27 | 2019-06-07 | 深圳市网心科技有限公司 | A kind of digital identification authentication method, unit, system and storage medium |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113221093A (en) * | 2021-05-25 | 2021-08-06 | 成都佰纳瑞信息技术有限公司 | Single sign-on system, method, equipment and product based on block chain |
| CN113221093B (en) * | 2021-05-25 | 2022-11-25 | 成都佰纳瑞信息技术有限公司 | Single sign-on system, method, equipment and product based on block chain |
| CN113268779A (en) * | 2021-06-07 | 2021-08-17 | 中国联合网络通信集团有限公司 | Real-name registration method, device, equipment and storage medium |
| CN113706283A (en) * | 2021-10-28 | 2021-11-26 | 江苏荣泽信息科技股份有限公司 | Double-chain retrieval and tracing method based on real estate transaction |
| CN114978596A (en) * | 2022-04-24 | 2022-08-30 | 捷德(中国)科技有限公司 | Registration and processing method and device for ownership of digital assets |
| CN114978596B (en) * | 2022-04-24 | 2023-04-18 | 捷德(中国)科技有限公司 | Registration and processing method and device for ownership of digital assets |
| CN114900321A (en) * | 2022-07-14 | 2022-08-12 | 云上人和物联科技有限公司 | Autonomous real-name electronic identity certificate generation system and method |
| CN114900321B (en) * | 2022-07-14 | 2022-10-14 | 云上人和物联科技有限公司 | Autonomous real-name electronic identity certificate generation system and method |
| CN118410469A (en) * | 2024-07-01 | 2024-07-30 | 蚂蚁科技集团股份有限公司 | Application verification method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112543166B (en) | 2023-07-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108810029B (en) | Authentication system and optimization method between micro-service architecture services | |
| CN112543166B (en) | Real name login method and device | |
| CN107196966B (en) | Identity authentication method and system based on block chain multi-party trust | |
| CN109728909B (en) | Identity authentication method and system based on USBKey | |
| US10027670B2 (en) | Distributed authentication | |
| US11336641B2 (en) | Security enhanced technique of authentication protocol based on trusted execution environment | |
| US8219808B2 (en) | Session-based public key infrastructure | |
| WO2018090183A1 (en) | Identity authentication method, terminal device, authentication server and electronic device | |
| EP3659295A1 (en) | Authentication token with client key | |
| CN111698225B (en) | Application service authentication encryption method suitable for power dispatching control system | |
| CN106161350B (en) | Method and device for managing application identifier | |
| KR20180095873A (en) | Wireless network access method and apparatus, and storage medium | |
| CA2551113A1 (en) | Authentication system for networked computer applications | |
| CN111131416B (en) | Service providing method and device, storage medium and electronic device | |
| US11777743B2 (en) | Method for securely providing a personalized electronic identity on a terminal | |
| CN112766962A (en) | Method for receiving and sending certificate, transaction system, storage medium and electronic device | |
| US9398024B2 (en) | System and method for reliably authenticating an appliance | |
| CN113411187B (en) | Identity authentication method and system, storage medium and processor | |
| CN110020869B (en) | Method, device and system for generating block chain authorization information | |
| CN112565294B (en) | Identity authentication method based on block chain electronic signature | |
| CN108259486B (en) | End-to-end key exchange method based on certificate | |
| CN111711607A (en) | Block chain-based flow type micro-service trusted loading and verifying method | |
| CN112020716A (en) | Remote biometric identification | |
| CN110166460B (en) | Service account registration method and device, storage medium and electronic device | |
| CN110138558B (en) | Transmission method and device of session key and computer-readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20230523 Address after: No. 118 Jinghui Dongdao Avenue, Xinwu District, Wuxi City, Jiangsu Province, 214135 Applicant after: Langxin Data Technology Co.,Ltd. Address before: Room a-3912, building 3, 20 Yong'an Road, Shilong Economic Development Zone, Mentougou District, Beijing Applicant before: Beijing Siyuan Zhengtong Science and Technology Group Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| CB02 | Change of applicant information |
Address after: 2L-1, No. 118 Jinghui East Road, Xinwu District, Wuxi City, Jiangsu Province, 214135 Applicant after: Langxin Data Technology Co.,Ltd. Address before: No. 118 Jinghui Dongdao Avenue, Xinwu District, Wuxi City, Jiangsu Province, 214135 Applicant before: Langxin Data Technology Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |