CN112769756A - Service authentication method, LDAP server, storage medium and service authentication system - Google Patents
Service authentication method, LDAP server, storage medium and service authentication system Download PDFInfo
- Publication number
- CN112769756A CN112769756A CN202011513822.1A CN202011513822A CN112769756A CN 112769756 A CN112769756 A CN 112769756A CN 202011513822 A CN202011513822 A CN 202011513822A CN 112769756 A CN112769756 A CN 112769756A
- Authority
- CN
- China
- Prior art keywords
- server
- user information
- ldap
- ldap server
- cerid
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present disclosure provides a service authentication method, an LDAP server, a storage medium, and a service authentication system, including: LDAP server, CERID server and CARSI-IdP server; the CERID server is used for storing user information; the LDAP server is used for acquiring the user information from the CERID server; the LDAP server is also used for processing the user information and writing the processed user information into the LDAP server; and the CARSI-Idp server is used for acquiring the processed user information from the LDAP server and authenticating the processed user information.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a service authentication method, an LDAP server, a storage medium, and a service authentication system.
Background
In the prior art, a CERID user cannot be communicated with the CARSI alliance, so that the CERID user cannot access alliance resources of the CARSI alliance.
Disclosure of Invention
The main purpose of the application is to provide a service authentication method, an LDAP server, a storage medium and a service authentication system, which realize the communication between a CERID user and a CARSI alliance.
In order to achieve the above object, a first aspect of the embodiments of the present application provides a service authentication method applied to an LDAP server, where the LDAP server connects a CERID server and a CARSI-IdP server, and the CERID server stores user information therein, and the method includes:
the LDAP server acquires the user information from the CERID server;
and the LDAP server processes the user information and writes the processed user information into the LDAP server so that the CARSI-Idp server acquires the processed user information from the LDAP server and authenticates the processed user information.
Optionally, the obtaining, by the LDAP server, the user information from the CERID server includes:
the LDAP server acquires user information stored in the CERID server through an authentication service interface pre-constructed in the CERID server;
and setting an IP address white list in an authentication service interface of the CERID server, wherein the white list is used for only the LDAP server to access in an internal network.
Optionally, a t _ sign standard signature is set in the authentication service interface;
the LDAP server acquires the user information stored in the CERID server through an authentication service interface pre-constructed in the CERID server, and the acquisition comprises the following steps:
and the LDAP server carries out integrity check on the user information transmitted to the LDAP server through the t _ sign standard signature set in the authentication service interface.
Optionally, the processing, by the LDAP server, the user information, and writing the processed user information to the LDAP server includes:
the LDAP server accesses the CERID server every preset time to acquire user information;
when the LDAP server acquires user information, the LDAP server compares the user information with the user information acquired last time to acquire difference information;
the LDAP server root classifies the difference information;
the LDAP server writes the classified difference information into the LDAP server in an LDAP standard format respectively;
and when the writing is completed, the LDAP server executes the script for updating.
Optionally, the category of the difference information includes a new user, an information change user, and a deleted user.
Optionally, the acquiring, by the CARSI-Idp server, the processed user information from the LDAP server includes:
modifying an LDAP properties file in the CARSI-Idp server configuration information according to the LDAP server configuration information to obtain a configured CARSI-Idp server;
the configured CARSI-Idp server acquires the processed user information from the LDAP server;
the authenticating the processed user information includes:
using the CERID attribute or the email attribute as a unique user identifier;
and the unique user identification corresponds to the CARSI-IdP attribute one by one, and the processed user information is authenticated.
A second aspect of an embodiment of the present application provides an LDAP server, where the LDAP server connects a CERID server and a CARSI-IdP server, where the CERID server stores user information, and the LDAP server includes:
an obtaining module, configured to obtain the user information from the CERID server;
and the processing module is used for processing the user information by the LDAP server and writing the processed user information into the LDAP server so that the CARSI-Idp server acquires the processed user information from the LDAP server and authenticates the processed user information.
A third aspect of an embodiment of the present application provides an LDAP server, including:
the service authentication method includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor executes the program to implement the service authentication method provided in the first aspect of the embodiment of the present application.
A fourth aspect of the embodiments of the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the service authentication method provided in the first aspect of the embodiments of the present application.
As can be seen from the foregoing embodiments of the present application, the service authentication method, the LDAP server, the storage medium, and the service authentication system provided in the present application communicate the CERID server and the CARSI-IdP server by constructing the intermediate LDAP server, and perform authentication and docking between the LDAP server and the CARSI-IdP server, thereby implementing cross-domain authentication of the CERID user and using the cross-domain authentication to access federation resources.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic flowchart of a service authentication method according to an embodiment of the present application;
fig. 2 is a schematic diagram of a service authentication interface according to an embodiment of the present application;
FIG. 3 is a schematic structural diagram of an LDAP server according to an embodiment of the present application;
FIG. 4 is a schematic diagram showing a hardware structure of a variety of LDAP servers;
fig. 5 is a schematic diagram showing the structure of a service authentication system.
Detailed Description
In order to make the purpose, features and advantages of the present application more obvious and understandable, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The invention aims to provide a CARSI _ IdP service authentication method based on CERID, which is used for realizing the problem of the butt joint of the CERID and the CARSI _ IdP and realizing the communication between a CERID user and a CARSI alliance. The user information of the present disclosure is CERID user information.
Referring to fig. 1, fig. 1 is a schematic flowchart of a service authentication method according to an embodiment of the present application, where the method is applied to an LDAP server, the LDAP server connects a center server and a CARSI-IdP server, and the center server stores user information, and the method includes:
s101, the LDAP server acquires user information from the CERID server;
s102, the LDAP server processes the user information and writes the processed user information into the LDAP server, so that the CARSI-Idp server acquires the processed user information from the LDAP server and authenticates the processed user information.
The invention establishes the middle LDAP server to connect the CERID server and the CARSI-IdP server, and the LDAP server and the CARSI-IdP server perform authentication and butt joint to realize cross-domain authentication of the CERID user and access alliance resources.
In one embodiment of the present disclosure, S101 includes:
the LDAP server acquires user information stored in the CERID server through an authentication service interface pre-constructed in the CERID server;
an IP address white list is set in an authentication service interface of the CERID server, and the white list is used for only limiting the LDAP server to access in an internal network.
As shown in fig. 2, in view of the fact that the span of the CERID user information is large, the password settings of users from different sources at different periods are different, and the password formats are distinguished when the user information is acquired, so that the consistency of the authentication of the acquired user information is ensured.
The invention establishes the middle LDAP server to connect the CERID server and the CARSI-IdP server, the LDAP server pulls the information of the CERID user through the authentication service interface of the CERID server, the information is stored in the LDAP server, and the LDAP server and the CARSI-IdP server carry out authentication and butt joint, thereby realizing the cross-domain authentication of the CERID user and being used for accessing alliance resources.
In one embodiment of the disclosure, a t _ sign standard signature is set in an authentication service interface;
the obtaining, by the LDAP server, the user information stored in the CERID server through the authentication service interface pre-constructed in the CERID server includes: and the LDAP server carries out integrity check on the user information transmitted to the LDAP server through the t _ sign standard signature set in the authentication service interface.
Because the authentication service interface is a single-purpose interface, in order to ensure the safety, the authentication service interface sets an IP address white list mode and only an LDAP server accesses in an intranet. Meanwhile, t _ sign standard signature encryption authentication is set to ensure the integrity of the request information. Please refer to table 1 below
TABLE 1
When designing the authentication service interface, the CERID server will generate a serviceKey as the private key of the platform according to the serviceName of the source and issue it to the source server. The key is not directly spliced in the parameter, but the CERID server is called by the authentication service interface to be spliced in the signature, then the MD5 is carried out, after the CERID server receives the parameter, the corresponding key value is searched from the library according to the serviceName of the source side, and the MD5 and the sent signature MD5 are obtained by splicing in the same sequence, and the comparison is carried out, so that the MD5 and the sent signature MD5 can pass through after the comparison is consistent.
In the disclosure, the use of the key signature can prevent the parameters of the data from being tampered in the transmission process, and even if the parameters are tampered, the MD5 cannot be spliced again without knowing the corresponding server key, so that certain security can be achieved.
Two parameters are needed to generate the t _ sign key and the associated API is called: sign builder, parameter splicing the generated character string; serviceKey, service specific key. The t _ sign signature key code is generated as follows:
String base64=“1”;
String extraNames=“username,mobileNo,department”;
String sellerSign=″j4d7s2j0d9″;
SignBulider ═ new SignBulider (); // tools for generating signatures
Add ("base 64", base 64.) add ("extraNames", extraNames); // parameter splicing
String _ sign ═ sign builder. creategign (serviceKey, "UTF-8"); // generating a key
In one embodiment of the present disclosure, the LDAP server processing the user information in S102 and writing the processed user information to the LDAP server comprises:
the LDAP server accesses the CERID server every preset time length to acquire user information;
when the LDAP server acquires the user information, the LDAP server compares the user information with the user information acquired last time to acquire difference information;
the LDAP server root classifies the difference information;
the LDAP server writes the classified difference information into the LDAP server in an LDAP standard format respectively;
and when the writing is completed, the LDAP server executes the script for updating.
The types of the difference information comprise an added user, an information change user and a deleted user.
And obtaining the latest user information by accessing an authentication service interface of the CERID server. After the user information is acquired, a copy is prestored locally, and all the user information is directly imported into the LDAP after the user information is acquired for the first time.
And by setting a timing task, accessing an authentication service interface of the CERID server at intervals, and comparing the user information with the user information prestored at the last time when the user information is obtained again. The difference part is classified according to the information difference between the two times. And writing corresponding files in an LDAP standard format according to the 'added user', 'information change user' and 'deleted user'. After the writing is completed, the contents of the three files are changed and added to the LDAP server through a command execution script LDAP modify provided by the LDAP service, and the writing of the user information is completed.
In one embodiment of the present disclosure, the acquiring, by the CARSI-Idp server in S102, the processed user information from the LDAP server includes:
modifying an LDAP properties file in the CARSI-Idp server configuration information according to the LDAP server configuration information to obtain a configured CARSI-Idp server;
the configured CARSI-Idp server acquires the processed user information from the LDAP server;
authenticating the processed user information includes:
using the CERID attribute or the email attribute as a unique user identifier;
and the unique user identification corresponds to the CARSI-IdP attribute one by one, and the processed user information is authenticated.
The CARSI based on Shibboleth has a self-defined LDAP server docking scheme, and after the CARSI-IdP server is deployed, user information written in the LDAP server can be acquired through the CARSI-IdP server only by modifying configuration file information.
The configuration of the CARSI-IdP server mainly modifies LDAP. Based on the characteristics of the CERID server, CERID or the attribute of the email can be used as the unique identifier uid, and the email is selected as the unique identifier in view of the login habits and universality of the user.
After the docking is completed, attribute release is needed, an attribute-resolver. Meanwhile, according to the user information, an encryption attribute ePTID is generated, and the release of the user attribute is completed. After the release is successful, various resources provided by the alliance can be accessed.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an LDAP server provided in an embodiment of the present application, where the LDAP server is connected to a CERID server and a CARSI-IdP server, the CERID server stores user information therein, and the LDAP server includes:
an obtaining module 301, configured to obtain user information from a CERID server;
and the processing module 302 is used for processing the user information by the LDAP server and writing the processed user information into the LDAP server, so that the CARSI-Idp server acquires the processed user information from the LDAP server and authenticates the processed user information.
In one embodiment of the present disclosure, the obtaining module 301 is specifically configured to obtain the user information stored in the CERID server through an authentication service interface pre-constructed in the CERID server, where an IP address white list is set in the authentication service interface of the CERID server, and the white list is used for only the LDAP server to access the intranet.
In one embodiment of the disclosure, a t _ sign standard signature is set in an authentication service interface;
the obtaining module 301 is specifically configured to perform integrity check on the user information transmitted to the LDAP server through a t _ sign standard signature set in the authentication service interface.
In one embodiment of the present disclosure, the processing module 302 specifically includes:
the access module is used for accessing the CERID server every preset time length to acquire user information;
the comparison module is used for comparing the user information with the user information obtained last time when the LDAP server obtains the user information to obtain difference information;
the classification module is used for classifying the difference information;
the writing module is used for respectively writing the classified difference information into the LDAP server in an LDAP standard format by the LDAP server;
and the updating module is used for executing the script by the LDAP server to update after the writing is finished.
In one embodiment of the present disclosure, the categories of the difference information include an added user, an information changed user, and a deleted user.
In one embodiment of the present disclosure, the acquiring, by the CARSI-Idp server, the processed user information from the LDAP server includes:
modifying an LDAP properties file in the CARSI-Idp server configuration information according to the LDAP server configuration information to obtain a configured CARSI-Idp server;
the configured CARSI-Idp server acquires the processed user information from the LDAP server;
authenticating the processed user information includes:
using the CERID attribute or the email attribute as a unique user identifier;
and the unique user identification corresponds to the CARSI-IdP attribute one by one, and the processed user information is authenticated.
Referring to fig. 4, fig. 4 is a hardware structure diagram of an electronic device.
The electronic device described in this embodiment includes:
a memory 41, a processor 42 and a computer program stored on the memory 41 and executable on the processor, the processor implementing the synchronous control method of the multi-axis motion system described in the foregoing embodiment shown in fig. 1 when executing the program.
Further, the electronic device further includes:
at least one input device 43; at least one output device 44.
The memory 41, processor 42 input device 43 and output device 44 are connected by a bus 45.
The input device 43 may be a camera, a touch panel, a physical button, or a mouse. The output device 44 may specifically be a display screen.
The Memory 41 may be a high-speed Random Access Memory (RAM) Memory or a non-volatile Memory (non-volatile Memory), such as a magnetic disk Memory. The memory 41 is used for storing a set of executable program code, and the processor 42 is coupled to the memory 41.
Further, the embodiment of the present disclosure also provides a computer-readable storage medium, where the computer-readable storage medium may be an electronic device provided in the foregoing embodiments, and the computer-readable storage medium may be the electronic device in the foregoing embodiment shown in fig. 4. The computer-readable storage medium has stored thereon a computer program which, when executed by a processor, implements the service authentication method described in the foregoing embodiment shown in fig. 1. Further, the computer-readable storage medium may be various media that can store program codes, such as a usb disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
Referring to fig. 5, the present disclosure further provides a service authentication system, including:
a CERID server 501 for storing user information;
an LDAP server 502 for acquiring user information from the CERID server 501;
the LDAP server 502 is further configured to process the user information and write the processed user information into the LDAP server 502;
the CARSI-Idp server 503 is configured to acquire the processed user information from the LDAP server 502, and authenticate the processed user information.
Wherein, the LDAP server 501, the CERID server 502 and the CARSI-IdP server 503 are connected to realize the service authentication method.
It should be noted that each functional module in each embodiment of the present disclosure may be integrated into one processing module, or each module may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode.
The integrated module, if implemented in the form of a software functional module and sold or used as a separate product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be substantially or partially embodied in the form of a software product, or all or part of the technical solution that contributes to the prior art.
It should be noted that, for the sake of simplicity, the above-mentioned method embodiments are described as a series of acts or combinations, but those skilled in the art should understand that the present invention is not limited by the described order of acts, as some steps may be performed in other orders or simultaneously according to the present invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no acts or modules are necessarily required of the invention.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the above description, for a person skilled in the art, there are variations on the specific implementation and application scope according to the concepts of the embodiments of the present invention, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A service authentication method is applied to an LDAP server, the LDAP server is connected with a CERID server and a CARSI-IdP server, user information is stored in the CERID server, and the method comprises the following steps:
the LDAP server acquires the user information from the CERID server;
and the LDAP server processes the user information and writes the processed user information into the LDAP server so that the CARSI-Idp server acquires the processed user information from the LDAP server and authenticates the processed user information.
2. The service authentication method as claimed in claim 1, wherein the LDAP server obtaining the user information from the CERID server comprises:
the LDAP server acquires user information stored in the CERID server through an authentication service interface pre-constructed in the CERID server;
and setting an IP address white list in an authentication service interface of the CERID server, wherein the white list is used for only the LDAP server to access in an internal network.
3. The service authentication method according to claim 2, wherein a t _ sign standard signature is set in the authentication service interface;
the LDAP server acquires the user information stored in the CERID server through an authentication service interface pre-constructed in the CERID server, and the acquisition comprises the following steps:
and the LDAP server carries out integrity check on the user information transmitted to the LDAP server through the t _ sign standard signature set in the authentication service interface.
4. The service authentication method according to any one of claims 1 to 3, wherein the LDAP server processing the user information and writing the processed user information to the LDAP server comprises:
the LDAP server accesses the CERID server every preset time to acquire user information;
when the LDAP server acquires user information, the LDAP server compares the user information with the user information acquired last time to acquire difference information;
the LDAP server root classifies the difference information;
the LDAP server writes the classified difference information into the LDAP server in an LDAP standard format respectively;
and when the writing is completed, the LDAP server executes the script for updating.
5. The service authentication method according to claim 4, wherein the category of the difference information includes an added user, an information changed user, and a deleted user.
6. The service authentication method of claim 2, wherein the CARSI-Idp server obtaining the processed user information from the LDAP server comprises:
modifying an LDAP properties file in the CARSI-Idp server configuration information according to the LDAP server configuration information to obtain a configured CARSI-Idp server;
the configured CARSI-Idp server acquires the processed user information from the LDAP server;
the authenticating the processed user information includes:
using the CERID attribute or the email attribute as a unique user identifier;
and the unique user identification corresponds to the CARSI-IdP attribute one by one, and the processed user information is authenticated.
7. An LDAP server, wherein said LDAP server connects a CERID server having user information stored therein to a CARSI-IdP server, said LDAP server comprising:
an obtaining module, configured to obtain the user information from the CERID server;
and the processing module is used for processing the user information by the LDAP server and writing the processed user information into the LDAP server so that the CARSI-Idp server acquires the processed user information from the LDAP server and authenticates the processed user information.
8. An LDAP server comprising: memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the service authentication method according to any one of claims 1 to 6 when executing the computer program.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the service authentication method according to any one of claims 1 to 6.
10. A service authentication system, comprising:
LDAP server, CERID server and CARSI-IdP server;
the CERID server is used for storing user information;
the LDAP server is used for acquiring the user information from the CERID server;
the LDAP server is also used for processing the user information and writing the processed user information into the LDAP server;
and the CARSI-Idp server is used for acquiring the processed user information from the LDAP server and authenticating the processed user information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011513822.1A CN112769756B (en) | 2020-12-18 | 2020-12-18 | Service authentication method, LDAP server, storage medium and service authentication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011513822.1A CN112769756B (en) | 2020-12-18 | 2020-12-18 | Service authentication method, LDAP server, storage medium and service authentication system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112769756A true CN112769756A (en) | 2021-05-07 |
| CN112769756B CN112769756B (en) | 2023-03-24 |
Family
ID=75694516
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011513822.1A Active CN112769756B (en) | 2020-12-18 | 2020-12-18 | Service authentication method, LDAP server, storage medium and service authentication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112769756B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020138489A1 (en) * | 2001-03-20 | 2002-09-26 | Trivedi Prakash A. | Systems and methods for updating an LDAP |
| US20110296504A1 (en) * | 2010-05-25 | 2011-12-01 | Lloyd Leon Burch | Multiple access authentication |
| CN109729048A (en) * | 2017-10-30 | 2019-05-07 | 中移(苏州)软件技术有限公司 | A kind of joint qualification method, system, related platform and medium |
-
2020
- 2020-12-18 CN CN202011513822.1A patent/CN112769756B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020138489A1 (en) * | 2001-03-20 | 2002-09-26 | Trivedi Prakash A. | Systems and methods for updating an LDAP |
| US20110296504A1 (en) * | 2010-05-25 | 2011-12-01 | Lloyd Leon Burch | Multiple access authentication |
| CN109729048A (en) * | 2017-10-30 | 2019-05-07 | 中移(苏州)软件技术有限公司 | A kind of joint qualification method, system, related platform and medium |
Non-Patent Citations (2)
| Title |
|---|
| 张辉等: "联合身份管理技术的分析", 《科技资讯》 * |
| 陈萍等: "CERNET跨域单点登陆中的用户身份管理探讨", 《中国海洋大学学报(自然科学版)》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112769756B (en) | 2023-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11281457B2 (en) | Deployment of infrastructure in pipelines | |
| CN107733922B (en) | Method and apparatus for invoking a service | |
| JP6402198B2 (en) | Virtual machine image authentication using digital certificates | |
| WO2020155492A1 (en) | Device id-based login state sharing method and device | |
| CA3132019C (en) | Document management and collaboration system | |
| US10616210B2 (en) | Protection feature for data stored at storage service | |
| US10560342B2 (en) | Synchronizing data between cloud manager and providers | |
| US10678528B1 (en) | Directory schema deployment with pipelines | |
| TWI735429B (en) | Authentication method, device, system and electronic equipment for client login server end | |
| US10733238B2 (en) | Script manager for distributed systems | |
| US20170041504A1 (en) | Service providing system, information processing apparatus, program, and method for generating service usage information | |
| US9350730B2 (en) | Biometric-based wireless device association | |
| Ferry et al. | Security evaluation of the OAuth 2.0 framework | |
| CN110162994A (en) | Authority control method, system, electronic equipment and computer readable storage medium | |
| CN112182522A (en) | Access control method and device | |
| JP6582841B2 (en) | Service providing system, information processing apparatus, program, and information processing system | |
| EP4066458A1 (en) | Protocol-agnostic claim configuration and verification | |
| CN110018835B (en) | YANG model configuration data processing method and device, terminal device and storage medium | |
| CN111078764B (en) | Data processing method, data processing device, computer readable storage medium and electronic equipment | |
| CN112769756B (en) | Service authentication method, LDAP server, storage medium and service authentication system | |
| EP3899837A1 (en) | Computer-implemented systems and methods for controlling or enforcing performance of transfers conducted over a blockchain | |
| US8640200B1 (en) | Authored injections of context that are resolved at authentication time | |
| Nickel | Mastering Identity and Access Management with Microsoft Azure: Empower users by managing and protecting identities and data | |
| CN116438778A (en) | Persistent source value of assumed alternate identity | |
| US20170163648A1 (en) | File and bit location authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |