CN113132299A - Capability opening method and device, storage medium and computer equipment - Google Patents

Capability opening method and device, storage medium and computer equipment Download PDF

Info

Publication number
CN113132299A
CN113132299A CN201911395874.0A CN201911395874A CN113132299A CN 113132299 A CN113132299 A CN 113132299A CN 201911395874 A CN201911395874 A CN 201911395874A CN 113132299 A CN113132299 A CN 113132299A
Authority
CN
China
Prior art keywords
user terminal
address information
sent
address
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911395874.0A
Other languages
Chinese (zh)
Inventor
刘凡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Jiangxi Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Jiangxi Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Jiangxi Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201911395874.0A priority Critical patent/CN113132299A/en
Publication of CN113132299A publication Critical patent/CN113132299A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides a capacity opening method, a capacity opening device, a storage medium and computer equipment, wherein encrypted address information is decrypted by receiving the encrypted address information sent by a user terminal, so that address information is generated, and the address information is sent to the user terminal so that the user terminal can display a webpage corresponding to the address information according to the address information.

Description

Capability opening method and device, storage medium and computer equipment
[ technical field ] A method for producing a semiconductor device
The present invention relates to the field of service support technologies, and in particular, to a method, an apparatus, a storage medium, and a computer device for opening a capability.
[ background of the invention ]
In the era of mobile internet, telecom operators face huge challenges of service quality and business innovation, and urgently need to provide service interfaces for third-party enterprises or individual developers by opening own system capacity, so that timely, personalized and diversified services are provided for users, user experience and stickiness are improved, and potential business values are continuously mined.
At present, the system capability of the user is usually opened by directly embedding a page provided by a service support system, and the system capability is generally realized by using technologies such as an application framework technology, a script file or a script component, and the like, and the existing web page address is directly embedded into the application of the user, so that the security of the capability opening service is reduced.
[ summary of the invention ]
In view of this, embodiments of the present invention provide a capability opening method, an apparatus, a storage medium, and a computer device, so as to improve security of a capability opening service.
In one aspect, an embodiment of the present invention provides a capability opening method, including:
receiving encrypted address information sent by a user terminal;
decrypting the encrypted address information to generate address information; .
And sending the address information to a user terminal so that the user terminal can display a webpage corresponding to the address information according to the address information.
Optionally, the receiving the encrypted address information sent by the user terminal includes:
receiving the address information sent by the user terminal;
inquiring whether identity authentication information corresponding to the address information is stored or not, wherein the identity authentication information comprises valid time;
if the identity authentication information corresponding to the address information is inquired, judging whether the effective time is less than or equal to the set time;
and if the effective time is judged to be less than or equal to the set time, sending a first verification success message to the user terminal so that the user terminal can encrypt the address information to generate the encrypted address information.
Optionally, the method further comprises:
and if the identity authentication information corresponding to the address information is not stored, sending a first warning message to the user terminal.
Optionally, the method further comprises:
and if the effective time is judged to be greater than the set time, sending a second warning message to the user terminal.
Optionally, the receiving the address information sent by the user terminal includes:
receiving an application IP address sent by a user terminal;
inquiring whether the application IP address stored in advance comprises an application IP address sent by the user terminal;
and if the application IP address which is inquired and stored in advance comprises the application IP address sent by the user terminal, sending a second verification success message to the user terminal.
Optionally, the method further comprises:
and if the application IP address which is stored in advance does not comprise the application IP address sent by the user terminal, sending a third warning message to the user terminal.
Optionally, the identity authentication information further includes the number of invocations, and before sending the first verification success message to the user terminal, the method further includes:
judging whether the number of times of calling is less than or equal to a set threshold value;
if the number of times of calling is judged to be less than or equal to the set threshold value, the step of sending a first verification success message to the user terminal is continuously executed;
and if the number of times of calling is judged to be larger than the set time, sending a fourth warning message to the user terminal.
In another aspect, an embodiment of the present invention provides a capability opening apparatus, including:
the receiving module is used for receiving the encrypted address information sent by the user terminal;
the decryption module is used for decrypting the encrypted address information;
the generating module is used for generating address information;
and the sending module is used for sending the address information to the user terminal so that the user terminal can display the webpage corresponding to the address information according to the address information.
In another aspect, an embodiment of the present invention provides a storage medium, including: the storage medium comprises a stored program, wherein when the program runs, the device where the storage medium is located is controlled to execute the capacity opening method.
In another aspect, an embodiment of the present invention provides a computer device, including a memory and a processor, where the memory is used to store information including program instructions, and the processor is used to control execution of the program instructions, and the program instructions are loaded by the processor and executed to implement the steps of the above capability opening method.
In the technical scheme of the capacity opening method provided by the embodiment of the invention, the encrypted address information is decrypted by receiving the encrypted address information sent by the user terminal to generate the address information, and the address information is sent to the user terminal so that the user terminal can display the webpage corresponding to the address information according to the address information.
[ description of the drawings ]
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 is a flowchart of a capability opening method according to an embodiment of the present invention;
FIG. 2 is a flow chart of another capability opening method provided by the embodiment of the invention;
fig. 3 is a schematic structural diagram of a capability opening apparatus according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a computer device according to an embodiment of the present invention.
[ detailed description ] embodiments
For better understanding of the technical solutions of the present invention, the following detailed descriptions of the embodiments of the present invention are provided with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be understood that the term "and/or" as used herein is merely one type of associative relationship that describes an associated object, meaning that three types of relationships may exist, e.g., A and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Fig. 1 is a flowchart of a capability opening method according to an embodiment of the present invention, and as shown in fig. 1, the method includes:
step 101, receiving encrypted address information sent by a user terminal.
And 102, decrypting the encrypted address information to generate address information. .
And 103, sending the address information to the user terminal so that the user terminal can display a webpage corresponding to the address information according to the address information.
In the technical scheme of the capacity opening method provided by this embodiment, the encrypted address information is decrypted by receiving the encrypted address information sent by the user terminal, so as to generate the address information, and the address information is sent to the user terminal, so that the user terminal can display the webpage corresponding to the address information according to the address information.
Fig. 2 is a flowchart of another capability opening method provided in an embodiment of the present invention, as shown in fig. 2, the method includes:
step 201, receiving an application IP address sent by a user terminal.
In the embodiment of the invention, each step is executed by the capacity open platform, and the capacity open platform comprises a nginx platform.
In the embodiment of the invention, the user terminal comprises a mobile phone, a tablet computer, a computer or wearable equipment.
As an alternative, step 201 may be preceded by: the user terminal registers in the capability opening platform, after registration, the capability opening platform allocates corresponding application IP addresses according to the account number of the user terminal, and the account number corresponds to the application IP addresses one to one.
In this step, if the user terminal wants to access the capability opening platform, it needs to send an application IP address to the capability opening platform.
Step 202, inquiring whether the application IP address stored in advance comprises an application IP address sent by the user terminal, if so, executing step 203; if not, go to step 215.
In this step, the database of the capability opening platform stores the corresponding relationship between the account and the application IP address, and queries whether the application IP address stored in advance includes the application IP address sent by the user terminal from the database.
In the embodiment of the invention, if the application IP address stored in advance comprises the application IP address sent by the user terminal, the application IP address sent by the user terminal is indicated to be registered in advance; if the application IP address which is stored in advance does not comprise the application IP address which is sent by the user terminal, the application IP address which is sent by the user terminal is not registered in advance.
Step 203, sending a second check success message to the user terminal.
And step 204, receiving the address information sent by the user terminal.
In the embodiment of the present invention, a user inputs address information through a user terminal, where the address information includes web page address information, for example: http:// www.baidu.com.
In this step, the user terminal sends the address information to the capability opening platform after receiving the second verification success message sent by the capability opening platform.
Step 205, inquiring whether identity authentication information corresponding to the address information is stored, wherein the identity authentication information comprises valid time and the number of times of calling, and if yes, executing step 206; if not, go to step 214.
As an optional method, the identity authentication information includes: the application grants access to an authentication identity token (token).
In the embodiment of the invention, the corresponding relation between the address information and the identity authentication information is stored in the database, the identity authentication information corresponding to the address information is inquired from the corresponding relation between the address information and the identity authentication information, and the address information corresponds to the identity authentication information one by one.
In the embodiment of the invention, if identity authentication information corresponding to the stored address information is inquired, the address information can be accessed only by identity verification; and if the identity authentication information corresponding to the address information is not stored, the identity authentication information indicates that the address information is not set for identity verification.
Step 206, judging whether the effective time is less than or equal to the set time, if so, executing step 207; if not, go to step 213.
In this step, as an alternative, the set time is 24 hours.
In the embodiment of the invention, if the effective time is judged to be less than or equal to the set time, the effective time is in the effective time range of the identity verification; if the effective time is judged to be larger than the set time, the effective time is not in the range of the effective time of identity verification and issuance.
Step 207, judging whether the number of times of calling is less than or equal to a set threshold value, if so, executing step 209; if not, go to step 208.
If the number of times of calling is judged to be less than or equal to the set threshold value, the identity verification information can be called continuously; and if the number of times of calling is larger than the set threshold value, the identity verification information can not be called.
And step 208, sending a fourth warning message to the user terminal, and ending the process.
As an alternative, the user terminal receives the fourth warning information, the user terminal jumps to the oauth authentication page, and the user terminal needs to perform oauth authentication according to the prompt information of the invokable times of updating the oauth authentication page.
And step 209, sending a first verification success message to the user terminal, so that the user terminal encrypts the address information to generate encrypted address information.
In this step, the user terminal encrypts the address information according to the Secure Hash Algorithm (SHA) or the RSA encryption Algorithm to generate encrypted address information.
Step 210, receiving the encrypted address information sent by the user terminal.
Step 211, decrypting the encrypted address information to generate the address information.
As an alternative, the capability openness platform decrypts the encrypted address information according to the SHA algorithm or the RSA algorithm.
And step 212, sending the address information to the user terminal so that the user terminal can display a webpage corresponding to the address information according to the address information, and ending the process.
In the embodiment of the invention, the webpage page comprises an H5 page, an html page or a jsp page.
Step 213, sending the second warning message to the user terminal, and ending the process.
As an alternative, the user terminal receives the second warning information, the user terminal jumps to the oauth authentication page, and the user terminal needs to perform oauth authentication according to the prompt information of the update effective time of the oauth authentication page.
Step 214, sending the first warning message to the user terminal, and ending the process.
As an alternative, the user terminal receives the first warning information, the user terminal jumps to the oauth authentication page, and the user terminal needs to perform oauth authentication according to the registration prompt information of the oauth authentication page.
Step 215, sending a third alarm message to the user terminal, and ending the process.
In the embodiment of the present invention, the third warning message includes a short message or an email message.
As an alternative, the capability openness platform sends a short message to the user terminal to prompt the user that the capability openness platform is not registered.
In the technical scheme of the capacity opening method provided by this embodiment, the encrypted address information is decrypted by receiving the encrypted address information sent by the user terminal, so as to generate the address information, and the address information is sent to the user terminal, so that the user terminal can display the webpage corresponding to the address information according to the address information.
In the technical scheme provided by the embodiment of the invention, the capacity opening platform is a high-performance HTTP and reverse proxy web server, and is characterized by less memory occupation and strong concurrency capacity, page calling under different addresses is completed by one request address through a reverse proxy, and a plurality of services are uniformly converged into one service platform.
The embodiment of the invention provides a capacity opening device. Fig. 3 is a schematic structural diagram of a capability opening apparatus according to an embodiment of the present invention, and as shown in fig. 3, the apparatus includes: a receiving module 11, a decryption module 12, a generating module 13 and a sending module 14.
The receiving module 11 is used for receiving the encrypted address information sent by the user terminal.
The decryption module 12 is used for decrypting the encrypted address information.
The generating module 13 is used for generating address information.
The sending module 14 is configured to send the address information to the user terminal, so that the user terminal displays a webpage corresponding to the address information according to the address information.
In the embodiment of the present invention, the apparatus further includes: a first query module 15 and a first judgment module 16.
The receiving module 11 is further configured to receive address information sent by the user terminal.
The first query module 15 is configured to query whether identity authentication information corresponding to the address information is stored, where the identity authentication information includes valid time.
If the first query module 15 queries that the identity authentication information corresponding to the address information is stored, the first judgment module 16 judges whether the valid time is less than or equal to the set time.
If the first determining module 16 determines that the valid time is less than or equal to the set time, the sending module 14 sends a first verification success message to the user terminal, so that the user terminal encrypts the address information to generate encrypted address information.
In the embodiment of the present invention, if the first query module 15 queries the identity authentication information corresponding to the address information that is not stored, the sending module 14 sends a first warning message to the user terminal.
In this embodiment of the present invention, if the first determining module 16 determines that the valid time is greater than the set time, the sending module 14 sends a second warning message to the user terminal.
In the embodiment of the present invention, the apparatus further includes: a second query module 17.
The receiving module 11 is configured to receive an application IP address sent by a user terminal.
The second query module 17 is configured to query whether the pre-stored application IP address includes an application IP address sent by the user terminal.
If the second query module 17 queries that the pre-stored application IP address includes an application IP address sent by the user terminal, the sending module 14 sends a second verification success message to the user terminal.
In the embodiment of the present invention, if the second query module 17 queries that the application IP address stored in advance does not include the application IP address sent by the user terminal, the sending module 14 sends a third warning message to the user terminal.
In the embodiment of the present invention, the apparatus further includes: a second decision module 18.
The second determining module 18 is configured to determine whether the number of callable times is less than or equal to a set threshold.
If the second determination module 18 determines that the number of times of call invocation is less than or equal to the set threshold, the sending module 14 continues to execute the step of sending the first verification success message to the user terminal.
If the second determination module 18 determines that the number of times of calling is greater than the set time, the sending module 14 sends a fourth warning message to the user terminal.
The capability opening device provided in this embodiment may be used to implement the capability opening method in fig. 1 and fig. 2, and specific descriptions may refer to an embodiment of the capability opening method, and a description thereof is not repeated here.
In the technical scheme of the capacity development device provided by the embodiment of the invention, the receiving module is used for receiving encrypted address information sent by a user terminal, the decryption module is used for decrypting the encrypted address information, the generating module is used for generating the address information, and the sending module is used for sending the address information to the user terminal so that the user terminal can display a webpage corresponding to the address information according to the address information.
An embodiment of the present invention provides a storage medium, where the storage medium includes a stored program, where, when the program runs, a device on which the storage medium is located is controlled to execute each step of the embodiment of the capability opening method, and for specific description, reference may be made to the embodiment of the capability opening method.
An embodiment of the present invention provides a computer device, including a memory and a processor, where the memory is used to store information including program instructions, and the processor is used to control execution of the program instructions, and the program instructions are loaded by the processor and executed to implement the steps of the embodiment of the capability opening method.
Fig. 4 is a schematic diagram of a computer device according to an embodiment of the present invention. As shown in fig. 4, the computer device 30 of this embodiment includes: the processor 31, the memory 32, and the computer program 33 stored in the memory 32 and capable of running on the processor 31, where the computer program 33 is executed by the processor 31 to implement the generation method applied to the secondary carrier adding cell in the embodiment, and in order to avoid repetition, details are not repeated herein. Alternatively, the computer program is executed by the processor 31 to implement the functions of each model/unit in the generating apparatus for adding a secondary carrier to a cell in the embodiment, which are not described herein for avoiding repetition.
The computer device 30 includes, but is not limited to, a processor 31, a memory 32. Those skilled in the art will appreciate that fig. 4 is merely an example of a computer device 30 and is not intended to limit the computer device 30 and that it may include more or fewer components than shown, or some components may be combined, or different components, e.g., the computer device may also include input output devices, network access devices, buses, etc.
The Processor 31 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage 32 may be an internal storage unit of the computer device 30, such as a hard disk or a memory of the computer device 30. The memory 32 may also be an external storage device of the computer device 30, such as a plug-in hard disk provided on the computer device 30, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the memory 32 may also include both internal and external storage units of the computer device 30. The memory 32 is used for storing computer programs and other programs and data required by the computer device. The memory 32 may also be used to temporarily store data that has been output or is to be output.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions in actual implementation, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium. The software functional unit is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) or a Processor (Processor) to execute some steps of the methods according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1.一种能力开放方法,其特征在于,包括:1. a capability opening method, is characterized in that, comprises: 接收用户终端发送的加密地址信息;Receive encrypted address information sent by the user terminal; 对所述加密地址信息进行解密,生成地址信息;.Decrypt the encrypted address information to generate address information; . 将所述地址信息发送至用户终端,以供用户终端根据所述地址信息显示所述地址信息对应的网页页面。The address information is sent to the user terminal, so that the user terminal can display the web page corresponding to the address information according to the address information. 2.根据权利要求1所述的方法,其特征在于,所述接收用户终端发送的加密地址信息之前包括:2. The method according to claim 1, wherein before the receiving the encrypted address information sent by the user terminal comprises: 接收用户终端发送的所述地址信息;receiving the address information sent by the user terminal; 查询是否存储有所述地址信息对应的身份认证信息,所述身份认证信息包括有效时间;query whether the identity authentication information corresponding to the address information is stored, and the identity authentication information includes the valid time; 若查询出存储有所述地址信息对应的身份认证信息,则判断所述有效时间是否小于或等于设定时间;If the identity authentication information corresponding to the address information is queried and stored, it is determined whether the valid time is less than or equal to the set time; 若判断出所述有效时间小于或等于设定时间,则向用户终端发送第一校验成功消息,以供用户终端对所述地址信息进行加密生成所述加密地址信息。If it is determined that the valid time is less than or equal to the set time, a first verification success message is sent to the user terminal, so that the user terminal can encrypt the address information to generate the encrypted address information. 3.根据权利要求2所述的方法,其特征在于,还包括:3. The method of claim 2, further comprising: 若查询出未存储所述地址信息对应的身份认证信息,则向用户终端发送第一告警消息。If the identity authentication information corresponding to the address information is not stored in the query, a first alarm message is sent to the user terminal. 4.根据权利要求2所述的方法,其特征在于,还包括:4. The method of claim 2, further comprising: 若判断出所述有效时间大于设定时间,则向用户终端发送第二告警消息。If it is determined that the valid time is greater than the set time, a second alarm message is sent to the user terminal. 5.根据权利要求2所述的方法,其特征在于,所述接收用户终端发送的所述地址信息之前包括:5. The method according to claim 2, wherein before the receiving the address information sent by the user terminal comprises: 接收用户终端发送的应用IP地址;Receive the application IP address sent by the user terminal; 查询预先存储的应用IP地址是否包括用户终端发送的应用IP地址;Query whether the pre-stored application IP address includes the application IP address sent by the user terminal; 若查询出预先存储的应用IP地址包括用户终端发送的应用IP地址,向用户终端发送第二校验成功消息。If it is found that the pre-stored application IP address includes the application IP address sent by the user terminal, a second verification success message is sent to the user terminal. 6.根据权利要求4所述的方法,其特征在于,还包括:6. The method of claim 4, further comprising: 若查询出预先存储的应用IP地址未包括用户终端发送的应用IP地址,则向用户终端发送第三告警消息。If it is found that the pre-stored application IP address does not include the application IP address sent by the user terminal, a third alarm message is sent to the user terminal. 7.根据权利要求2所述的方法,其特征在于,所述身份认证信息还包括可调用次数,所述向用户终端发送第一校验成功消息之前,还包括:7. The method according to claim 2, wherein the identity authentication information further includes the number of times of invocation, and before the sending the first verification success message to the user terminal, further includes: 判断所述可调用次数是否小于或等于设定阈值;Determine whether the number of invocations is less than or equal to the set threshold; 若判断出所述可调用次数小于或等于设定阈值,则继续执行所述向用户终端发送第一校验成功消息的步骤;If it is determined that the number of times that can be invoked is less than or equal to the set threshold, continue to perform the step of sending the first verification success message to the user terminal; 若判断出所述可调用次数大于设定时间,则向所述用户终端发送第四告警消息。If it is determined that the number of invocations is greater than the set time, a fourth alarm message is sent to the user terminal. 8.一种能力开放装置,其特征在于,包括:8. A capability opening device, comprising: 接收模块,用于接收用户终端发送的加密地址信息;a receiving module for receiving encrypted address information sent by the user terminal; 解密模块,用于对所述加密地址信息进行解密;a decryption module for decrypting the encrypted address information; 生成模块,用于生成地址信息;A generation module is used to generate address information; 发送模块,用于将所述地址信息发送至用户终端,以供用户终端根据所述地址信息显示所述地址信息对应的网页页面。The sending module is configured to send the address information to the user terminal, so that the user terminal can display the web page corresponding to the address information according to the address information. 9.一种存储介质,其特征在于,包括:所述存储介质包括存储的程序,其中,在所述程序运行时控制所述存储介质所在设备执行权利要求1至7任意一项所述的能力开放方法。9. A storage medium, comprising: the storage medium includes a stored program, wherein when the program is run, a device where the storage medium is located is controlled to perform the capability of any one of claims 1 to 7 open method. 10.一种计算机设备,包括存储器和处理器,所述存储器用于存储包括程序指令的信息,所述处理器用于控制程序指令的执行,其特征在于,所述程序指令被处理器加载并执行时实现权利要求1至7任意一项所述的能力开放方法的步骤。10. A computer device comprising a memory and a processor, the memory for storing information including program instructions, the processor for controlling the execution of the program instructions, wherein the program instructions are loaded and executed by the processor when implementing the steps of the capability opening method described in any one of claims 1 to 7.
CN201911395874.0A 2019-12-30 2019-12-30 Capability opening method and device, storage medium and computer equipment Pending CN113132299A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911395874.0A CN113132299A (en) 2019-12-30 2019-12-30 Capability opening method and device, storage medium and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911395874.0A CN113132299A (en) 2019-12-30 2019-12-30 Capability opening method and device, storage medium and computer equipment

Publications (1)

Publication Number Publication Date
CN113132299A true CN113132299A (en) 2021-07-16

Family

ID=76768942

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911395874.0A Pending CN113132299A (en) 2019-12-30 2019-12-30 Capability opening method and device, storage medium and computer equipment

Country Status (1)

Country Link
CN (1) CN113132299A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101635622A (en) * 2008-07-24 2010-01-27 阿里巴巴集团控股有限公司 Method, system and equipment for encrypting and decrypting web page
CN102196012A (en) * 2010-03-17 2011-09-21 华为技术有限公司 Service opening method, system and service opening server
CN102957698A (en) * 2012-10-26 2013-03-06 北京奇虎科技有限公司 Method and system for accessing and managing enterprise intranet
CN103838557A (en) * 2012-11-23 2014-06-04 苏州精易会信息技术有限公司 Method for achieving design of client program
CN109617917A (en) * 2019-01-21 2019-04-12 深圳市能信安科技股份有限公司 Address virtual Web application security firewall methods, devices and systems
CN109995733A (en) * 2017-12-30 2019-07-09 中国移动通信集团辽宁有限公司 Capability service opening method, device, system, equipment and medium
US20190297058A1 (en) * 2018-03-21 2019-09-26 International Business Machines Corporation Partial encryption of a static webpage

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101635622A (en) * 2008-07-24 2010-01-27 阿里巴巴集团控股有限公司 Method, system and equipment for encrypting and decrypting web page
CN102196012A (en) * 2010-03-17 2011-09-21 华为技术有限公司 Service opening method, system and service opening server
CN102957698A (en) * 2012-10-26 2013-03-06 北京奇虎科技有限公司 Method and system for accessing and managing enterprise intranet
CN103838557A (en) * 2012-11-23 2014-06-04 苏州精易会信息技术有限公司 Method for achieving design of client program
CN109995733A (en) * 2017-12-30 2019-07-09 中国移动通信集团辽宁有限公司 Capability service opening method, device, system, equipment and medium
US20190297058A1 (en) * 2018-03-21 2019-09-26 International Business Machines Corporation Partial encryption of a static webpage
CN109617917A (en) * 2019-01-21 2019-04-12 深圳市能信安科技股份有限公司 Address virtual Web application security firewall methods, devices and systems

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
唐洪玉: "运营商物联网安全防护体系研究", 《电信技术》 *

Similar Documents

Publication Publication Date Title
CN108595970B (en) Configuration method, device, terminal and storage medium of processing component
CN109460373B (en) Data sharing method, terminal equipment and storage medium
EP3484125B1 (en) Method and device for scheduling interface of hybrid cloud
US11076295B2 (en) Remote management method, and device
US20190089810A1 (en) Resource access method, apparatus, and system
US10032037B1 (en) Establishing application trust levels using taint propagation as a service
CN110245518B (en) Data storage method, device and equipment
CN110569658A (en) User information processing method, device, electronic equipment and storage medium based on block chain network
CN109933960B (en) Service invocation control method, service invocation method, device and terminal
CN107528830B (en) Account login method, system and storage medium
CN113572763B (en) Data processing method and device, electronic equipment and storage medium
CN110377440A (en) Information processing method and device
KR20240009957A (en) Systems and methods for secure Internet communications
CN111628863B (en) Data signature method and device, electronic equipment and storage medium
US9948632B2 (en) Sharing data between sandboxed applications with certificates
US10049222B1 (en) Establishing application trust levels using taint propagation
EP3975015A1 (en) Applet package sending method and device, electronic apparatus, and computer readable medium
CN109120576B (en) Data sharing method and device, computer equipment and storage medium
CN118797604A (en) Data storage encryption method, device, medium and product based on hardware password card
CN118215037A (en) Secondary number identification method, device, equipment, medium and program product
US12323802B2 (en) Systems and methods for providing a secure notification service for mobile applications
CN114817957B (en) Encrypted partition access control method, system and computing device based on domain management platform
CN113132299A (en) Capability opening method and device, storage medium and computer equipment
CN115221562A (en) Browser file signature method, device and computer-readable storage medium
CN115225281A (en) Identity authentication method, device, equipment and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210716

RJ01 Rejection of invention patent application after publication