CN113343185B - Authorization method of client application, computing device and storage medium - Google Patents

Authorization method of client application, computing device and storage medium Download PDF

Info

Publication number
CN113343185B
CN113343185B CN202110878349.5A CN202110878349A CN113343185B CN 113343185 B CN113343185 B CN 113343185B CN 202110878349 A CN202110878349 A CN 202110878349A CN 113343185 B CN113343185 B CN 113343185B
Authority
CN
China
Prior art keywords
authorization
hardware information
information
hardware
client application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110878349.5A
Other languages
Chinese (zh)
Other versions
CN113343185A (en
Inventor
曹军
金奇才
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Uniontech Software Technology Co Ltd
Original Assignee
Uniontech Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Uniontech Software Technology Co Ltd filed Critical Uniontech Software Technology Co Ltd
Priority to CN202110878349.5A priority Critical patent/CN113343185B/en
Priority to CN202111121696.XA priority patent/CN113849779A/en
Publication of CN113343185A publication Critical patent/CN113343185A/en
Application granted granted Critical
Publication of CN113343185B publication Critical patent/CN113343185B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs

Abstract

The invention discloses an authorization method, a computing device and a storage medium of a client application, wherein the method is executed in a server, the server is respectively in communication connection with the client and a data storage device, authorization record information of the client application is stored in the data storage device, and each piece of first hardware information corresponding to the client application during each authorization is recorded in the authorization record information, and the method comprises the following steps: receiving an authorization request from the client, wherein the authorization request comprises at least one piece of second hardware information of the client and an authorization serial number of the client application; judging whether the authorization serial number is authorized; if the first hardware information is authorized, comparing the first hardware information with the second hardware information to count the repetition rate of the second hardware information; determining a weight value corresponding to each piece of second hardware information based on the repetition rate of each piece of second hardware information; judging whether the sum of the weight values corresponding to the second hardware information is greater than a weight threshold value or not; if the weight is larger than the weight threshold value, the authorization of the client application is successful.

Description

Authorization method of client application, computing device and storage medium
Technical Field
The invention relates to the field of internet, in particular to an authorization method of a client application, a computing device and a storage medium.
Background
With the continuous development of computer technology, client applications are continuously developed in an iterative manner. Meanwhile, the authorization problem of the client application is more and more prominent, and for a manufacturer of the charging client application, if the client application is cracked and diffused, huge losses are brought to a company. The issue of authorization of client applications is therefore also a problem that client application companies have to pay attention to.
Disclosure of Invention
In view of the above, the present invention has been made to provide an authorization method for a client application, a computing device and a storage medium that overcome or at least partially solve the above problems.
According to an aspect of the present invention, there is provided an authorization method for a client application, which is executed in a server, and the server is respectively connected to a client and a data storage device in a communication manner, wherein authorization record information of the client application is stored in the data storage device, and each piece of first hardware information corresponding to the client application at each authorization is recorded in the authorization record information, the method including: receiving an authorization request from the client, wherein the authorization request comprises at least one piece of second hardware information of the client and an authorization serial number of the client application; judging whether the authorization serial number is authorized; if the first hardware information is authorized, comparing the first hardware information with the second hardware information to count the repetition rate of the second hardware information; determining a weight value corresponding to each piece of second hardware information based on the repetition rate of each piece of second hardware information; judging whether the sum of the weight values corresponding to the second hardware information is greater than a weight threshold value or not; if the weight is larger than the weight threshold value, the authorization of the client application is successful.
Optionally, in the method for authorizing a client application according to the present invention, if the client application is authorized, the step of comparing each piece of first hardware information with each piece of second hardware information to count a repetition rate of each piece of second hardware information includes: comparing each piece of second hardware information with each piece of first hardware information one by one, and recording the repetition times of each piece of second hardware information and each piece of first hardware information; based on the repetition times, the repetition rate of each piece of second hardware information is calculated.
Optionally, in the authorization method for the client application according to the present invention, a weight value corresponding to each piece of second hardware information is in an inverse relationship with a repetition rate of each piece of second hardware information.
Optionally, in the authorization method for a client application according to the present invention, the method for calculating the weight threshold includes: respectively calculating the repetition rate of each corresponding first hardware information in all historical authorization records during each authorization; determining a weight value of each piece of first hardware information based on the repetition rate of each piece of first hardware information; calculating a weighted average value of the weight values of the first hardware information; and taking the sum of weighted averages of all the first hardware information as a weight threshold value.
Optionally, in the authorization method for a client application according to the present invention, before the step of determining whether the authorization sequence number is authorized, the method further includes the steps of: judging whether the authorization serial number is valid; if the client application is invalid, the client application fails to authorize; if the authorization sequence number is valid, whether the authorization sequence number is authorized or not is judged.
Optionally, in the authorization method for a client application according to the present invention, after the step of determining whether the authorization sequence number is authorized, the method further includes the steps of: if the authorization serial number is not authorized, the client application is successfully authorized; storing each piece of second hardware information and the authorization serial number in the authorization record information in an associated manner so as to update the first hardware information; updating the weight threshold according to the updated first hardware information.
Optionally, in the method for authorizing the client application according to the present invention, after the step of successfully authorizing the client application if the weight threshold is exceeded, the method further includes the steps of: storing the second hardware information and the authorization serial number in association with authorization record information so as to update the first hardware information; updating the weight threshold according to the updated first hardware information.
Optionally, in the authorization method for a client application according to the present invention, after the step of determining whether the sum of the weight values corresponding to the second hardware information is greater than the weight threshold, the method further includes the steps of: if the sum of the weighted values corresponding to the second hardware information is not greater than the weight threshold, judging whether the client meets a preset adjustment rule, wherein the preset adjustment rule comprises the following steps: the second hardware information includes hardware information configured to be the same as other hardware in factory setting; and if so, adjusting the weight threshold value so that the sum of the weight values corresponding to the second hardware information can be larger than the weight threshold value.
According to yet another aspect of the invention, there is provided a computing device comprising: at least one processor; and a memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, the program instructions comprising instructions for performing the above-described method.
According to yet another aspect of the present invention, there is provided a readable storage medium storing program instructions which, when read and executed by a computing device, cause the computing device to perform the above-described method.
According to the scheme of the invention, the authorization success rate of the same hardware information can be limited by dynamically adjusting the weight of the hardware information, so that the purpose of reducing the piracy rate is achieved.
According to the scheme of the invention, on the premise that the hardware information meets the authorization requirement, partial hardware can be replaced, and the client can still successfully authorize under the condition of replacing partial hardware by dynamically adjusting the weight threshold value, so that a certain degree of freedom is provided for a user, the user experience is improved, and the authorization failure caused by hardware replacement is avoided.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 illustrates a flow chart of a client application authorization method 100 in the prior art;
FIG. 2 shows a schematic diagram of an authorization system 200 for a client application according to one embodiment of the invention;
FIG. 3 shows a block diagram of a computing device 300, according to one embodiment of the invention;
FIG. 4 illustrates a flow diagram of a method 400 for authorization of a client application in accordance with one embodiment of the present invention;
fig. 5 shows a flow diagram of an authorization method 500 for a client application according to one embodiment of the invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In the current popular client application authorization scheme, an authorization server generally needs a client to provide an effective authorization serial number and binding information of individual fixed hardware information (such as information of a motherboard, a hard disk and the like). After receiving the binding information, the authorization server compares the binding information with authorized information in the database of the authorization server, if the same serial number and the same binding information of the fixed hardware information exist in the database, the authorization server considers that the authorization is successful, and at this moment, the authorization server sends an authorization success notice to the client. If the same serial number and the binding information of the fixed hardware information do not exist in the database of the authorization server, the authorization fails.
Fig. 1 shows a flow chart of a client application authorization method 100 in the prior art. As shown in fig. 1, after receiving an authorization verification request sent by a client, an authorization server first determines whether an authorization serial number is authorized, if the authorization serial number is authorized for the first time (i.e., not authorized), the authorization server determines that client application authorization is successful, and stores the authorization serial number and corresponding hardware information of the client in a data storage device; if the authorization serial number is authorized, comparing the corresponding hardware information with the hardware information bound by the corresponding authorization serial number in the data storage device, judging whether the hardware information and the hardware information are the same, and if not, failing to authorize the application of the client; if the client application is the same as the authorization serial number, the client application is successfully authorized, and the authorization serial number and the corresponding hardware information of the client are stored in the data storage device.
The authorization method using the above client application has the following defects:
1) when the client replaces some hardware in the authorization information for some reason, the server verifies the authorization, and the authorization fails due to inconsistency of the hardware information. For example: hardware information in the authorization information is hard disk information, and after a user replaces a hard disk, when authorization is verified again, the server cannot find the hard disk information corresponding to the authorization serial number, so that the originally authorized machine fails to be authorized.
2) Because the selected authorization information has a low degree of uniqueness in the hardware information, in some cases, multiple client applications can obtain authorization using the authorized serial number and the same hardware information. For example: when the hard disk model (model) is selected as hardware information for authorization binding, the client side of the hard disks with the same batch of models can complete authorization of all machines by using one serial number, so that authorization is diffused.
3) The same situation occurs for some hardware information that is unique due to non-canonical operations of some hardware vendors. For example: some non-standard mainboard serial numbers have the same condition, if the hardware information bound by the authorization information is just the mainboard serial number, all the clients with the same mainboard serial number can be authorized when the same authorization serial number is used.
4) Due to some malicious pirated software, the authorized serial number is used, and hardware information bound in the authorization information is simultaneously tampered, so that the authorization is pirated. For example: when the client acquires the hardware information of the machine, the pirate software intercepts the hardware information and returns the authorized hardware information to the client, so that the authorization serial number and the hardware information sent to the server by the client are authorized by other machines, and the authorization is pirated.
In order to solve the problems in the prior art, the invention provides a scheme. In particular, as shown in FIG. 2, FIG. 2 shows a schematic diagram of an authorization system 200 for a client application according to one embodiment of the invention. The authorization system 200 for a client application includes a client 210 and a computing device 220.
The client 210 is a terminal device used by a user, and may specifically be a personal computer such as a desktop computer and a notebook computer, or may also be a mobile phone, a tablet computer, a multimedia device, an intelligent wearable device, and the like, but is not limited thereto. A browser or application program, hereinafter collectively referred to as a client application, resides in the client 210 through which the computing device 220 in the internet is accessed. Accordingly, computing device 220 is operative to provide services to clients 210, which may be implemented as servers, e.g., application servers, Web servers, etc.; but may also be implemented as a desktop computer, a notebook computer, a processor chip, a tablet computer, etc., but is not limited thereto.
According to one embodiment, the computing device 220 may provide the client 210 with an authorization service for the client application, when the user opens the client application in the client 210, the client 210 may send an authorization request to the computing device 220, and the computing device 220 may return a result of an authorization success or an authorization failure to the client application, typically according to the authorization request data.
In one embodiment, the authorization system 200 of the client application further comprises a data storage 230. The data storage 230 may be a relational database such as MySQL, ACCESS, etc., or a non-relational database such as NoSQL, etc.; the database may be a local database residing in the computing device 220, or may be a distributed database, such as HBase, etc., disposed at a plurality of geographic locations, in short, the data storage device 230 is used for storing data, and the present invention does not limit the specific deployment and configuration of the data storage device 230.
The computing device 220 may connect with the data storage 230 and retrieve data stored in the data storage 230. For example, the computing device 220 may directly read the data in the data storage 230 (when the data storage 230 is a local database of the computing device 220), or may access the internet in a wired or wireless manner and obtain the data in the data storage 230 through a data interface.
In the present embodiment, the data storage 230 is adapted to store authorization record information of the client application. The authorization record information records first hardware information and an authorization serial number corresponding to each client application when each client application is authorized. In other words, the server stores the received authorization serial number and hardware information in the authorization record information each time the client application authorization service is performed, and specially marks the authorization serial number and hardware information passing the authorization.
Yet another embodiment of the present invention provides an authorization method of a client application, which may be executed in a computing device. FIG. 3 shows a block diagram of a computing device 300, according to one embodiment of the invention. As shown in FIG. 3, in a basic configuration 302, a computing device 300 typically includes a system memory 306 and one or more processors 304. A memory bus 308 may be used for communication between the processor 304 and the system memory 306.
Depending on the desired configuration, the processor 304 may be any type of processing, including but not limited to: a microprocessor (μ P), a microcontroller (μ C), a digital information processor (DSP), or any combination thereof. The processor 304 may include one or more levels of cache, such as a level one cache 310 and a level two cache 312, a processor core 314, and registers 316. The example processor core 314 may include an Arithmetic Logic Unit (ALU), a Floating Point Unit (FPU), a digital signal processing core (DSP core), or any combination thereof. The example memory controller 318 may be used with the processor 304, or in some implementations the memory controller 318 may be an internal part of the processor 304.
Depending on the desired configuration, system memory 306 may be any type of memory, including but not limited to: volatile memory (such as RAM), non-volatile memory (such as ROM, flash memory, etc.), or any combination thereof. The physical memory in the computing device is usually referred to as a volatile memory RAM, and data in the disk needs to be loaded into the physical memory to be read by the processor 304. System memory 306 may include an operating system 320, one or more applications 322, and program data 324. The application 322 is actually a plurality of program instructions that direct the processor 304 to perform corresponding operations. In some embodiments, the application 322 may be arranged to execute instructions on an operating system with the program data 324 by one or more processors 304 in some embodiments. Operating system 320 may be, for example, Linux, Windows, etc., which includes program instructions for handling basic system services and performing hardware dependent tasks. The application 322 includes program instructions for implementing various user-desired functions, and the application 322 may be, for example, but not limited to, a browser, instant messenger, a software development tool (e.g., an integrated development environment IDE, a compiler, etc.), and the like. When the application 322 is installed into the computing device 300, a driver module may be added to the operating system 320.
When the computing device 300 is started, the processor 304 reads program instructions of the operating system 320 from the memory 306 and executes the program instructions. The applications 322 run on top of the operating system 320, utilizing the operating system 320 and interfaces provided by the underlying hardware to implement various user-desired functions. When the user launches the application 322, the application 322 is loaded into the memory 306, and the processor 304 reads and executes the program instructions of the application 322 from the memory 306.
The computing device 300 also includes a storage device 332, the storage device 332 including removable storage 336 and non-removable storage 338, the removable storage 336 and the non-removable storage 338 each connected to the storage interface bus 334.
The computing device 300 may also include an interface bus 340 that facilitates communication from various interface devices (e.g., output devices 342, peripheral interfaces 344, and communication devices 346) to the basic configuration 302 via the bus/interface controller 330. The example output devices 342 include a graphics processing unit 348 and an audio processing unit 350. They may be configured to facilitate communications with various external devices, such as a display or speakers, via one or more a/V ports 352. Example peripheral interfaces 344 may include a serial interface controller 354 and a parallel interface controller 356, which may be configured to facilitate communication with external devices such as input devices (e.g., keyboard, mouse, pen, voice input device, touch input device) or other peripherals (e.g., printer, scanner, etc.) via one or more I/O ports 358. An example communication device 346 can include a network controller 360, which can be arranged to facilitate communications with one or more other computing devices 362 over a network communication link via one or more communication ports 364.
A network communication link may be one example of a communication medium. Communication media may typically be embodied by computer readable instructions, data structures, program modules, and may include any information delivery media, such as carrier waves or other transport mechanisms, in a modulated data signal. A "modulated data signal" may be a signal that has one or more of its data set or its changes made in such a manner as to encode information in the signal. By way of non-limiting example, communication media may include wired media such as a wired network or private-wired network, and various wireless media such as acoustic, Radio Frequency (RF), microwave, Infrared (IR), or other wireless media. The term computer readable media as used herein may include both storage media and communication media.
The computing device 300 also includes a storage interface bus 334 connected to the bus/interface controller 330. The storage interface bus 334 is coupled to a storage device 332, and the storage device 332 is adapted to store data. Example storage devices 332 may include removable storage 336 (e.g., CD, DVD, usb disk, removable hard disk, etc.) and non-removable storage 338 (e.g., hard disk drive HDD, etc.).
In a computing device 300 according to the invention, the application 322 includes a plurality of program instructions that perform the method 400.
Fig. 4 shows a flow diagram of an authorization method 400 for a client application according to one embodiment of the invention. The method 400 is suitable for execution in a computing device, such as the computing device 300 described above. The computing device is a server capable of executing the authorization method, and the server is respectively in communication connection with the client and the data storage device. It should be understood that the data storage device may also be disposed in a server, which is not limited in this application. The data storage device stores authorization record information of the client application, and the authorization record information records first hardware information corresponding to the client application during each authorization.
As shown in fig. 4, the method 400 is intended to implement an authorization method for a client application, starting from step S402, in step S402, an authorization request is received from the client, the authorization request including at least one second hardware information of the client and an authorization sequence number of the client application. The second hardware information is all valid hardware information within a predetermined range, for example, motherboard information, bios information, cpu information, memory information, hard disk information, network card information, video card information, sound card information, and the like, but is not limited thereto. The client needs to form an authorization request by all hardware information and the authorization serial number within the specified range and send the authorization request to the server.
In one particular example, the authorization request includes: authorization serial number + mainboard information + bios information + cpu information + memory information + hard disk information + network card information + display card information + sound card information.
Of course, the user may define the hardware range by himself, for example, the hardware range may be increased or decreased appropriately based on the above hardware, and the application is not limited thereto.
In step S404, it is determined whether the authorization sequence number is authorized. I.e. to determine whether the received grant sequence number occurred during a previous grant procedure. Specifically, whether there is the same preceding record can be checked by comparison with the authorization sequence number recorded in the authorization record information in the data storage device.
Of course, before step S404, it is necessary to determine whether the authorization sequence number is a valid authorization sequence number, and if the authorization sequence number is an invalid authorization sequence number, the client application may be directly determined to have failed authorization, so as to reduce the workload of the server and improve the working performance of the server. Thus, in some embodiments, prior to the step of determining whether the authorization sequence number is authorized, the authorization method 400 of the client application further comprises the steps of: judging whether the authorization serial number is valid; if the client application is invalid, the client application fails to authorize; if the authorization sequence number is valid, whether the authorization sequence number is authorized or not is judged.
In a specific example, the validity of the authorization serial number may be determined according to a rule of a manufacturer corresponding to the client application when generating the authorization serial number, for example, if all the authorization serial numbers generated by the manufacturer are numbers, and if a non-number (for example, a letter) appears in the obtained authorization serial number, it indicates that the software serial number of the application program is illegal; or, the authorization serial number generated by the manufacturer is 11 bits, and the obtained authorization serial number is more or less than 11, which indicates that the software serial number is illegal, and the like.
And if the valid authorization serial number is not authorized, the corresponding client application authorization is successful.
In step S406, if the authorized serial number is authorized, comparing each of the first hardware information and each of the second hardware information to count the repetition rate of each of the second hardware information.
Specifically, the repetition rate of each second hardware information may be counted by the following sub-steps:
firstly, comparing each piece of second hardware information with each piece of first hardware information one by one, and recording the repetition times of each piece of second hardware information and each piece of first hardware information.
In one specific example, the hardware information in the authorization request includes: mainboard information, BIOS information, CPU information, memory information, hard disk information, network card information, video card information and sound card information. First, comparing the mainboard information with all authorized mainboard information in the data storage device, and repeating the comparison. For example, the authorized main board information in the data storage device includes main board information 1, main board information 2, and main board information 3, the main board information in the current authorization request is compared with the main board information 1, the main board information 2, and the main board information 3, and if the authorization request is the same, the number of times of the recording is increased by 1. According to the method, the bios information, the cpu information, the memory information, the hard disk information, the network card information, the display card information and the sound card information are respectively compared with the corresponding authorized hardware information in the data storage device, and the repetition times of each piece of hardware information are respectively recorded.
Then, based on the number of repetitions, the repetition rate of each piece of second hardware information is calculated. Specifically, the ratio of the number of times of repetition of each piece of hardware information to the total number of pieces of corresponding hardware information is used as the repetition rate of the piece of hardware information. For example, the main board information repetition rate: 5%, BIOS information repetition rate: 10%, CPU information repetition rate: 3%, memory information repetition rate: 2%, hard disk information repetition rate: 1%, network card information repetition rate: 5%, display card information repetition rate: 6%, sound card information repetition rate: 10 percent.
In step S408, a weight value corresponding to each piece of second hardware information is determined based on the repetition rate of each piece of second hardware information. Specifically, the weight value corresponding to each piece of second hardware information is in an inverse relationship with the repetition rate of each piece of second hardware information. In other words, the weight value is set based on the principle that the lower the repetition rate, the greater the weight.
In some embodiments, the absolute value of the difference between the unit 1 and the repetition rate of each piece of hardware information is used as the weight value corresponding to each piece of hardware information; or the reciprocal of the repetition rate of each piece of hardware information is used as the weight value corresponding to each piece of hardware information.
In a specific example, the weight value of the main board information = 1-repetition rate of the main board information, the weight value of the bios information = 1-repetition rate of the bios information, and the like. Or the weight value of the main board information = 1/repetition rate of the main board information, the weight value of the bios information = 1/repetition rate of the bios information, and so on.
In step S408, it is determined whether the sum of the weight values corresponding to the respective second hardware information is greater than the weight threshold. And summing the weight values of all the hardware information in the authorization request for the sum of the weight values corresponding to the second hardware information. For example, the second hardware information includes motherboard information, bios information, cpu information, memory information, hard disk information, network card information, video card information, and sound card information. Then, the sum of the weight values corresponding to the second hardware information = the weight value of the main board information + the weight value of the bios information + the weight value of the cpu information + the weight value of the memory information + the weight value of the hard disk information + the weight value of the network card information + the weight value of the video card information + the weight value of the sound card information.
The weight threshold is pre-stored in the data storage device and is updated in real time as the authorization records increase.
In some embodiments, the weight threshold may be calculated by:
step 428, respectively calculating the repetition rate of each corresponding first hardware information in all historical authorization records at each authorization. As can be seen from the foregoing, each authorization record corresponds to a set of hardware information.
In a specific example, taking the motherboard information as an example, the first authorization record corresponds to the motherboard information 1, the second authorization record corresponds to the motherboard information 2, and the third authorization record corresponds to the motherboard information 3. Comparing the mainboard information 1 with the mainboard information 2 and the mainboard information 3 respectively, and calculating the repetition rate of the mainboard information 1. According to this method, the repetition rate of the main board information, the repetition rate of the bios information, the repetition rate of the cpu information, and the like are calculated, respectively.
In step S448, a weight value of each piece of first hardware information is determined based on the repetition rate of each piece of first hardware information. Step S408 can be referred to for calculating the weight value, which is not described herein again.
Step 468, calculating a weighted average of the weight values of the first hardware information;
step S488, the sum of the weighted averages of all the first hardware information is used as the weight threshold.
Continuing with the foregoing example, after the weight value 1 of each piece of motherboard information 1, the weight value 2 of the piece of motherboard information 2, and the weight value 3 of the piece of motherboard information 3 are obtained based on each motherboard information repetition rate, the weight values 1, 2, and 3 are weighted and averaged to obtain the standard weight value = (weight value 1+ weight value 2+ weight value 3)/3 of each piece of motherboard information. Based on the method, standard weight values of other hardware information, such as a standard weight value of bios information, a standard weight value of cpu information, and the like, are respectively obtained.
In a specific example, the weight threshold = a standard weight value of the motherboard information + a standard weight value of the bios information + a standard weight value of the cpu information + a standard weight value of the memory information + a standard weight value of the hard disk information + a standard weight value of the network card information + a standard weight value of the video card information + a standard weight value of the sound card information.
In step S410, if the sum of the weight values corresponding to the second hardware information is greater than the weight threshold, the client application is authorized successfully.
Of course, considering the special situation that the weight of the hardware information of the client cannot reach the standard weight of the hardware information of the server because a large batch of certain hardware information is the same in the market, the special situation needs to be considered before the step S410 is executed. Therefore, in some embodiments, if the sum of the weight values corresponding to the second hardware information is not greater than the weight threshold, it is determined whether the client side satisfies a preset adjustment rule. And if so, adjusting the weight threshold value so that the sum of the weight values corresponding to the second hardware information can be larger than the weight threshold value. The adjustment rule here is that there is hardware information configured to be the same as other hardware at the time of factory setting in each piece of second hardware information. In other words, it is determined whether or not the second hardware information has a case where a large batch of the second hardware information is identical to one another.
Specifically, the purpose of reducing the weight threshold can be achieved by reducing the standard weight value of the corresponding hardware information. For example, if the mainboard information of a large batch is the same when the client leaves the factory, the standard weight value of the mainboard information is reduced to reduce the weight threshold value, so that the purpose that the sum of the weight values corresponding to the second hardware information is greater than the weight threshold value is achieved.
As mentioned above, the weight threshold is updated in real time as the authorization record increases, because the amount of each hardware information in the authorization record increases with the increase of the authorization record. For example, after the client application corresponding to the current authorization request is deemed to be authorized successfully, the authorization record is incremented by 1, and at this time, the weight threshold is recalculated according to the combination of the second hardware information and the prior first hardware information in the current authorization request.
Specifically, in some embodiments, each second hardware information is stored in association with the authorization sequence number to the authorization record information to update the first hardware information. After the client application requesting authorization is successfully authorized, the corresponding second hardware information and the authorization serial number form a group of historical authorization records, and the second hardware information and the authorization serial number are stored in a historical authorization record table in the data storage device in an associated manner, so that the first hardware information is updated. Updating the weight threshold according to the updated first hardware information. And the updated weight threshold is the new weight threshold calculated again according to the combination of the newly added second hardware information and the prior first hardware information. For the calculation method of the weight threshold, refer to the calculation method of the weight threshold in step S408, and will not be described herein again.
In addition, it is mentioned in step S404 that if the authorization sequence number is not used, the corresponding client application authorization is successful. For this, the weight threshold should also be updated according to the respective second hardware information corresponding to the authorized serial number.
In one particular example, FIG. 5 illustrates a flow diagram of an authorization method 500 for a client application in accordance with one embodiment of the present invention. Compared with the method 400, the steps of calculating the weight threshold, updating the weight threshold, and authenticating the validity of the authorized serial number are added to the method 500, which is more comprehensive. Specifically, the method 500 is described in detail with reference to the following steps:
step S501, traversing all hardware information in the data storage device, and calculating a weight threshold. For a specific calculation process, reference may be made to the calculation step of the weight threshold in the method 400, which is not described herein again. The weight threshold is stored in the data storage.
Step S502, an authorization request from a client is received.
Step S503, judging whether the authorization serial number is legal. If the client application is legal, the step S504 is performed, otherwise, the client application authorization fails.
Step S504, judge whether the serial number of authorization has already authorized. If the authorization is the first authorization, the client is authorized successfully, and step S509 is performed. Otherwise, step S505 is performed.
And step S505, calculating the repetition rate of the hardware information of the client.
And step S506, calculating a weight value of the client hardware information.
Step S507, determining whether the weight value of the client hardware information is not less than the weight threshold. If so, the client application is authorized successfully, otherwise, go to step S508.
Step S508, determining whether the client hardware information satisfies a preset adjustment rule. If yes, the size of the weight threshold is adjusted so that the client application is successfully authorized, and step S509 is performed. If not, the client application fails to authorize. Specifically, the preset adjustment rule is that there is hardware information configured to be the same as other hardware at the time of factory setting in each piece of second hardware information.
Step S509, updating the size of the weight threshold based on the client hardware information in the current authorization request.
The method provided by the invention is characterized in that when the client application requests authorization or requests verification authorization, the server requires the client to upload all effective hardware information (such as hardware information of a mainboard, a Bios, a hard disk, a cpu, a network card, a memory, a video card, a sound card and the like) in a specified range. And binding all hardware information as authorization information by using the serial number, and calculating the weight of each hardware information. And then calculates the value of the standard weight which can pass the authorization authentication. Therefore, in the long-term authorization process, the server compares the hardware information acquired during each authorization with all other authorized hardware information in the data storage device, and the weight of the hardware information is reduced corresponding to the hardware information with high repetition rate. For long-term unique non-repeated hardware information, the weight is increased, so that some hardware with the highest uniqueness can be verified and obtained through a large amount of data. Then, in the later authorization verification process, when the authorization server receives the hardware information weight value of the client side, the authorization verification fails, otherwise, the authorization verification succeeds. Therefore, when the pirated software frequently uses the same serial number and the same hardware information for authorization, the corresponding hardware information weight can be reduced, and when the weight is reduced to be less than an authorization standard value, the pirated software is invalid, so that the cracking difficulty of the pirated software is increased, and the pirating rate is reduced.
When the client replaces some hardware, the information weight after hardware replacement is ensured to reach the authorization standard. Or because some hardware information in large batch on the market is consistent, the machines can be successfully authorized by dynamically adjusting the standard authorization weight value.
The various techniques described herein may be implemented in connection with hardware or software or, alternatively, with a combination of both. Thus, the methods and apparatus of the present invention, or certain aspects or portions thereof, may take the form of program code (i.e., instructions) embodied in tangible media, such as removable hard drives, U.S. disks, floppy disks, CD-ROMs, or any other machine-readable storage medium, wherein, when the program is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the invention.
In the case of program code execution on programmable computers, the computing device will generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. Wherein the memory is configured to store program code; the processor is configured to perform the method of the invention according to instructions in said program code stored in the memory.
By way of example, and not limitation, readable media may comprise readable storage media and communication media. Readable storage media store information such as computer readable instructions, data structures, program modules or other data. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. Combinations of any of the above are also included within the scope of readable media.
In the description provided herein, algorithms and displays are not inherently related to any particular computer, virtual system, or other apparatus. Various general purpose systems may also be used with examples of this invention. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose preferred embodiments of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules or units or components of the devices in the examples disclosed herein may be arranged in a device as described in this embodiment or alternatively may be located in one or more devices different from the devices in this example. The modules in the foregoing examples may be combined into one module or may be further divided into multiple sub-modules.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
Furthermore, some of the described embodiments are described herein as a method or combination of method elements that can be performed by a processor of a computer system or by other means of performing the described functions. A processor having the necessary instructions for carrying out the method or method elements thus forms a means for carrying out the method or method elements. Further, the elements of the apparatus embodiments described herein are examples of the following apparatus: the apparatus is used to implement the functions performed by the elements for the purpose of carrying out the invention.
As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
While the invention has been described with respect to a limited number of embodiments, those skilled in the art, having benefit of this description, will appreciate that other embodiments can be devised which do not depart from the scope of the invention as described herein. Furthermore, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter. Accordingly, many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the appended claims. The present invention has been disclosed in an illustrative rather than a restrictive sense with respect to the scope of the invention, as defined in the appended claims.

Claims (10)

1. An authorization method for a client application, executed in a server, where the server is respectively connected to a client and a data storage device in a communication manner, where authorization record information of the client application is stored in the data storage device, and each piece of first hardware information corresponding to the client application at each authorization is recorded in the authorization record information, the method comprising:
receiving an authorization request from the client, the authorization request including at least one second hardware information of the client and an authorization sequence number of a client application;
judging whether the authorization serial number is authorized;
if the first hardware information is authorized, comparing the first hardware information with the second hardware information to count the repetition rate of the second hardware information;
determining a weight value corresponding to each piece of second hardware information based on the repetition rate of each piece of second hardware information;
judging whether the sum of the weight values corresponding to the second hardware information is greater than a weight threshold value or not;
and if the weight is larger than the weight threshold, the client application is successfully authorized.
2. The method of claim 1, wherein the step of comparing each first hardware message with each second hardware message to count the repetition rate of each second hardware message comprises:
comparing each piece of second hardware information with each piece of first hardware information one by one, and recording the repetition times of each piece of second hardware information and each piece of first hardware information;
and calculating the repetition rate of each piece of second hardware information based on the repetition times.
3. The method of claim 1, wherein,
the weight value corresponding to each piece of second hardware information is in inverse proportion to the repetition rate of each piece of second hardware information.
4. The method of claim 2, wherein the weight threshold is calculated by:
respectively calculating the repetition rate of each corresponding first hardware information in all historical authorization records during each authorization;
determining a weight value of each piece of first hardware information based on a repetition rate of each piece of first hardware information;
calculating a weighted average value of the weight values of the first hardware information;
taking the sum of the weighted averages of all first hardware information as the weight threshold.
5. The method of claim 1, wherein before the step of determining whether the authorized serial number is authorized, further comprising the steps of:
judging whether the authorization serial number is valid;
if the client application is invalid, the client application fails to authorize;
if the authorization sequence number is valid, judging whether the authorization sequence number is authorized.
6. The method of any one of claims 1-5, wherein after the step of determining whether the authorized serial number is authorized, further comprising the steps of:
if the authorization serial number is not authorized, the client application is successfully authorized;
storing the second hardware information and the authorization serial number in the authorization record information in an associated manner so as to update the first hardware information;
updating the weight threshold according to the updated first hardware information.
7. The method of claim 1, wherein after the step of successful authorization of the client application if greater than a weight threshold, further comprising the steps of:
storing the second hardware information and the authorization serial number in the authorization record information in an associated manner so as to update the first hardware information;
updating the weight threshold according to the updated first hardware information.
8. The method according to claim 1, wherein after the step of determining whether the sum of the weight values corresponding to the second hardware information is greater than the weight threshold, the method further comprises the steps of:
if the sum of the weighted values corresponding to the second hardware information is not greater than a weight threshold, determining whether the client meets a preset adjustment rule, wherein the preset adjustment rule includes: the second hardware information includes hardware information configured to be the same as other hardware in factory setting;
and if so, adjusting the weight threshold value so that the sum of the weight values corresponding to the second hardware information can be larger than the weight threshold value.
9. A computing device, comprising:
at least one processor; and
a memory storing program instructions configured for execution by the at least one processor, the program instructions comprising instructions for performing the method of any of claims 1-8.
10. A readable storage medium storing program instructions that, when read and executed by a computing device, cause the computing device to perform the method of any of claims 1-8.
CN202110878349.5A 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium Active CN113343185B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110878349.5A CN113343185B (en) 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium
CN202111121696.XA CN113849779A (en) 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110878349.5A CN113343185B (en) 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202111121696.XA Division CN113849779A (en) 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium

Publications (2)

Publication Number Publication Date
CN113343185A CN113343185A (en) 2021-09-03
CN113343185B true CN113343185B (en) 2021-10-22

Family

ID=77480531

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202111121696.XA Pending CN113849779A (en) 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium
CN202110878349.5A Active CN113343185B (en) 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202111121696.XA Pending CN113849779A (en) 2021-08-02 2021-08-02 Authorization method of client application, computing device and storage medium

Country Status (1)

Country Link
CN (2) CN113849779A (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114357434A (en) * 2021-11-03 2022-04-15 统信软件技术有限公司 Operating system authorization method, device and system based on virtual machine and computing equipment
CN115001749B (en) * 2022-05-05 2024-02-09 中科创达软件股份有限公司 Equipment authorization method, device, equipment and medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077345A (en) * 2012-12-27 2013-05-01 深信服网络科技(深圳)有限公司 Software authorization method and system based on virtual machine
CN106897585A (en) * 2017-03-15 2017-06-27 北京深思数盾科技股份有限公司 Software license management method, method for protecting software and device
CN110855598A (en) * 2018-08-20 2020-02-28 北京场景互娱传媒科技有限公司 Terminal application management method, terminal device, cloud server and storage medium
CN111984936A (en) * 2019-05-23 2020-11-24 腾讯科技(深圳)有限公司 Authorization allocation method, device, server and storage medium
CN112231647A (en) * 2019-07-15 2021-01-15 普天信息技术有限公司 Software authorization verification method
CN112328975A (en) * 2020-10-29 2021-02-05 上海金仕达软件科技有限公司 Product software authorization management method, terminal device and medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI544342B (en) * 2013-12-17 2016-08-01 緯創資通股份有限公司 Method and system for verifing quality of server

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077345A (en) * 2012-12-27 2013-05-01 深信服网络科技(深圳)有限公司 Software authorization method and system based on virtual machine
CN106897585A (en) * 2017-03-15 2017-06-27 北京深思数盾科技股份有限公司 Software license management method, method for protecting software and device
CN110855598A (en) * 2018-08-20 2020-02-28 北京场景互娱传媒科技有限公司 Terminal application management method, terminal device, cloud server and storage medium
CN111984936A (en) * 2019-05-23 2020-11-24 腾讯科技(深圳)有限公司 Authorization allocation method, device, server and storage medium
CN112231647A (en) * 2019-07-15 2021-01-15 普天信息技术有限公司 Software authorization verification method
CN112328975A (en) * 2020-10-29 2021-02-05 上海金仕达软件科技有限公司 Product software authorization management method, terminal device and medium

Also Published As

Publication number Publication date
CN113849779A (en) 2021-12-28
CN113343185A (en) 2021-09-03

Similar Documents

Publication Publication Date Title
CN112699342B (en) Authorization control method, authorization device and computing equipment
CN113343185B (en) Authorization method of client application, computing device and storage medium
CN108900471B (en) Server, client, network system and method for transmitting data
US10552590B2 (en) System and method for providing an authentication agent in a persistent authentication framework
JP5613259B2 (en) Method, system, and computer program for protecting asynchronous client-server transactions
US9172694B2 (en) Propagating delegated authorized credentials through legacy systems
US20150135282A1 (en) Methods and systems for secure internet access and services
KR20190014124A (en) Two factor authentication
CN104303188A (en) Authenticating a user of a system via an authentication image mechanism
US20030236975A1 (en) System and method for improved electronic security credentials
CN113254887A (en) Authorization method of application program, computing device and storage medium
CN112995131A (en) Page login method, system and computing device
CN112118269A (en) Identity authentication method, system, computing equipment and readable storage medium
CN110301127B (en) Apparatus and method for predictive token validation
CN111447178B (en) Access control method, system and computing device
CN113536361B (en) Method and device for realizing trusted reference library and computing equipment
CN111935716B (en) Authentication method, authentication system and computing device
CN114880648A (en) Batch offline activation method, online activation method and activation system for operating system
CN114925336A (en) Method and system for activating software
CN111835523B (en) Data request method, system and computing device
CN113806810B (en) Authentication method, authentication system, computing device, and storage medium
CN113515737A (en) Soft certificate authentication method and system based on domestic cryptographic technology
CN113742715B (en) Operating system authorization method, device and system based on virtual machine and computing equipment
CN113806810A (en) Authentication method, authentication system, computing device, and storage medium
CN114969835B (en) Webpage information evidence storing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant