CN114091119A - Information processing method, information processing device, electronic equipment and computer readable storage medium - Google Patents

Information processing method, information processing device, electronic equipment and computer readable storage medium Download PDF

Info

Publication number
CN114091119A
CN114091119A CN202111421940.4A CN202111421940A CN114091119A CN 114091119 A CN114091119 A CN 114091119A CN 202111421940 A CN202111421940 A CN 202111421940A CN 114091119 A CN114091119 A CN 114091119A
Authority
CN
China
Prior art keywords
information
verification
signature
verification information
verified
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111421940.4A
Other languages
Chinese (zh)
Inventor
吴存杰
田庆立
李艳艳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Kingsoft Cloud Network Technology Co Ltd
Original Assignee
Beijing Kingsoft Cloud Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kingsoft Cloud Network Technology Co Ltd filed Critical Beijing Kingsoft Cloud Network Technology Co Ltd
Priority to CN202111421940.4A priority Critical patent/CN114091119A/en
Publication of CN114091119A publication Critical patent/CN114091119A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the application provides an information processing method and device, electronic equipment and a computer readable storage medium, and relates to the field of information processing. The method comprises the following steps: receiving a first verification request, and acquiring first verification information and first signature information to be verified in the first verification request; determining second verification information corresponding to the first verification information according to a preset corresponding relation; wherein a length of the second authentication information is different from a length of the first authentication information; and performing signature verification processing on the first signature information to be verified according to the second verification information. According to the embodiment of the application, the verification processing of the first verification information with the character length different from the standard length is realized, and the verification requirements of different terminal equipment or the verification information with different character lengths when the terminal equipment is applied to different scenes are met.

Description

Information processing method, information processing device, electronic equipment and computer readable storage medium
Technical Field
The present application relates to the field of internet technologies, and in particular, to an information processing method, an information processing apparatus, an electronic device, and a computer-readable storage medium.
Background
With the development of internet technology, the information security problem in the internet application process is very important. In order to ensure the security of transactions and services and protect user information from attack, the application facilitator also takes security measures, for example, during information access and information interaction, authentication and other processes are usually required to verify the identity of the user, and only after the authentication and verification pass, the user is authorized to perform the subsequent interaction process.
In the related art, when the server authenticates the user, verification information is generated and sent to the user, so that the user performs authentication verification to the server through the verification information.
However, the authentication information required to be verified in authentication is different for different user equipments or different scenarios of application of the user equipments.
Disclosure of Invention
The present application aims to solve at least one of the above technical drawbacks, and in particular, to solve the technical drawback that the verification information required to be verified in authentication is different.
According to an aspect of the present application, there is provided an information processing method including:
receiving a first verification request, and acquiring first verification information and first signature information to be verified in the first verification request;
determining second verification information corresponding to the first verification information according to a preset corresponding relation; wherein a length of the second authentication information is different from a length of the first authentication information;
and performing signature verification processing on the first signature information to be verified according to the second verification information.
Optionally, before receiving the first authentication request, the method further includes:
receiving a verification information acquisition request;
if the verification information acquisition request meets a first preset condition, generating the first verification information and the second verification information;
and generating the preset corresponding relation between the first verification information and the second verification information.
Optionally, after generating the first verification information and the second verification information, the method further includes:
and sending the first verification information to a client.
Optionally, the first preset condition includes at least one of:
the client identification corresponding to the verification information acquisition request comprises a first preset identification;
the authentication information acquisition request comprises a second preset identification, and the second preset identification indicates that the first authentication information is requested.
Optionally, the performing signature verification processing on the first signature information to be verified according to the second verification information includes:
extracting key information in the second verification information, and generating second signature information to be verified according to the key information;
and verifying the first signature information to be verified and the second signature information to be verified.
Optionally, the determining, according to a preset corresponding relationship, second verification information corresponding to the first verification information includes:
determining a first version number of the first authentication information;
determining a second version number corresponding to the first version number according to the preset corresponding relation;
and determining the second verification information according to the second version number.
According to an aspect of the present application, there is provided an information processing method including:
carrying first verification information and the first signature information to be verified on a first verification request, sending the first verification request to a server, and indicating the server to: according to a preset corresponding relation, second verification information corresponding to the first verification information is determined, and signature verification processing is carried out on the first signature information to be verified according to the second verification information; wherein a length of the second authentication information is different from a length of the first authentication information.
According to another aspect of the present application, there is provided an information processing apparatus including:
the receiving module is used for receiving a first verification request and acquiring first verification information and first signature information to be verified in the first verification request;
the determining module is used for determining second verification information corresponding to the first verification information according to a preset corresponding relation; wherein a length of the second authentication information is different from a length of the first authentication information;
and the verification module is used for verifying the signature of the first signature information to be verified according to the second verification information.
According to another aspect of the present application, there is provided an information processing apparatus including:
a sending module, configured to carry first verification information and the first signature information to be verified in a first verification request, send the first verification request to a server, and instruct the server to: according to a preset corresponding relation, second verification information corresponding to the first verification information is determined, and signature verification processing is carried out on the first signature information to be verified according to the second verification information; wherein a length of the second authentication information is different from a length of the first authentication information.
According to another aspect of the present application, there is provided an electronic device including:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: the information processing method as shown in the first and second aspects of the present application is performed.
For example, in a third aspect of the present application, there is provided a computing device comprising: the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction enables the processor to execute the corresponding operation of the information processing method as shown in the first aspect and the second aspect of the application.
According to yet another aspect of the present application, there is provided a computer-readable storage medium, which when executed by a processor implements the information processing method shown in the first and second aspects of the present application.
For example, in a fourth aspect of embodiments of the present application, a computer-readable storage medium is provided, on which a computer program is stored, and the computer program, when executed by a processor, implements the information processing method as shown in the first and second aspects of the present application.
According to an aspect of the application, a computer program product or computer program is provided, comprising computer instructions, the computer instructions being stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the methods provided in the various alternative implementations of the first aspect or the second aspect described above.
The beneficial effect that technical scheme that this application provided brought is:
according to the embodiment of the application, the first verification information and the first signature information to be verified in the first verification request are obtained by receiving the first verification request, the second verification information corresponding to the first verification information is determined according to the preset corresponding relation, the second verification information is right, the first signature information to be verified is subjected to signature verification processing, and therefore the second verification information corresponding to the first verification information is obtained and signature verification processing is carried out according to the second verification information, verification processing of the first verification information with the character length different from the standard length is achieved, and the verification requirements of the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is a system architecture of an information processing method according to an embodiment of the present application;
fig. 2 is a schematic flowchart of an information processing method according to an embodiment of the present application;
fig. 3 is a second schematic flowchart of an information processing method according to an embodiment of the present application;
fig. 4 is an interaction diagram of an information processing method according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an information processing apparatus according to an embodiment of the present application;
fig. 6 is a second schematic structural diagram of an information processing apparatus according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an information processing electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present application.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Any number of elements in the drawings are by way of example and not by way of limitation, and any nomenclature is used solely for differentiation and not by way of limitation.
For different terminal devices or situations where the terminal devices are applied to different scenes, the verification information required to be verified during authentication is different, for example, in some scenes, the character length of the verification information for verifying the signature by the terminal device is shorter.
The method comprises the steps of receiving a first verification request, and acquiring first verification information and first signature information to be verified in the first verification request; determining second verification information corresponding to the first verification information according to a preset corresponding relation; and performing signature verification processing on the first signature information to be verified according to the second verification information, so that verification processing on the first verification information with the character length different from the standard length is realized by acquiring the second verification information corresponding to the first verification information and performing signature verification processing according to the second verification information, and information verification requirements for different terminal equipment or terminal equipment applied to different scenes are met.
Some brief descriptions are given below to application scenarios to which the technical solution of the embodiment of the present application can be applied, and it should be noted that the application scenarios described below are only used for describing the embodiment of the present application and are not limited. In specific implementation, the technical scheme provided by the embodiment of the application can be flexibly applied according to actual needs.
Fig. 1 is a system architecture diagram of an information processing method according to an embodiment of the present application. The system may include a server 101 and a user terminal cluster, wherein the server 101 may be regarded as a background server providing information processing services.
The user terminal cluster may include: the system comprises a user terminal 102, a user terminal 103, and user terminals 104 and … …, wherein a client for information processing can be installed in the user terminal, and a communication connection can exist between the user terminals, for example, a communication connection exists between the user terminal 102 and the user terminal 103, and a communication connection exists between the user terminal 103 and the user terminal 104.
Meanwhile, the server 101 may provide a service for the user terminal cluster through a communication connection function, and any user terminal in the user terminal cluster may have a communication connection with the server 101, for example, a communication connection exists between the user terminal 102 and the server 101, and a communication connection exists between the user terminal 103 and the server 101, where the communication connection is not limited to a connection manner, and may be directly or indirectly connected through a wired communication manner, may also be directly or indirectly connected through a wireless communication manner, and may also be through other manners.
The communicatively coupled network may be a wide area network or a local area network, or a combination thereof. The application is not limited thereto.
The information processing method in the embodiment of the present application may be executed on a server side or a user terminal side, and the execution subject is not limited in the embodiment of the present application. In the information processing process, a user sends a first verification request through a user client installed on a terminal device, wherein the first verification request carries first verification information and first signature information to be verified, when the server receives the first verification request, second verification information corresponding to the first verification information can be determined according to a preset corresponding relation, and then the server can perform signature verification processing on the first signature information to be verified according to the second verification information.
Therefore, the method provided by the embodiment of the present application may be executed by a computer device, which includes but is not limited to a terminal (also including the user terminal described above) or a server (also including the server 101 described above). The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a network service, cloud communication, middleware service, a domain name service, a security service, a CDN, a big data and artificial intelligence platform, and the like. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.
Of course, the method provided in the embodiment of the present application is not limited to be used in the application scenario shown in fig. 1, and may also be used in other possible application scenarios, and the embodiment of the present application is not limited. The functions that can be implemented by each device in the application scenario shown in fig. 1 will be described in the following method embodiments, and will not be described in detail herein.
To further illustrate the technical solutions provided by the embodiments of the present application, the following detailed description is made with reference to the accompanying drawings and the detailed description. Although the embodiments of the present application provide method steps as shown in the following embodiments or figures, more or fewer steps may be included in the method based on conventional or non-inventive efforts. In steps where no necessary causal relationship exists logically, the order of execution of the steps is not limited to that provided by the embodiments of the present application.
The embodiment of the application provides an information processing method, and an execution main body of the method can be server equipment with information processing capacity, and can also be a device or a chip integrated on the equipment. As shown in fig. 2, which is a schematic flow chart of an information processing method provided in an embodiment of the present application, the method includes the following steps:
s201: receiving a first verification request, and acquiring first verification information and first signature information to be verified in the first verification request.
Specifically, the embodiment of the application can be applied to the authentication process of the terminal equipment; optionally, the authentication process may include an authentication process when the terminal device logs in the application system, for example, verifying whether the terminal device is a login behavior of the user himself; in addition, the authentication process may further include an authority authentication process when performing related service processing after logging in the system, for example, when a user needs to perform a service of uploading data information or downloading data information, the authority authentication process may be used to authenticate whether the user has an authority to upload data information or download data information.
In an embodiment of the present application, a server may receive a first authentication request of a user. The first authentication request may be used to describe a request for authentication by a user.
Optionally, the first authentication request may include a requestor identifier. For example, the requestor identification may be an identification of the user requesting authentication; in an embodiment of the present application, the identity of the user requesting authentication may include a primary account identity, a sub-account identity, and the like of the user.
Taking an actual scenario as an example, the user is company a, and company a may include a plurality of subsidiaries, and each of the subsidiaries may include a plurality of departments. The various subsidiaries, and the various departments of each subsidiary, may each have a different requestor identification for authentication verification.
In addition, the first verification request may further include first verification information and first signature information to be verified.
S202: and determining second verification information corresponding to the first verification information according to a preset corresponding relation.
Wherein a length of the second authentication information is different from a length of the first authentication information.
Specifically, the first authentication information may include information used for authentication, for example, the first authentication information may include information such as an Access Key identity (AK), a Secret Access Key (SK), a token (token), and the like. The first authentication information may not include information such as an access key identifier, a secret access key, and a token, but is only used to determine the second authentication information according to a preset correspondence.
The second authentication information may include information for authentication. The length of the second authentication information is different from the length of the first authentication information. Generally, the length of the second authentication information is greater than the length of the first authentication information. For example, the character length of the second authentication information may be 69 bits, the character length of the first authentication information may be 40 bits, and so on. Optionally, the second verification information may include an Access Key identity (Access Key ID, AK), a Secret Access Key (SK), a token (token), and the like. It is understood that, in the embodiment of the present application, the first authentication information and the second authentication information may be used to distinguish authentication information of different character lengths.
The first signature information to be verified may include signature information for verification. The signature information for verification may be generated according to the key information extracted from the second verification information and a preset operation relationship. The preset operational relationship may be a user-defined operational relationship according to the verification information provider. It can be understood that, in the embodiment of the present application, the first signature information to be verified may be generated based on the key information in the second verification information and a preset operation relationship.
The first verification information and the second verification information have a preset corresponding relation. Optionally, there may be a one-to-one correspondence between the first verification information and the second verification information, that is, each first verification information has unique second verification information corresponding thereto; in addition, there may also be a many-to-one correspondence between the first authentication information and the second authentication information, that is, a plurality of first authentication information may correspond to one second authentication information.
The preset correspondence may be established when the first authentication information and the second authentication information are generated. Optionally, the corresponding relationship between the first verification information and the second verification information may be directly established; identification information may also be added to the first authentication information and the second authentication information, respectively, to establish a correspondence between the identification information of the first authentication information and the identification information of the second authentication information. For example, a version number V1 may be added to the first authentication information, a version number V2 may be added to the second authentication information, and a correspondence relationship between the version number V1 and the version number V2 may be established.
S203: and performing signature verification processing on the first signature information to be verified according to the second verification information.
After the second verification information corresponding to the first verification information is determined, signature verification processing may be performed on the first signature information to be verified according to the second verification information.
Specifically, the signature verification processing may be performed on the first signature information to be verified by directly using the second verification information. In addition, key information in the second verification information can be extracted, and second signature information to be verified is generated according to the key information in the second verification information and a preset operational relationship; and carrying out signature verification processing on the first signature information to be verified by utilizing the second signature information to be verified. For example, if the first signature information to be verified is consistent with the second signature information to be verified, it may be determined that the first signature information to be verified is generated by the second verification information based on a preset operation relationship, so as to determine that the signature verification passes.
As a first example, an information processing method according to an embodiment of the present application is described in conjunction with a scenario of a cloud service:
in a cloud service scenario, a terminal device needs to perform information interaction with a cloud server. For example, the terminal device may store the data information by uploading the data information to a cloud server; in addition, the terminal device can download required data information from the cloud server. In order to ensure the security of information interaction between the terminal device and the cloud server, the cloud server needs to authenticate and verify the interactive terminal before the information interaction. Specifically, in the authentication verification process, the cloud server first receives a verification request, that is, a first verification request in the embodiment of the present application, sent by the terminal, and obtains first verification information and first signature information to be verified from the first verification request. The first authentication information may be authentication information with a short character length. Then, the cloud server determines second verification information corresponding to the first verification information according to a preset corresponding relation; for example, the second verification information may be determined according to a corresponding relationship between version numbers corresponding to the first verification information and the second verification information, respectively; and finally, the server performs signature verification processing on the first signature information to be verified according to the second verification information.
In the embodiment of the application, first verification information and first signature information to be verified in a first verification request are obtained by receiving the first verification request; determining second verification information corresponding to the first verification information according to a preset corresponding relation; and performing signature verification processing on the first signature information to be verified according to the second verification information, so that verification processing on the first verification information with the character length different from the standard length is realized, and the verification requirements on the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
In one embodiment of the present application, before the receiving the first authentication request, the method further includes:
receiving a verification information acquisition request;
if the verification information acquisition request meets a first preset condition, generating the first verification information and the second verification information;
and generating the preset corresponding relation between the first verification information and the second verification information.
Specifically, before the receiving of the first authentication request in step S201, the embodiment of the present application may further include a generation process of authentication information.
First, an authentication information acquisition request is received. The authentication information acquisition request may be used to describe a request for acquiring authentication information.
The authentication information obtaining request may include a requestor identifier, for example, the requestor identifier may be an identifier of a user requesting to obtain the authentication information, and in this embodiment, the requestor identifier may include a main account identifier, a sub-account identifier, and the like of the user; in addition, in the embodiment of the present application, in order to distinguish whether the requested authentication information is authentication information with a shorter character length or authentication information with a standard character length, the authentication information acquisition request may further include a type of the character length of the requested authentication information.
When the verification information acquisition request meets a first preset condition, the first verification information and the second verification information may be generated.
The first preset condition may be a condition for generating first verification information with a short character length, and specifically, the first preset condition may specifically include that the client identifier corresponding to the verification information acquisition request includes a first preset identifier, for example, the client identifier corresponding to the verification information acquisition request includes a preset white list identifier; in addition, the first preset condition may further include that the authentication information acquisition request includes a second preset identifier, where the second preset identifier indicates that the first authentication information is requested, that is, the second preset identifier may be used to indicate that the authentication information with a shorter character length is requested.
Further, the preset corresponding relationship between the first verification information and the second verification information is generated. Wherein, the corresponding relation can be directly established between the first verification information and the second verification information; the first verification information and the second verification information may be added with identification information, and a corresponding relationship is established by the identification information corresponding to the first verification information and the second verification information, for example, a version number V1 may be added to the first verification information, a version number V2 may be added to the second verification information, and a corresponding relationship is established between the version number V1 and the version number V2.
In addition, after the second verification information is generated, the first signature information to be verified can be generated according to the key information in the second verification information and a preset operation relation. The preset operational relationship may be a user-defined operational relationship according to the verification information provider. It can be understood that, in the embodiment of the present application, the first signature information to be verified may be generated based on the key information in the second verification information and a preset operation relationship.
In an embodiment of the application, after the generating the first verification information and the second verification information, the method further includes:
and sending the first verification information and the first signature information to be verified to a client.
With reference to the first example, in the embodiment of the present application, when some terminal devices perform authentication processing, due to insufficient storage space and the like, the character length of the requested authentication information is short, for example, the character length of the requested authentication information is smaller than that of the authentication information with a standard character length in a normal case. In this case, when a verification request sent by a client corresponding to the terminal is received, and when a client identifier in the verification request includes a preset white list identifier and/or a verification information acquisition request includes an identifier indicating that first verification information with a shorter request character length is included, the cloud server may generate verification information with two character lengths, that is, first verification information and second verification information; a corresponding relation can be established for the first verification information and the second verification information; generating first signature information to be verified according to the key information extracted from the second verification information and a preset operation relation; and then, sending the first verification information and the first signature information to be verified to the client.
The embodiment of the application acquires the request by receiving the verification information; if the verification information acquisition request meets a first preset condition, generating the first verification information and the second verification information; and generating the preset corresponding relation between the first verification information and the second verification information, thereby realizing that two kinds of verification information can be generated for the white list user needing the verification information with shorter character length, and the first verification information with shorter character length is sent to the client of the user, thereby meeting the special requirements of the user on the verification information.
In an embodiment of the application, the performing signature verification processing on the first signature information to be verified according to the second verification information includes:
extracting key information in the second verification information, and generating second signature information to be verified according to the key information;
and verifying the first signature information to be verified and the second signature information to be verified.
Specifically, the second signature information to be verified can be generated according to the key information in the second verification information and the preset operational relationship, and the signature verification processing is performed on the first signature information to be verified by using the second signature information to be verified.
Further, when the first signature information to be verified and the second signature information to be verified are verified, the signature verification process can be performed by comparing whether the first signature information to be verified and the second signature information to be verified are consistent.
In an embodiment of the application, the determining, according to a preset correspondence, second verification information corresponding to the first verification information includes:
determining a first version number of the first authentication information;
determining a second version number corresponding to the first version number according to the preset corresponding relation;
and determining the second verification information according to the second version number.
Specifically, in the embodiment of the present application, identification information may be added to the first verification information and the second verification information, and a corresponding relationship is established by the identification information corresponding to the first verification information and the second verification information, for example, a version number V1 may be added to the first verification information, a version number V2 may be added to the second verification information, and a corresponding relationship is established between the version number V1 and the version number V2.
Therefore, after receiving the first verification request and obtaining the first verification information in the first verification request, the first version number of the first verification information may be determined, for example, the version number of the first verification information is V1, then the version number V2 corresponding to the version number V1 may be determined according to the preset corresponding relationship, and then the second verification information corresponding to the version number V2 may be determined according to the version number V2.
According to the embodiment of the application, the first verification information and the first signature information to be verified in the first verification request are obtained by receiving the first verification request, the second verification information corresponding to the first verification information is determined according to the preset corresponding relation, and the signature verification processing is carried out on the first signature information to be verified according to the second verification information, so that the verification processing of the first verification information with the character length different from the standard length is realized through the second verification information corresponding to the first verification information, and the verification requirements on the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
The embodiment of the application provides an information processing method, and an execution main body of the method can be terminal equipment with information processing capacity, and can also be a device or a chip integrated on the equipment. As shown in fig. 3, which is a second schematic flow chart of an information processing method according to an embodiment of the present application, the method includes the following steps:
s301: carrying first verification information and the first signature information to be verified on a first verification request, sending the first verification request to a server, and indicating the server to: according to a preset corresponding relation, second verification information corresponding to the first verification information is determined, and signature verification processing is carried out on the first signature information to be verified according to the second verification information; wherein a length of the second authentication information is different from a length of the first authentication information.
Specifically, the first authentication request may be used to describe a request for authentication, and optionally, the first authentication request may specifically include a requestor identifier, for example, the requestor identifier may be an identifier of a user requesting authentication, and in this embodiment of the present application, the identifier of the user requesting authentication may include a primary account identifier, a sub-account identifier, and the like of the user.
In addition, the first verification request may further include first verification information and first signature information to be verified.
The first authentication information may include information used for authentication, for example, the first authentication information may include information such as an Access Key identity (Access Key ID, AK), a Secret Access Key (SK), a token (token), and the like. The first authentication information may not include information such as an access key identifier, a secret access key, and a token, but is only used to determine the second authentication information according to a preset correspondence.
The first signature information to be verified may include signature information for verification. The signature information for verification may be generated according to the key information extracted from the second verification information and a preset operation relationship. The preset operational relationship may be a user-defined operational relationship according to the verification information provider. It can be understood that, in the embodiment of the present application, the first signature information to be verified may be generated based on the key information in the second verification information and a preset operation relationship.
Specifically, the second authentication information may describe information for authentication, and the length of the second authentication information is different from the length of the first authentication information, for example, the character length of the second authentication information may be 69 bits, the character length of the first authentication information may be 40 bits, and so on.
The second verification information may include an Access Key identity (AK), a Secret Access Key (SK), a token (token), and the like. It is to be understood that, in the embodiment of the present application, the first authentication information and the second authentication information may be used to distinguish authentication information of different character lengths, which is not a distinction of authentication information of different properties.
In addition, a preset corresponding relationship exists between the first verification information and the second verification information, optionally, a one-to-one corresponding relationship may exist between the first verification information and the second verification information, that is, each first verification information has unique second verification information corresponding to the second verification information; in addition, there may also be a many-to-one correspondence between the first authentication information and the second authentication information, that is, a plurality of first authentication information may correspond to one second authentication information.
The preset corresponding relationship between the first verification information and the second verification information can be established when the first verification information and the second verification information are generated, and optionally, the corresponding relationship between the first verification information and the second verification information can be directly established; the first verification information and the second verification information may be added with identification information, and a corresponding relationship is established by the identification information corresponding to the first verification information and the second verification information, for example, a version number V1 may be added to the first verification information, a version number V2 may be added to the second verification information, and a corresponding relationship is established between the version number V1 and the version number V2.
After the second verification information corresponding to the first verification information is determined, signature verification processing may be performed on the first signature information to be verified according to the second verification information.
Specifically, the second verification information can be directly utilized to perform signature verification processing on the first signature information to be verified; in addition, key information in the second verification information can be extracted, second signature information to be verified is generated according to the key information in the second verification information and a preset operation relation, and signature verification processing is performed on the first signature information to be verified by using the second signature information to be verified.
The method comprises the steps of generating first signature information to be verified according to first verification information; carrying the first verification information and the first signature information to be verified on a first verification request, sending the first verification request to a server, and instructing the server to: and according to the preset corresponding relation, second verification information corresponding to the first verification information is determined, and signature verification processing is carried out on the first signature information to be verified according to the second verification information, so that verification processing on the first verification information with the character length different from the standard length is realized through the second verification information corresponding to the first verification information, and the verification requirements on the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
In the embodiment of the present application, an interaction timing sequence between the terminal device and the server is described below with reference to fig. 4:
when the terminal equipment accesses the cloud server, authentication is needed, and data interaction can be carried out between the terminal equipment and the cloud server after the authentication is passed. In the authentication process, firstly, the terminal equipment requests the cloud server to acquire verification information, namely step A; after receiving a verification information acquisition request of the terminal device, the cloud server judges whether a request party is a white list user, wherein the white list user is a user for acquiring verification information with a short character length, and if the request party is the white list user, a short token, namely first verification information in the embodiment of the application, and a standard token, namely second verification information in the embodiment of the application are generated; establishing a mapping relation between the short token and the standard token, and generating a first signature string, namely first signature information to be verified, according to the key information extracted from the standard token and a preset operation relation, namely step B; then, sending the short token and the first signature string to a terminal (specifically, a client corresponding to the terminal), namely step C; further, the terminal sends a verification request (i.e., a first verification request in the embodiment of the present application) to the cloud server, where the verification request carries the short token and the first signature string, that is, step D; and E, after receiving the verification request, the cloud server acquires a standard token corresponding to the short token according to the mapping relation, extracts key information from the standard token, generates a second signature string according to the extracted key information by a preset encryption algorithm, and then verifies the first signature string and the second signature string, namely step E.
According to the embodiment of the application, the first verification information and the first signature information to be verified in the first verification request are obtained by receiving the first verification request, the second verification information corresponding to the first verification information is determined according to the preset corresponding relation, the second verification information is right, the first signature information to be verified is subjected to signature verification processing, and therefore the second verification information corresponding to the first verification information is obtained and signature verification processing is carried out according to the second verification information, verification processing of the first verification information with the character length different from the standard length is achieved, and the verification requirements of the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
An embodiment of the present application provides an information processing apparatus, and as shown in fig. 5, the information processing apparatus 50 may include: a receiving module 501, a determining module 502, and a verifying module 503, wherein,
a receiving module 501, configured to receive a first verification request, and obtain first verification information and first signature information to be verified in the first verification request;
a determining module 502, configured to determine, according to a preset correspondence, second verification information corresponding to the first verification information; wherein a length of the second authentication information is different from a length of the first authentication information;
the verification module 503 is configured to perform signature verification processing on the first signature information to be verified according to the second verification information.
In one embodiment of the present application, the apparatus further comprises:
the verification information generation module is used for receiving a verification information acquisition request before the first verification request is received;
if the verification information acquisition request meets a first preset condition, generating the first verification information and the second verification information;
and generating the preset corresponding relation between the first verification information and the second verification information.
In one embodiment of the present application, the apparatus further comprises:
and the verification information sending module is used for sending the first verification information to a client after the first verification information and the second verification information are generated.
In one embodiment of the present application, the first preset condition includes at least one of:
the client identification corresponding to the verification information acquisition request comprises a first preset identification;
the authentication information acquisition request comprises a second preset identification, and the second preset identification indicates that the first authentication information is requested.
In an embodiment of the present application, the verification module 503 is specifically configured to extract key information in the second verification information, and generate second signature information to be verified according to the key information;
and verifying the first signature information to be verified and the second signature information to be verified.
In an embodiment of the present application, the determining module 502 is specifically configured to determine a first version number of the first verification information;
determining a second version number corresponding to the first version number according to the preset corresponding relation;
and determining the second verification information according to the second version number.
An embodiment of the present application provides an information processing apparatus, and as shown in fig. 6, the information processing apparatus 60 may include: a sending module 601, wherein,
a sending module 601, configured to carry first verification information and the first signature information to be verified in a first verification request, send the first verification request to a server, and instruct the server to: according to a preset corresponding relation, second verification information corresponding to the first verification information is determined, and signature verification processing is carried out on the first signature information to be verified according to the second verification information; wherein a length of the second authentication information is different from a length of the first authentication information.
The information processing apparatus of this embodiment can execute the information processing method shown in the above embodiments of this application, and the implementation principles thereof are similar and will not be described herein again.
According to the embodiment of the application, the first verification information and the first signature information to be verified in the first verification request are obtained by receiving the first verification request, the second verification information corresponding to the first verification information is determined according to the preset corresponding relation, the second verification information is right, the first signature information to be verified is subjected to signature verification processing, and therefore the second verification information corresponding to the first verification information is obtained and signature verification processing is carried out according to the second verification information, verification processing of the first verification information with the character length different from the standard length is achieved, and the verification requirements of the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
An embodiment of the present application provides an electronic device, including: a memory and a processor; at least one program stored in the memory for execution by the processor, which when executed by the processor, implements: according to the embodiment of the application, the first verification information and the first signature information to be verified in the first verification request are obtained by receiving the first verification request, the second verification information corresponding to the first verification information is determined according to the preset corresponding relation, the second verification information is right, the first signature information to be verified is subjected to signature verification processing, and therefore the second verification information corresponding to the first verification information is obtained and signature verification processing is carried out according to the second verification information, verification processing of the first verification information with the character length different from the standard length is achieved, and the verification requirements of the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
In an alternative embodiment, an electronic device is provided, as shown in fig. 7, the electronic device 4000 shown in fig. 7 comprising: a processor 4001 and a memory 4003. Processor 4001 is coupled to memory 4003, such as via bus 4002. Optionally, the electronic device 4000 may further include a transceiver 4004, and the transceiver 4004 may be used for data interaction between the electronic device and other electronic devices, such as transmission of data and/or reception of data. In addition, the transceiver 4004 is not limited to one in practical applications, and the structure of the electronic device 4000 is not limited to the embodiment of the present application.
The Processor 4001 may be a CPU (Central Processing Unit), a general-purpose Processor, a DSP (Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array) or other Programmable logic device, a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 4001 may also be a combination that performs a computational function, including, for example, a combination of one or more microprocessors, a combination of a DSP and a microprocessor, or the like.
Bus 4002 may include a path that carries information between the aforementioned components. The bus 4002 may be a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus 4002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 7, but this is not intended to represent only one bus or type of bus.
The Memory 4003 may be a ROM (Read Only Memory) or other types of static storage devices that can store static information and instructions, a RAM (Random Access Memory) or other types of dynamic storage devices that can store information and instructions, an EEPROM (Electrically Erasable Programmable Read Only Memory), a CD-ROM (Compact Disc Read Only Memory) or other optical Disc storage, optical Disc storage (including Compact Disc, laser Disc, optical Disc, digital versatile Disc, blu-ray Disc, etc.), a magnetic Disc storage medium or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to these.
The memory 4003 is used for storing application program codes (computer programs) for executing the present scheme, and is controlled by the processor 4001 to execute. Processor 4001 is configured to execute application code stored in memory 4003 to implement what is shown in the foregoing method embodiments.
Among them, electronic devices include but are not limited to: mobile phones, notebook computers, multimedia players, desktop computers, and the like.
The present application provides a computer-readable storage medium, on which a computer program is stored, which, when running on a computer, enables the computer to execute the corresponding content in the foregoing method embodiments.
According to the embodiment of the application, the first verification information and the first signature information to be verified in the first verification request are obtained by receiving the first verification request, the second verification information corresponding to the first verification information is determined according to the preset corresponding relation, the second verification information is right, the first signature information to be verified is subjected to signature verification processing, and therefore the second verification information corresponding to the first verification information is obtained and signature verification processing is carried out according to the second verification information, verification processing of the first verification information with the character length different from the standard length is achieved, and the verification requirements of the verification information with different character lengths when different terminal equipment or terminal equipment is applied to different scenes are met.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (11)

1. An information processing method applied to a server is characterized by comprising the following steps:
receiving a first verification request, and acquiring first verification information and first signature information to be verified in the first verification request;
determining second verification information corresponding to the first verification information according to a preset corresponding relation; wherein a length of the second authentication information is different from a length of the first authentication information;
and performing signature verification processing on the first signature information to be verified according to the second verification information.
2. The information processing method according to claim 1, wherein before the receiving the first authentication request, the method further comprises:
receiving a verification information acquisition request;
if the verification information acquisition request meets a first preset condition, generating the first verification information and the second verification information;
and generating the preset corresponding relation between the first verification information and the second verification information.
3. The information processing method according to claim 2, wherein after the generating the first authentication information and the second authentication information, the method further comprises:
and sending the first verification information to a client.
4. The information processing method according to claim 2, wherein the first preset condition includes at least one of:
the client identification corresponding to the verification information acquisition request comprises a first preset identification;
the authentication information acquisition request comprises a second preset identification, and the second preset identification indicates that the first authentication information is requested.
5. The information processing method according to claim 1,
the signature verification processing of the first signature information to be verified according to the second verification information includes:
extracting key information in the second verification information, and generating second signature information to be verified according to the key information;
and verifying the first signature information to be verified and the second signature information to be verified.
6. The information processing method according to claim 1, wherein the determining, according to a preset correspondence, second authentication information corresponding to the first authentication information includes:
determining a first version number of the first authentication information;
determining a second version number corresponding to the first version number according to the preset corresponding relation;
and determining the second verification information according to the second version number.
7. An information processing method applied to a client is characterized by comprising the following steps:
carrying first verification information and the first signature information to be verified on a first verification request, sending the first verification request to a server, and indicating the server to: according to a preset corresponding relation, second verification information corresponding to the first verification information is determined, and signature verification processing is carried out on the first signature information to be verified according to the second verification information; wherein a length of the second authentication information is different from a length of the first authentication information.
8. An information processing apparatus characterized by comprising:
the receiving module is used for receiving a first verification request and acquiring first verification information and first signature information to be verified in the first verification request;
the determining module is used for determining second verification information corresponding to the first verification information according to a preset corresponding relation; wherein a length of the second authentication information is different from a length of the first authentication information;
and the verification module is used for verifying the signature of the first signature information to be verified according to the second verification information.
9. An information processing apparatus characterized by comprising:
a sending module, configured to carry first verification information and the first signature information to be verified in a first verification request, send the first verification request to a server, and instruct the server to: according to a preset corresponding relation, second verification information corresponding to the first verification information is determined, and signature verification processing is carried out on the first signature information to be verified according to the second verification information; wherein a length of the second authentication information is different from a length of the first authentication information.
10. An electronic device, characterized in that the electronic device comprises:
one or more processors;
a memory;
one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the one or more processors, the one or more programs configured to: the information processing method according to any one of claims 1 to 7 is executed.
11. A computer-readable storage medium on which a computer program is stored, the computer program, when being executed by a processor, implementing the information processing method according to any one of claims 1 to 7.
CN202111421940.4A 2021-11-26 2021-11-26 Information processing method, information processing device, electronic equipment and computer readable storage medium Pending CN114091119A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111421940.4A CN114091119A (en) 2021-11-26 2021-11-26 Information processing method, information processing device, electronic equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111421940.4A CN114091119A (en) 2021-11-26 2021-11-26 Information processing method, information processing device, electronic equipment and computer readable storage medium

Publications (1)

Publication Number Publication Date
CN114091119A true CN114091119A (en) 2022-02-25

Family

ID=80305013

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111421940.4A Pending CN114091119A (en) 2021-11-26 2021-11-26 Information processing method, information processing device, electronic equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN114091119A (en)

Similar Documents

Publication Publication Date Title
CN109067728B (en) Access control method and device for application program interface, server and storage medium
CN112333198B (en) Secure cross-domain login method, system and server
CN112671720B (en) Token construction method, device and equipment for cloud platform resource access control
CN112131021B (en) Access request processing method and device
CN112491776B (en) Security authentication method and related equipment
CN110268406B (en) Password security
CN109286620B (en) User right management method, system, device and computer readable storage medium
CN111818088A (en) Authorization mode management method and device, computer equipment and readable storage medium
CN111565179B (en) Identity verification method and device, electronic equipment and storage medium
CN111597537B (en) Block chain network-based certificate issuing method, related equipment and medium
CN111367923A (en) Data processing method, data processing device, node equipment and storage medium
US11977620B2 (en) Attestation of application identity for inter-app communications
CN111259428A (en) Data processing method and device based on block chain, node equipment and storage medium
CN108600266B (en) Statement filtering authentication method and system
US8904508B2 (en) System and method for real time secure image based key generation using partial polygons assembled into a master composite image
CN111147235B (en) Object access method and device, electronic equipment and machine-readable storage medium
CN116647345A (en) Method and device for generating permission token, storage medium and computer equipment
CN109818915B (en) Information processing method and device, server and readable storage medium
CN116032546A (en) Resource access method and device and electronic equipment
CN112544057A (en) Block chain node equipment, authentication method and device thereof, and storage medium
CN114091119A (en) Information processing method, information processing device, electronic equipment and computer readable storage medium
CN116136844A (en) Entity identification information generation method, device, medium and electronic equipment
CN113472781A (en) Service acquisition method, server and computer readable storage medium
KR102019558B1 (en) Efficient signature verification method for digital signatures using implicit certificates
CN116684214B (en) Block chain-based conference summary processing method, system, node equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination