CN114139131A - Operating system login method and device and electronic equipment - Google Patents

Operating system login method and device and electronic equipment Download PDF

Info

Publication number
CN114139131A
CN114139131A CN202111474274.0A CN202111474274A CN114139131A CN 114139131 A CN114139131 A CN 114139131A CN 202111474274 A CN202111474274 A CN 202111474274A CN 114139131 A CN114139131 A CN 114139131A
Authority
CN
China
Prior art keywords
operating system
user
server
information
ukey
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111474274.0A
Other languages
Chinese (zh)
Inventor
罗骥驰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Bamboocloud Technology Co ltd
Original Assignee
Shenzhen Bamboocloud Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Bamboocloud Technology Co ltd filed Critical Shenzhen Bamboocloud Technology Co ltd
Priority to CN202111474274.0A priority Critical patent/CN114139131A/en
Publication of CN114139131A publication Critical patent/CN114139131A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/107License processing; Key processing
    • G06F21/1078Logging; Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

The embodiment of the invention relates to the technical field of system security, and discloses an operating system login method, an operating system login device and electronic equipment. The method comprises the following steps: acquiring user information input by a user on a login page, and sending the user information to a server for the server to verify the user information; if the user information is verified successfully, verifying the Ukey equipment of the user; if the Ukey equipment is successfully verified, acquiring operating system information sent by the server, and verifying the operating system information; and if the operating system information is verified successfully, jumping to an operating system page from the login page. Through the mode, the embodiment of the invention improves the safety of the login process of the operating system.

Description

Operating system login method and device and electronic equipment
Technical Field
The embodiment of the invention relates to the technical field of system security, in particular to an operating system login method, an operating system login device and electronic equipment.
Background
An operating system is a computer program used to manage the hardware and software resources of a computer and may provide an interface for a user to interact with the computer. In order to ensure the safety of the computer used by the user, the operating system provides a user login interface to check the identity of the user.
In the related art, when a user logs in an operating system, user information needs to be input in a user login interface of the operating system, and if the operating system passes the user information verification, the user can normally enter the operating system; if the operating system does not verify the user information, the user cannot normally enter the operating system. However, in implementing the embodiments of the present invention, the inventors found that: in the related technology, user information input when a user logs in an operating system is easy to leak, so that the safety of the operating system in the login process is low.
Disclosure of Invention
In view of the foregoing problems, embodiments of the present invention provide an operating system login method, an operating system login device, and an electronic device, which are used to solve the problem in the prior art that the security of an operating system login process is low.
According to an aspect of an embodiment of the present invention, there is provided an operating system login method, including:
acquiring user information input by a user on a login page, and sending the user information to a server for the server to verify the user information;
if the user information is verified successfully, verifying the Ukey equipment of the user;
if the Ukey equipment is successfully verified, acquiring operating system information sent by the server, and verifying the operating system information;
and if the operating system information is verified successfully, jumping to an operating system page from the login page.
In an optional manner, the sending the user information to a server for the server to verify the user information includes:
acquiring a public key of a preset RSA encryption algorithm, and encrypting the user information by adopting the public key;
and sending the encrypted user information to a server through a hypertext transfer security protocol, so that the server can decrypt the encrypted user information by adopting a private key of a preset RSA encryption algorithm and verify the decrypted user information.
In an optional manner, before the verifying the Ukey device of the user, the method includes:
acquiring connection information of a local computer, and detecting Ukey equipment of the user according to the connection information;
if the Ukey equipment is detected, acquiring initial verification information of the Ukey equipment input by the user on the login page;
and verifying the initial verification information through the Ukey equipment, and if the initial verification information is verified successfully, executing the step of verifying the Ukey equipment of the user.
In an optional manner, the verifying the Ukey device of the user includes:
acquiring an original character string sent by the server, wherein the original character string is any one of a plurality of groups of character strings preset by the server;
generating a digital signature of the original character string by the Ukey device;
and acquiring the digital certificate of the Ukey equipment, and sending the digital signature and the digital certificate to the server for the server to verify the Ukey equipment according to the digital signature and the digital certificate.
In an optional manner, the sending the digital signature and the digital certificate to the server, so that the server verifies the Ukey device according to the digital signature and the digital certificate includes:
connecting the digital signature and the digital certificate to generate a connection result;
coding the connection result through a preset Base64 coding algorithm to generate a first coding result;
recoding the first coding result through a preset URL coding algorithm to generate a second coding result;
and sending the second encoding result to the server, so that the server generates a decoded digital signature and a decoded digital certificate according to the second encoding result, and verifying the Ukey equipment according to the decoded digital signature and the decoded digital certificate.
In an optional manner, the operating system information is an account and a password of an operating system encrypted by a preset DES encryption algorithm, and the verifying the operating system information includes:
determining a target decryption algorithm corresponding to the preset DES encryption algorithm, and decrypting the operating system information through the target decryption algorithm to obtain an account number and a password of the decrypted operating system;
and verifying the decrypted account number and the password of the operating system.
In an optional manner, after the jump from the login page to the operating system page, the method further comprises:
detecting the connection state of the Ukey equipment and the local computer in real time;
and if the connection state of the Ukey equipment and the local computer is detected to be changed from connection to disconnection, jumping from the operating system page to the login page.
According to another aspect of the embodiments of the present invention, there is provided an operating system login apparatus, including:
the sending module is used for acquiring user information input by a user on a login page, and sending the user information to a server for the server to verify the user information;
the first checking module is used for checking the Ukey equipment of the user if the user information is checked successfully;
the second checking module is used for acquiring the operating system information sent by the server and checking the operating system information if the Ukey equipment is successfully checked;
and the jumping module is used for jumping to the operating system page from the login page if the operating system information is successfully verified.
According to another aspect of the embodiments of the present invention, there is provided an electronic device including: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction enables the processor to execute the operation of the operating system login method.
According to another aspect of the embodiments of the present invention, there is provided a computer-readable storage medium, in which at least one executable instruction is stored, and when the executable instruction is executed on an electronic device, the electronic device executes the operations of the operating system login method described above.
In the embodiment of the invention, when a user logs in an operating system, user information input by the user on a login page is firstly obtained, and the user information is verified; if the user information is successfully verified, continuously verifying the Ukey equipment of the user; and if the Ukey equipment of the user is successfully verified, obtaining the operating system information, continuously verifying the operating system information, and if the operating system information is successfully verified, jumping from the login page to the operating system page so that the user can normally access the operating system. Therefore, the embodiment of the invention verifies the user information, the Ukey equipment and the operating system information in sequence, and jumps to the operating system page from the login page under the condition that all the verifications are successful, so that the user can normally access the operating system, and the safety of the login process of the operating system is enhanced.
The foregoing description is only an overview of the technical solutions of the embodiments of the present invention, and the embodiments of the present invention can be implemented according to the content of the description in order to make the technical means of the embodiments of the present invention more clearly understood, and the detailed description of the present invention is provided below in order to make the foregoing and other objects, features, and advantages of the embodiments of the present invention more clearly understandable.
Drawings
The drawings are only for purposes of illustrating embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
fig. 1 is a flowchart illustrating an operating system login method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram illustrating an operating system login apparatus according to an embodiment of the present invention;
fig. 3 shows a schematic structural diagram of an electronic device provided in an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the invention are shown in the drawings, it should be understood that the invention can be embodied in various forms and should not be limited to the embodiments set forth herein.
Before a user operates the operating system, the operating system generally needs to verify the identity of the user, and the operating system can be normally used after the identity of the user is verified. However, if a user needs to log in a plurality of operating systems frequently, the user needs to remember account information of each operating system, which causes inconvenience to the login operation of the user. In the embodiment of the invention, the account information of the operating systems of the plurality of terminals is uniformly managed through the third-party security center, and when a user logs in the operating system, the user only needs to input the account information of the third-party security center. According to the embodiment of the invention, the identity of the user can be verified through the account information of the user in the third-party security center and the Ukey equipment of the user, so that the process of logging in the operating system by the user is simplified, and the security of the process of logging in the operating system by the user is improved. The following provides a detailed description of embodiments of the invention.
Fig. 1 is a flowchart illustrating an operating system login method according to an embodiment of the present invention, which may be performed by an electronic device installed with an operating system. The memory of the electronic device is used for storing at least one executable instruction, and the executable instruction enables the processor of the electronic device to execute the operation of the operating system login method.
As shown in fig. 1, the method comprises the steps of:
step 110: the method comprises the steps of obtaining user information input by a user on a login page, and sending the user information to a server for the server to verify the user information.
The login page is a page provided by the operating system and used for a user to log in the third-party security center. After the local computer is powered on, the login page can be displayed to the user. The local computer is provided with an operating system, and the operating system can be Windows, Linux, Galaxy kylin operating system and the like. Taking the galaxy kylin operating system as an example, the galaxy kylin operating system is an open source server operating system, is compatible with the application on the Linux platform, conforms to the POSIX series standard, and is compatible with the Linux target code and the large application on the Linux platform. The desktop management process of the UKUI desktop environment of the Galaxy kylin operating system is used for managing a login interface, and after a user inputs user information, the user information can be sent to a server of a third-party security center for the server of the third-party security center to verify the user information. UKUI is a lightweight Linux desktop environment developed based on GTK and QT. The embodiment of the invention modifies the original desktop management process of the Galaxy kylin operating system, so that a login page for a user to login a third-party security center can be generated.
The user information input by the user on the login page may include, for example, account information, fingerprint information, face information, and verification code information. After the user information is acquired, the user information may be sent to a server to verify the user information. The local computer may communicate with the server via SSL (Secure Sockets Layer) protocol. Further, when the user information is sent to the server of the third-party security center and the server of the third-party security center checks the user information, the public key of the preset RSA encryption algorithm can be obtained, the public key of the preset RSA encryption algorithm is adopted to encrypt the user information, then the encrypted user information is sent to the server of the third-party security center through the hypertext transfer security protocol, the server of the third-party security center adopts the private key of the preset RSA encryption algorithm to decrypt the encrypted user information, and the decrypted user information is checked. The RSA encryption algorithm is an asymmetric encryption algorithm, and the public key is different from the private key, and the private key (public key) of the RSA encryption algorithm cannot be calculated according to the public key (private key) of the RSA encryption algorithm.
Step 120: and if the user information is verified successfully, verifying the Ukey equipment of the user.
If the server of the third-party security center successfully verifies the user information, the verification success information can be returned to the local computer. The Ukey equipment is a small storage equipment which is directly connected with a computer through a universal serial bus interface, has a password verification function and is reliable and high-speed, and provides functions of encryption, decryption and the like based on files. Before verifying the Ukey equipment of the user, the Ukey equipment of the user is required to be successfully connected with the local computer. Furthermore, before the Ukey equipment of the user is verified, the connection information of the local computer can be obtained in advance, and the Ukey equipment of the user is detected according to the connection information of the local computer; and if the Ukey equipment of the user is detected, prompting the user to input initial verification information of the Ukey equipment, and if the Ukey equipment of the user is not detected, prompting the user to correctly install the Ukey equipment. After the user inputs the initial authentication information of the Ukey equipment on the login page, the initial authentication information of the Ukey equipment input by the user on the login page can be obtained, the initial authentication information is verified through the Ukey equipment, and if the initial authentication information is verified successfully, the verification of the Ukey equipment of the user is continued.
When the Ukey equipment of the user is verified, an original character string sent by the server is firstly obtained, the original character string is any one group of character strings in a plurality of groups of character strings preset by the server, then a digital signature of the original character string is generated through the Ukey equipment, the digital signature is a section of digital string which cannot be forged by others and is generated by an information sender, and the section of digital string is also an effective proof of the authenticity of the information sent by the information sender; and finally, acquiring the digital certificate of the Ukey equipment, and sending the digital signature generated by the Ukey equipment and the digital certificate of the Ukey equipment to a server for the server to verify the Ukey equipment according to the digital signature and the digital certificate. Further, when the digital signature and the digital certificate are sent to the server for the server to verify the Ukey equipment according to the digital signature and the digital certificate, the digital signature and the digital certificate can be connected firstly to generate a connection result; then, coding the connection result through a preset Base64 coding algorithm to generate a first coding result; recoding the first coding result through a preset URL coding algorithm to generate a second coding result; and finally, sending the second encoding result to a server for the server to generate a decoded digital signature and a decoded digital certificate according to the second encoding result, and verifying the Ukey equipment according to the decoded digital signature and the decoded digital certificate.
Step 130: and if the Ukey equipment is successfully verified, acquiring the operating system information sent by the server, and verifying the operating system information.
The operating system information may include an account and a password of the operating system. The server of the third-party security center stores operating system information of a plurality of computers, and after the server of the third-party security center successfully verifies the Ukey equipment of the user, the server of the third-party security center can inquire the operating system information of the corresponding computer in the database and return the inquired operating system information to the corresponding computer. Further, the server of the third-party security center may encrypt the queried operating system information in advance by using a preset DES encryption algorithm, so as to ensure the security of the operating system information transmission. The encryption operation and the decryption operation of the DES encryption algorithm use the same key, and the information sender and the information receiver must commonly hold the key when encrypting and decrypting, so that the DES encryption algorithm is a symmetric encryption algorithm. If the operating system information is the account and the password of the operating system encrypted by the preset DES encryption algorithm, when the operating system information is verified, a target decryption algorithm corresponding to the preset DES encryption algorithm can be firstly determined, then the operating system information is decrypted by the target decryption algorithm to obtain the decrypted account and the decrypted password of the operating system, and finally the decrypted account and the decrypted password of the operating system are verified.
When the account and the password of the decrypted operating system are verified, the operating system can be directly logged in through the account and the password of the decrypted operating system, if the login is successful, the verification is passed, and if the login is unsuccessful, the verification is failed.
Step 140: and if the operating system information is verified successfully, jumping to an operating system page from the login page.
The operating system page is a page where a user interacts with the operating system. And when the operating system information is successfully verified, jumping from the login page to the operating system page to realize the interaction between the user and the operating system. In order to ensure the safety of the interaction between the user and the operating system, the connection state of the Ukey equipment of the user and the local computer can be detected in real time. Furthermore, after the login page is jumped to the operating system page, the connection state of the Ukey equipment of the user and the local computer can be detected in real time, and if the connection state of the Ukey equipment of the user and the local computer is detected to be changed from connection to disconnection, the operation system page is jumped to the login page. Further, the MAC address of the local computer may be sent to the server, so that the server may analyze the user behavior according to the MAC address and perform security audit. If the information verification of the operating system fails, an alarm prompt can be given, so that maintenance personnel can update the database of the third-party security center.
In the embodiment of the invention, when a user logs in an operating system, user information input by the user on a login page is firstly obtained, and the user information is verified; if the user information is successfully verified, continuously verifying the Ukey equipment of the user; and if the Ukey equipment of the user is successfully verified, obtaining the operating system information, continuously verifying the operating system information, and if the operating system information is successfully verified, jumping from the login page to the operating system page so that the user can normally access the operating system. Therefore, the embodiment of the invention verifies the user information, the Ukey equipment and the operating system information in sequence, and jumps to the operating system page from the login page under the condition that all the verifications are successful, so that the user can normally access the operating system, and the safety of the login process of the operating system is enhanced.
Fig. 2 is a schematic structural diagram illustrating an operating system login apparatus according to an embodiment of the present invention. As shown in fig. 2, the apparatus 300 includes: a sending module 310, a first check module 320, a second check module 330, and a jumping module 340.
The sending module 310 is configured to obtain user information input by a user on a login page, and send the user information to a server for the server to verify the user information; the first checking module 320 is configured to check the Ukey device of the user if the user information is successfully checked; the second checking module 330 is configured to, if the Ukey device is successfully checked, obtain operating system information sent by the server, and check the operating system information; the jump module 340 is configured to jump from the login page to an operating system page if the operating system information is successfully verified.
In an alternative manner, the sending module 310 is configured to:
acquiring a public key of a preset RSA encryption algorithm, and encrypting the user information by adopting the public key;
and sending the encrypted user information to a server through a hypertext transfer security protocol, so that the server can decrypt the encrypted user information by adopting a private key of a preset RSA encryption algorithm and verify the decrypted user information.
In an alternative manner, the first checking module 320 is configured to:
before the Ukey equipment of the user is verified, acquiring connection information of a local computer, and detecting the Ukey equipment of the user according to the connection information;
if the Ukey equipment is detected, acquiring initial verification information of the Ukey equipment input by the user on the login page;
and verifying the initial verification information through the Ukey equipment, and if the initial verification information is verified successfully, verifying the Ukey equipment of the user.
In an alternative manner, the first checking module 320 is configured to:
acquiring an original character string sent by the server, wherein the original character string is any one of a plurality of groups of character strings preset by the server;
generating a digital signature of the original character string by the Ukey device;
and acquiring the digital certificate of the Ukey equipment, and sending the digital signature and the digital certificate to the server for the server to verify the Ukey equipment according to the digital signature and the digital certificate.
In an alternative manner, the first checking module 320 is configured to:
connecting the digital signature and the digital certificate to generate a connection result;
coding the connection result through a preset Base64 coding algorithm to generate a first coding result;
recoding the first coding result through a preset URL coding algorithm to generate a second coding result;
and sending the second encoding result to the server, so that the server generates a decoded digital signature and a decoded digital certificate according to the second encoding result, and verifying the Ukey equipment according to the decoded digital signature and the decoded digital certificate.
In an optional manner, the operating system information is an account and a password of the operating system encrypted by a preset DES encryption algorithm, and the second verification module 330 is configured to:
determining a target decryption algorithm corresponding to the preset DES encryption algorithm, and decrypting the operating system information through the target decryption algorithm to obtain an account number and a password of the decrypted operating system;
and verifying the decrypted account number and the password of the operating system.
In an alternative manner, the skip module 340 is configured to:
after jumping from the login page to an operating system page, detecting the connection state of the Ukey equipment and the local computer in real time;
and if the connection state of the Ukey equipment and the local computer is detected to be changed from connection to disconnection, jumping from the operating system page to the login page.
In the embodiment of the invention, when a user logs in an operating system, user information input by the user on a login page is firstly obtained, and the user information is verified; if the user information is successfully verified, continuously verifying the Ukey equipment of the user; and if the Ukey equipment of the user is successfully verified, obtaining the operating system information, continuously verifying the operating system information, and if the operating system information is successfully verified, jumping from the login page to the operating system page so that the user can normally access the operating system. Therefore, the embodiment of the invention verifies the user information, the Ukey equipment and the operating system information in sequence, and jumps to the operating system page from the login page under the condition that all the verifications are successful, so that the user can normally access the operating system, and the safety of the login process of the operating system is enhanced.
Fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and the specific embodiment of the present invention does not limit the specific implementation of the electronic device.
As shown in fig. 3, the electronic device may include: a processor (processor)402, a Communications Interface 404, a memory 406, and a Communications bus 408.
Wherein: the processor 402, communication interface 404, and memory 406 communicate with each other via a communication bus 408. A communication interface 404 for communicating with network elements of other devices, such as clients or other servers. The processor 402 is configured to execute the program 410, and may specifically perform the relevant steps in the embodiment of the operating system login method described above.
In particular, program 410 may include program code comprising computer-executable instructions.
The processor 402 may be a central processing unit CPU or an application Specific Integrated circuit asic or one or more Integrated circuits configured to implement embodiments of the present invention. The electronic device comprises one or more processors, which can be the same type of processor, such as one or more CPUs; or may be different types of processors such as one or more CPUs and one or more ASICs.
And a memory 406 for storing a program 410. Memory 406 may comprise high-speed RAM memory, and may also include non-volatile memory (non-volatile memory), such as at least one disk memory.
The program 410 may specifically be invoked by the processor 402 to cause the electronic device to perform the following operations:
acquiring user information input by a user on a login page, and sending the user information to a server for the server to verify the user information;
if the user information is verified successfully, verifying the Ukey equipment of the user;
if the Ukey equipment is successfully verified, acquiring operating system information sent by the server, and verifying the operating system information;
and if the operating system information is verified successfully, jumping to an operating system page from the login page.
In an alternative, the program 410 may specifically be invoked by the processor 402 to cause the electronic device to perform the following operations:
acquiring a public key of a preset RSA encryption algorithm, and encrypting the user information by adopting the public key;
and sending the encrypted user information to a server through a hypertext transfer security protocol, so that the server can decrypt the encrypted user information by adopting a private key of a preset RSA encryption algorithm and verify the decrypted user information.
In an alternative, the program 410 may specifically be invoked by the processor 402 to cause the electronic device to perform the following operations:
before the Ukey equipment of the user is verified, acquiring connection information of a local computer, and detecting the Ukey equipment of the user according to the connection information;
if the Ukey equipment is detected, acquiring initial verification information of the Ukey equipment input by the user on the login page;
and verifying the initial verification information through the Ukey equipment, and if the initial verification information is verified successfully, verifying the Ukey equipment of the user.
In an alternative, the program 410 may specifically be invoked by the processor 402 to cause the electronic device to perform the following operations:
acquiring an original character string sent by the server, wherein the original character string is any one of a plurality of groups of character strings preset by the server;
generating a digital signature of the original character string by the Ukey device;
and acquiring the digital certificate of the Ukey equipment, and sending the digital signature and the digital certificate to the server for the server to verify the Ukey equipment according to the digital signature and the digital certificate.
In an alternative, the program 410 may specifically be invoked by the processor 402 to cause the electronic device to perform the following operations:
connecting the digital signature and the digital certificate to generate a connection result;
coding the connection result through a preset Base64 coding algorithm to generate a first coding result;
recoding the first coding result through a preset URL coding algorithm to generate a second coding result;
and sending the second encoding result to the server, so that the server generates a decoded digital signature and a decoded digital certificate according to the second encoding result, and verifying the Ukey equipment according to the decoded digital signature and the decoded digital certificate.
In an alternative manner, the operating system information is an account and a password of the operating system encrypted by a preset DES encryption algorithm, and the program 410 may be specifically invoked by the processor 402 to enable the electronic device to perform the following operations:
determining a target decryption algorithm corresponding to the preset DES encryption algorithm, and decrypting the operating system information through the target decryption algorithm to obtain an account number and a password of the decrypted operating system;
and verifying the decrypted account number and the password of the operating system.
In an alternative, the program 410 may specifically be invoked by the processor 402 to cause the electronic device to perform the following operations:
detecting the connection state of the Ukey equipment and the local computer in real time after executing jumping from the login page to an operating system page;
and if the connection state of the Ukey equipment and the local computer is detected to be changed from connection to disconnection, jumping from the operating system page to the login page.
In the embodiment of the invention, when a user logs in an operating system, user information input by the user on a login page is firstly obtained, and the user information is verified; if the user information is successfully verified, continuously verifying the Ukey equipment of the user; and if the Ukey equipment of the user is successfully verified, obtaining the operating system information, continuously verifying the operating system information, and if the operating system information is successfully verified, jumping from the login page to the operating system page so that the user can normally access the operating system. Therefore, the embodiment of the invention verifies the user information, the Ukey equipment and the operating system information in sequence, and jumps to the operating system page from the login page under the condition that all the verifications are successful, so that the user can normally access the operating system, and the safety of the login process of the operating system is enhanced.
An embodiment of the present invention provides a computer-readable storage medium, where the storage medium stores at least one executable instruction, and when the executable instruction runs on an electronic device, the electronic device is enabled to execute an operating system login method in any method embodiment described above.
The embodiment of the invention provides an operating system login device which is used for executing the operating system login method.
Embodiments of the present invention provide a computer program, where the computer program can be called by a processor to enable an electronic device to execute an operating system login method in any of the above method embodiments.
Embodiments of the present invention provide a computer program product comprising a computer program stored on a computer-readable storage medium, the computer program comprising program instructions that, when run on a computer, cause the computer to perform the operating system login method in any of the above-described method embodiments.
The algorithms or displays presented herein are not inherently related to any particular computer, virtual system, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. In addition, embodiments of the present invention are not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the embodiments of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the invention and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names. The steps in the above embodiments should not be construed as limiting the order of execution unless specified otherwise.

Claims (10)

1. An operating system login method, the method comprising:
acquiring user information input by a user on a login page, and sending the user information to a server for the server to verify the user information;
if the user information is verified successfully, verifying the Ukey equipment of the user;
if the Ukey equipment is successfully verified, acquiring operating system information sent by the server, and verifying the operating system information;
and if the operating system information is verified successfully, jumping to an operating system page from the login page.
2. The method of claim 1, wherein sending the user information to a server for the server to verify the user information comprises:
acquiring a public key of a preset RSA encryption algorithm, and encrypting the user information by adopting the public key;
and sending the encrypted user information to a server through a hypertext transfer security protocol, so that the server can decrypt the encrypted user information by adopting a private key of a preset RSA encryption algorithm and verify the decrypted user information.
3. The method according to claim 1 or 2, characterized in that before said verification of the user's Ukey device, it comprises:
acquiring connection information of a local computer, and detecting Ukey equipment of the user according to the connection information;
if the Ukey equipment is detected, acquiring initial verification information of the Ukey equipment input by the user on the login page;
and verifying the initial verification information through the Ukey equipment, and if the initial verification information is verified successfully, executing the step of verifying the Ukey equipment of the user.
4. The method of claim 3, wherein the verifying the Ukey device of the user comprises:
acquiring an original character string sent by the server, wherein the original character string is any one of a plurality of groups of character strings preset by the server;
generating a digital signature of the original character string by the Ukey device;
and acquiring the digital certificate of the Ukey equipment, and sending the digital signature and the digital certificate to the server for the server to verify the Ukey equipment according to the digital signature and the digital certificate.
5. The method of claim 4, wherein sending the digital signature and the digital certificate to the server for the server to verify the Ukey device according to the digital signature and the digital certificate comprises:
connecting the digital signature and the digital certificate to generate a connection result;
coding the connection result through a preset Base64 coding algorithm to generate a first coding result;
recoding the first coding result through a preset URL coding algorithm to generate a second coding result;
and sending the second encoding result to the server, so that the server generates a decoded digital signature and a decoded digital certificate according to the second encoding result, and verifying the Ukey equipment according to the decoded digital signature and the decoded digital certificate.
6. The method according to claim 1, wherein the operating system information is an account and a password of an operating system encrypted by a preset DES encryption algorithm, and the verifying the operating system information comprises:
determining a target decryption algorithm corresponding to the preset DES encryption algorithm, and decrypting the operating system information through the target decryption algorithm to obtain an account number and a password of the decrypted operating system;
and verifying the decrypted account number and the password of the operating system.
7. The method of claim 3, wherein after the jump from the landing page to an operating system page, the method further comprises:
detecting the connection state of the Ukey equipment and the local computer in real time;
and if the connection state of the Ukey equipment and the local computer is detected to be changed from connection to disconnection, jumping from the operating system page to the login page.
8. An operating system login apparatus, the apparatus comprising:
the sending module is used for acquiring user information input by a user on a login page, and sending the user information to a server for the server to verify the user information;
the first checking module is used for checking the Ukey equipment of the user if the user information is checked successfully;
the second checking module is used for acquiring the operating system information sent by the server and checking the operating system information if the Ukey equipment is successfully checked;
and the jumping module is used for jumping to the operating system page from the login page if the operating system information is successfully verified.
9. An electronic device, comprising: the system comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete mutual communication through the communication bus;
the memory is configured to store at least one executable instruction that causes the processor to perform the operations of the operating system login method of any one of claims 1-7.
10. A computer-readable storage medium having stored therein at least one executable instruction, which when run on an electronic device, causes the electronic device to perform the operations of the operating system login method of any one of claims 1-7.
CN202111474274.0A 2021-12-03 2021-12-03 Operating system login method and device and electronic equipment Pending CN114139131A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111474274.0A CN114139131A (en) 2021-12-03 2021-12-03 Operating system login method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111474274.0A CN114139131A (en) 2021-12-03 2021-12-03 Operating system login method and device and electronic equipment

Publications (1)

Publication Number Publication Date
CN114139131A true CN114139131A (en) 2022-03-04

Family

ID=80383843

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111474274.0A Pending CN114139131A (en) 2021-12-03 2021-12-03 Operating system login method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN114139131A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100115465A1 (en) * 2008-12-30 2010-05-06 Feitian Technologies Co., Ltd. Logon System and Method Thereof
CN101916348A (en) * 2010-08-16 2010-12-15 武汉天喻信息产业股份有限公司 Method and system for safely guiding operating system of user
CN103532966A (en) * 2013-10-23 2014-01-22 成都卫士通信息产业股份有限公司 Device and method supporting USB-KEY-based SSO (single sign on) of virtual desktop
CN106127016A (en) * 2016-07-18 2016-11-16 浪潮集团有限公司 A kind of operating system user logs in system and the implementation method of authentic authentication
CN107704749A (en) * 2017-10-25 2018-02-16 深圳竹云科技有限公司 Windows system safe login methods based on U-shield verification algorithm
US20180165436A1 (en) * 2016-12-08 2018-06-14 Gotrust Technology Inc. Login mechanism for operating system
CN111083100A (en) * 2019-09-30 2020-04-28 武汉信安珞珈科技有限公司 Method and system for enhancing login security of Linux operating system based on message pushing
CN111131140A (en) * 2019-09-30 2020-05-08 武汉信安珞珈科技有限公司 Method and system for enhancing login security of Windows operating system based on message pushing

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100115465A1 (en) * 2008-12-30 2010-05-06 Feitian Technologies Co., Ltd. Logon System and Method Thereof
CN101916348A (en) * 2010-08-16 2010-12-15 武汉天喻信息产业股份有限公司 Method and system for safely guiding operating system of user
CN103532966A (en) * 2013-10-23 2014-01-22 成都卫士通信息产业股份有限公司 Device and method supporting USB-KEY-based SSO (single sign on) of virtual desktop
CN106127016A (en) * 2016-07-18 2016-11-16 浪潮集团有限公司 A kind of operating system user logs in system and the implementation method of authentic authentication
US20180165436A1 (en) * 2016-12-08 2018-06-14 Gotrust Technology Inc. Login mechanism for operating system
CN107704749A (en) * 2017-10-25 2018-02-16 深圳竹云科技有限公司 Windows system safe login methods based on U-shield verification algorithm
CN111083100A (en) * 2019-09-30 2020-04-28 武汉信安珞珈科技有限公司 Method and system for enhancing login security of Linux operating system based on message pushing
CN111131140A (en) * 2019-09-30 2020-05-08 武汉信安珞珈科技有限公司 Method and system for enhancing login security of Windows operating system based on message pushing

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王波等: "基于数字证书的eKey安全登录与身份认证技术研究", 《计算机与信息技术》 *

Similar Documents

Publication Publication Date Title
CN110493202B (en) Login token generation and verification method and device and server
CN109274652B (en) Identity information verification system, method and device and computer storage medium
CN106330850B (en) Security verification method based on biological characteristics, client and server
CN114726643B (en) Data storage and access methods and devices on cloud platform
US20180020008A1 (en) Secure asynchronous communications
CN108777675B (en) Electronic device, block chain-based identity authentication method, and computer storage medium
JP2018501567A (en) Device verification method and equipment
US11418499B2 (en) Password security
KR102137122B1 (en) Security check method, device, terminal and server
CN106911684B (en) Authentication method and system
CN111865889B (en) Login request processing method, system, device, electronic equipment and storage medium
CN106992859B (en) Bastion machine private key management method and device
CN103500202A (en) Security protection method and system for light-weight database
CN105099707A (en) Offline authentication method, server and system
CN112257086A (en) User privacy data protection method and electronic equipment
CN111460410A (en) Server login method, device and system and computer readable storage medium
CN111143808B (en) System security authentication method and device, computing equipment and storage medium
CN113505353A (en) Authentication method, device, equipment and storage medium
CN109495458A (en) A kind of method, system and the associated component of data transmission
CN116881936A (en) Trusted computing method and related equipment
CN116827551A (en) Method and device for preventing global override
CN103559430A (en) Application account management method and device based on android system
CN110890979A (en) Automatic deploying method, device, equipment and medium for fortress machine
CN110572371B (en) Identity uniqueness check control method based on HTML5 local storage mechanism
CN114139131A (en) Operating system login method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 518000 East, 3rd floor, incubation building, China Academy of science and technology, 009 Gaoxin South 1st Road, Nanshan District, Shenzhen City, Guangdong Province

Applicant after: Shenzhen Zhuyun Technology Co.,Ltd.

Address before: 518000 East, 3rd floor, incubation building, China Academy of science and technology, 009 Gaoxin South 1st Road, Nanshan District, Shenzhen City, Guangdong Province

Applicant before: SHENZHEN BAMBOOCLOUD TECHNOLOGY CO.,LTD.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20220304