CN114640531B - Device fingerprint generation method and device, electronic device and storage medium - Google Patents

Device fingerprint generation method and device, electronic device and storage medium Download PDF

Info

Publication number
CN114640531B
CN114640531B CN202210307570.XA CN202210307570A CN114640531B CN 114640531 B CN114640531 B CN 114640531B CN 202210307570 A CN202210307570 A CN 202210307570A CN 114640531 B CN114640531 B CN 114640531B
Authority
CN
China
Prior art keywords
service information
fingerprint
device fingerprint
client
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210307570.XA
Other languages
Chinese (zh)
Other versions
CN114640531A (en
Inventor
杜杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing QIYI Century Science and Technology Co Ltd
Original Assignee
Beijing QIYI Century Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing QIYI Century Science and Technology Co Ltd filed Critical Beijing QIYI Century Science and Technology Co Ltd
Priority to CN202210307570.XA priority Critical patent/CN114640531B/en
Publication of CN114640531A publication Critical patent/CN114640531A/en
Application granted granted Critical
Publication of CN114640531B publication Critical patent/CN114640531B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The embodiment of the invention relates to a device fingerprint generation method, a device, an electronic device and a storage medium, comprising the following steps: acquiring service information which is sent by a client and is associated with target equipment; acquiring a first moment, and processing the first moment and service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of target equipment; and acquiring a second device fingerprint of the target device sent by the client, and correlating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second time and the service information by a preset device fingerprint generation algorithm when the service information is acquired by the client and the second time. Therefore, the client side can generate the device fingerprint while the server side generates the device fingerprint, the device fingerprint generated by the server side is associated with the device fingerprint generated by the client side, and the success rate and the stability of the device fingerprint generation are improved.

Description

Device fingerprint generation method and device, electronic device and storage medium
Technical Field
The embodiment of the invention relates to the technical field of data processing, in particular to a device fingerprint generation method and device, electronic device and storage medium.
Background
The trusted ID (Identity document, identity number) is a device identifier, and is often applied to the scenes of fraud risk, identity counterfeiting, payment transaction, coupon-capturing activity and the like, so that the user operation is simplified, and the user experience is improved.
At present, a unique trusted ID is often generated by a server, however, in some high concurrency scenarios, there may be reasons such as information acquisition failure or reasons such as network jitter, which cause the server to fail to generate the trusted ID. Therefore, the trusted ID is generated only by the server side, and instability exists, so that the trusted ID is easy to generate and fail.
Disclosure of Invention
In view of this, in order to solve the above technical problem that the generation of the trusted ID is only dependent on the server side, and there is instability, and the generation of the trusted ID is easy to fail, the embodiments of the present invention provide a device fingerprint generation method, device, electronic device, and storage medium.
In a first aspect, an embodiment of the present invention provides a device fingerprint generating method, where the method includes:
acquiring service information which is sent by a client and is associated with target equipment;
acquiring a first moment, processing the first moment and the service information by using a preset device fingerprint generation algorithm, and generating a first device fingerprint of the target device, wherein the first moment is the moment when a server acquires the service information sent by the client;
And acquiring a second device fingerprint of the target device sent by the client, and associating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second moment and the service information by using a preset device fingerprint generation algorithm when the service information is acquired by the client.
In an optional implementation manner, the processing the first moment and the service information by using a preset device fingerprint generating algorithm to generate a first device fingerprint of the target device includes:
calculating the service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, wherein the first service information is the service information stored in the storage medium when the service end generates the device fingerprint of the target device for the previous time;
determining an issue policy to be executed on the target device based on the similarity value, the issue policy including one of: new signing policy, renewing signing policy and retrieving policy;
And under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an optional embodiment, the determining, based on the similarity value, an issue policy performed on the target device includes:
comparing the similarity value with a preset similarity threshold value;
if the similarity value is greater than or equal to the similarity threshold value, determining to execute a renewal strategy or a recovery strategy on the target equipment;
and if the similarity value is smaller than the similarity threshold value, determining to execute a new sign strategy on the target equipment.
In an optional embodiment, the determining to execute a renewal policy or a recovery policy on the target device if the similarity value is greater than or equal to the similarity threshold includes:
determining that the device fingerprint has been generated by the target device if the similarity value is determined to be greater than or equal to the similarity threshold;
determining the generation time length of the generated device fingerprint;
comparing the generated time length with a preset time length threshold;
If the generated time length is greater than a preset time length threshold, determining to execute a renewal strategy on the target equipment;
and if the generated time length is smaller than or equal to a preset time length threshold value, determining to execute a recovery strategy on the target equipment.
In an optional implementation manner, when the issuing policy is determined to be a new sign policy or a continuation sign policy, the processing the first moment and the service information by using a preset device fingerprint generating algorithm, to generate a first device fingerprint of the target device includes:
under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, carrying out quality evaluation on the service information according to a preset quality evaluation algorithm to obtain a quality evaluation result of the service information;
and under the condition that the quality evaluation result of the service information is normal, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an optional implementation manner, the acquiring the service information associated with the target device and sent by the client includes:
acquiring encrypted service information which is transmitted by the client and is associated with target equipment, wherein the encrypted service information is obtained by the client through encryption processing of the service information which is acquired by the client and is associated with the target equipment by using a set information encryption mode;
And decrypting the encrypted service information by using the set information decryption mode to obtain the service information associated with the target equipment.
In an alternative embodiment, the method further comprises:
and determining different storage media for storing the service information, and storing the service information to the storage media respectively.
In a second aspect, an embodiment of the present invention provides a device fingerprint generating apparatus, including:
the information acquisition module is used for acquiring service information which is sent by the client and is associated with the target equipment;
the fingerprint generation module is used for acquiring a first moment, processing the first moment and the service information by using a preset device fingerprint generation algorithm, and generating a first device fingerprint of the target device, wherein the first moment is the moment when the service end acquires the service information sent by the client;
the fingerprint acquisition module is used for acquiring a second device fingerprint of the target device sent by the client, and correlating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second time and the service information by a preset device fingerprint generation algorithm when the service information is acquired by the client.
In an alternative embodiment, the fingerprint generation module comprises:
the similarity calculation submodule is used for calculating the service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, wherein the first service information is stored in the storage medium when the service end generates the device fingerprint of the target device for the previous time;
a policy determination submodule, configured to determine, based on the similarity value, an issue policy to be executed on the target device, where the issue policy includes one of: new signing policy, renewing signing policy and retrieving policy;
and the fingerprint generation sub-module is used for processing the first moment and the service information by using a preset equipment fingerprint generation algorithm under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, so as to generate a first equipment fingerprint of the target equipment.
In an alternative embodiment, the policy determination submodule includes:
the comparison unit is used for comparing the similarity value with a preset similarity threshold value;
the first strategy determining unit is used for determining to execute a renewal strategy or a recovery strategy on the target equipment if the similarity value is larger than or equal to the similarity threshold value;
And the second strategy determining unit is used for determining to execute a new signature strategy on the target equipment if the similarity value is smaller than the similarity threshold value.
In an alternative embodiment, the first policy determining unit is specifically configured to:
determining that the device fingerprint has been generated by the target device if the similarity value is determined to be greater than or equal to the similarity threshold;
determining the generation time length of the generated device fingerprint;
comparing the generated time length with a preset time length threshold;
if the generated time length is greater than a preset time length threshold, determining to execute a renewal strategy on the target equipment;
and if the generated time length is smaller than or equal to a preset time length threshold value, determining to execute a recovery strategy on the target equipment.
In an alternative embodiment, the first fingerprint generation sub-module is specifically configured to:
under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, carrying out quality evaluation on the service information according to a preset quality evaluation algorithm to obtain a quality evaluation result of the service information;
and under the condition that the quality evaluation result of the service information is normal, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an alternative embodiment, the information acquisition module is specifically configured to:
acquiring encrypted service information which is transmitted by the client and is associated with target equipment, wherein the encrypted service information is obtained by the client through encryption processing of the service information which is acquired by the client and is associated with the target equipment by using a set information encryption mode;
and decrypting the encrypted service information by using the set information decryption mode to obtain the service information associated with the target equipment.
In an alternative embodiment, the apparatus further comprises:
and the information storage module is used for determining different storage media for storing the service information and respectively storing the service information to the storage media.
In a third aspect, an embodiment of the present invention provides an electronic device, including: a processor and a memory, the processor being configured to execute a device fingerprint generation program stored in the memory to implement the device fingerprint generation method according to any one of the first aspects.
In a fourth aspect, an embodiment of the present invention provides a storage medium storing one or more programs executable by one or more processors to implement the device fingerprint generation method of any one of the first aspects.
According to the technical scheme provided by the embodiment of the invention, the service information which is sent by the client and is associated with the target equipment is obtained, the first moment and the service information are processed by using the preset equipment fingerprint generation algorithm, the first equipment fingerprint of the target equipment is generated, and the first moment is the moment when the service end obtains the service information sent by the client. And then, acquiring a second device fingerprint of the target device sent by the client, and correlating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second moment and the service information by using a preset device fingerprint generation algorithm when the service information is acquired by the client and the second moment. The client side also generates the second device fingerprint of the target device while the server side generates the first device fingerprint of the target device, and associates the first device fingerprint with the second device fingerprint, so that the success rate and the stability of device fingerprint generation are improved.
Drawings
FIG. 1 is a schematic diagram of a system architecture of a device fingerprint generation system according to an embodiment of the present invention;
FIG. 2 is a flowchart of an embodiment of a method for generating a device fingerprint according to an embodiment of the present invention;
FIG. 3 is a flowchart of an embodiment of another method for generating a device fingerprint according to an embodiment of the present invention;
FIG. 4 is a flowchart of an embodiment of a method for generating a device fingerprint according to an embodiment of the present invention;
fig. 5 is a schematic product flow diagram for implementing a device fingerprint generation method according to an embodiment of the present invention;
fig. 6 is a block diagram of an embodiment of a device fingerprint generating apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
To facilitate an understanding of the embodiments of the present invention, the system architecture to which the present invention relates is first illustrated in the following drawings:
Referring to fig. 1, a schematic system architecture of a device fingerprint generating system according to an embodiment of the present invention is shown. The device fingerprint generation system as shown in fig. 1 comprises: client 101 and server 102.
The client 101 is an application program that provides services for users, and may be an application program that runs in an independent process, a sub-application program (applet) that is embedded in the client and is independent of a main page, a function (also referred to as WebApp) that runs on a web browser, and the like.
The server 102 is a background server corresponding to the client 101 and providing background services for the application, where the background services include, but are not limited to: data transmission services, data processing services, etc.
Based on the system architecture shown in fig. 1, in the prior art, a client 101 sends a device fingerprint generation request to a server 102, where the device fingerprint request carries service information collected by the client 101, and the server 102 responds to the device fingerprint generation request, generates a device fingerprint according to the service information, and sends the device fingerprint to the client 101.
However, in practice, the server fails to generate the device fingerprint due to information acquisition failure or network jitter. Therefore, the embodiment of the invention focuses on how to successfully generate the device fingerprint under the condition that the device fingerprint generation only depends on the server side.
The device fingerprint generating method provided by the invention is further explained with reference to the drawings in the following by using specific embodiments, and the embodiments do not limit the embodiments of the invention.
Referring to fig. 3, a flowchart of an embodiment of another device fingerprint generating method according to an embodiment of the present invention is provided. As an embodiment, the method may be applied to a server, such as server 102 shown in fig. 1. As shown in fig. 3, the process may include the steps of:
step 301, obtaining service information which is sent by a client and is associated with target equipment.
Wherein the service information includes at least one of: hardware information, software information, network information, environment information.
Taking the target device as a smart phone as an example, the hardware information may be a mobile phone type (for example, op×mobile phone, hua×mobile phone, etc.) of the smart phone, the software mobile phone may be a version of an application program, an IMEI (International Mobile Equipment Identity ) number, etc., the network information may be current network information (for example, WIFI wireless network) of the smart phone, and the environment information may be geographic location information, IP address (Internet Protocol Address ) information, etc.
In an embodiment, the main implementation of obtaining the service information associated with the target device sent by the client may include: the method comprises the steps that encrypted service information which is sent by a client and is associated with target equipment is obtained, wherein the encrypted service information is obtained by the client through encryption processing of the service information which is obtained by the client and is associated with the target equipment by using a set information encryption mode, and the encrypted service information is decrypted by using a set information decryption mode, so that the service information which is associated with the target equipment is obtained.
The information encryption mode set by the client may be a symmetric encryption mode, or may be other encryption modes to encrypt the service information associated with the target device, which is not limited in the embodiment of the present invention.
Taking the information encryption mode as a symmetric encryption mode as an example, in practice, firstly, service information associated with a target device is collected through an end SDK (Software Development Kit ), the client 101 can symmetrically encrypt the service information collected by the end SDK through a form of a agreed unique key, and send the encrypted service information to the server 102, and the server 102 can symmetrically decrypt the encrypted service information through a form of the agreed unique key, so that the server 102 obtains the service information associated with the target device.
In addition, referring to fig. 2, a flowchart of an embodiment of a device fingerprint generating method according to an embodiment of the present invention is provided. As shown in fig. 2, before the service end obtains the service information associated with the target device sent by the client end, the user information sent by the client end to the service end may be authenticated reasonably, so as to ensure the validity of the user, and after the authentication is passed, the operation of obtaining the service information associated with the target device sent by the client end may be performed.
Through the processing mode, the user information can be firstly verified, the legality of the user is ensured, and then the security of service information transmission is improved by adopting a mode of encrypting the service which is acquired by the client and is associated with the target equipment.
Step 302, a first moment is acquired, a preset device fingerprint generation algorithm is utilized to process the first moment and service information, a first device fingerprint of the target device is generated, and the first moment is the moment when the service end acquires the service information sent by the client.
The first time refers to a time when the service end obtains service information sent by the client.
In an embodiment, the server 102 may record the time of acquiring the service information sent by the client, that is, the time of acquiring the service information by the server, and determine the time as the first time.
The device fingerprint generation algorithm is to calculate a value according to the collected data by using a certain algorithm to identify the device, and the value can be a snowflake algorithm.
In an embodiment, since each service information associated with the target device is not processed to generate the device fingerprint of the target device, the processing of the first time and the service information by using the preset device fingerprint generation algorithm may be implemented through the flow shown in fig. 4 to generate the first device fingerprint of the target device. Fig. 4 is a flowchart of an embodiment of a method for generating a device fingerprint according to another embodiment of the present invention. The process may include the steps of:
step 401, calculating service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, where the first service information is the service information stored in the storage medium when the server generates the device fingerprint of the target device for the previous time.
Step 402, determining an issue policy executed on the target device based on the similarity value, where the issue policy includes one of the following: new sign policy, renew sign policy, retrieve policy.
The following is a unified description of steps 401 and 402:
The first service information refers to service information stored in a storage medium when the server executes the issuing operation last time. The server side processes the service information associated with the target device and the moment corresponding to the service information by using a device fingerprint generation algorithm, and the operation of generating the device fingerprint is one-time issuing operation.
In an embodiment, the determining, based on the similarity value, a specific implementation of the issuing policy performed on the target device may include: comparing the similarity value with a preset similarity threshold (e.g., 80); if the similarity value is greater than or equal to the similarity threshold value, determining to execute a renewal strategy or a recovery strategy on the target equipment; and if the similarity value is smaller than the similarity threshold value, determining to execute a new signature strategy on the target equipment.
In practice, after the server generates the device fingerprint of the target device, the device fingerprint is not changed, so that in order to avoid that the device fingerprint generated by the target device is attacked or tampered by the black product, the use time limit (that is, the generation time length of the device fingerprint) of the device fingerprint can be set, so that the irregular change of the device fingerprint is realized, and the security of the device fingerprint is improved.
Optionally, if the similarity value is greater than or equal to the similarity threshold, determining to execute the renewal policy or the specific implementation of the recovery policy on the target device may include: determining a device fingerprint generated by the target device under the condition that the similarity value is greater than or equal to a similarity threshold value; determining the generation time length of the generated device fingerprint; comparing the generated duration with a preset duration threshold (e.g., 7 days); if the generated time length is greater than a preset time length threshold value, determining to execute a renewal strategy on the target equipment; if the generated time length is smaller than or equal to a preset time length threshold value, determining to execute a recovery strategy on the target equipment.
The device fingerprint generated by the target device refers to a device fingerprint generated by the server when the server executes the previous issue operation.
For example, assuming that a similarity value 89 between the service information associated with the target device and the service information stored in the designated storage medium at the previous issue operation is determined, the similarity value is greater than a preset similarity threshold 80, it is determined to execute a renewal policy or a recovery policy on the target device. And then, determining that the equipment fingerprint generated by the target equipment in the previous issuing operation and the generation time length of the equipment fingerprint are 5 days, and determining that the generation time length is less than a preset time length threshold value for 7 days, and executing a recovery strategy on the target equipment.
Assume again that it is determined that a similarity value 89 between the service information associated with the target device and the service information stored in the designated storage medium at the previous issue operation is greater than a preset similarity threshold 80, and then it is determined that a renewal policy or a recovery policy is executed on the target device. And then, determining that the device fingerprint generated by the target device in the previous issuing operation and the generation time of the device fingerprint are 8 days, wherein the generation time is 7 days longer than a preset time threshold (namely, the device fingerprint is expired), and determining to execute a renewing signing policy on the target device.
Assume again that a new signing policy is determined to be executed on the target device by determining a similarity value 60 between the traffic information associated with the target device and the traffic information stored in the designated storage medium at the previous signing operation, the similarity value being less than a preset similarity threshold 80.
Step 403, under the condition that the issue policy is determined to be a new issue policy or a renewing issue policy, processing the first moment and the service information by using a preset device fingerprint generation algorithm, and generating a first device fingerprint of the target device.
In an embodiment, when determining that the issue policy is a new issue policy or a renewing issue policy, processing the first moment and the service information by using a preset device fingerprint generation algorithm, a specific implementation of generating a first device fingerprint of the target device may include: and under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, carrying out quality evaluation on the service information according to a preset quality evaluation algorithm to obtain a quality evaluation result of the service information. And under the condition that the quality evaluation result of the service information is normal, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment. By this way of processing, the security of the process of generating the device fingerprint of the target device can be further improved.
In addition, in the big data age covered by the huge data traffic, huge data is stored in the server in a short time, so when determining that the issuing policy executed on the target device is the retrieving policy, the target device can be determined to have performed the issuing operation, the service information can be processed in a multi-level cache manner, and the device fingerprint related to the service information is retrieved in the cache layer according to the retrieving logic of the service information, for example, as shown in fig. 2. By the method, the recovery efficiency of the device fingerprint can be improved when the recovery strategy is executed on the target device, the pressure of the database can be shared, and the response performance of the system is improved.
Step 303, obtaining a second device fingerprint of the target device sent by the client, and associating the first device fingerprint with the second device fingerprint, where the second device fingerprint is generated by processing the second time and the service information by using a preset device fingerprint generation algorithm when the service information is obtained by the client.
The second time refers to a time when the client obtains the service information (i.e., a time when the client performs the issuing operation according to the service information obtained by the client).
In an embodiment, the server 102 may record the time of the service information acquired by the client, and determine the time as the second time.
In practice, the server fails to generate the device fingerprint due to information acquisition failure or network jitter, so that the device fingerprint generation failure is easy to be caused due to instability of the device fingerprint generated only by the server. Therefore, the embodiment of the invention proposes that the client side processes the service information acquired by the client side and the second moment by utilizing a preset equipment fingerprint generation algorithm to generate the equipment fingerprint (hereinafter referred to as a second equipment fingerprint), ensures that the client side successfully generates the equipment fingerprint and associates the equipment fingerprint generated by the server side so as to improve the stability of generating the equipment fingerprint.
In an embodiment, after generating the device fingerprint of the target device, the traffic information associated with the target device may be stored. Specifically, first, a different storage medium (for example, elasticSearch, couchBase, TIDB, etc.) storing service information is determined, and then the service information is stored in the storage medium.
The elastic search, abbreviated as ES, is an open source search engine based on Apache Lucene. The CouchBase is an open-source distributed nosql database and is mainly used in the fields of distributed caching and data storage. The TIDB is an open source distributed relational database which is independently designed and researched and developed by the PingcAP company, and is a fusion type distributed database product which simultaneously supports online transaction processing and online analysis processing (Hybrid Transactional and Analytical Processing, HTAP).
In addition, as shown in fig. 2, after the device fingerprint is generated, the device fingerprint and the service information can be input into an algorithm model in the wind control service for calculation in an asynchronous notification manner to obtain a risk tag, so that the wind control service can make a decision according to the wind control tag, and the risk detection of the device fingerprint is realized. In order to ensure the real-time effectiveness of the device fingerprint issuing operation, the client can acquire the service information associated with the target device periodically (for example, every day or every hour) and execute the generation flow of the device fingerprint again, so that the service information can be stored in a designated storage medium, the service information in the storage medium is updated, and the service information is updated periodically.
Thus, the description of the flow shown in fig. 3 is completed.
As can be seen from the flow shown in fig. 3, in the technical solution of the present invention, by acquiring service information associated with a target device sent by a client, a first moment is acquired, and a preset device fingerprint generation algorithm is used to process the first moment and the service information, so as to generate a first device fingerprint of the target device, where the first moment is a moment when a server acquires the service information sent by the client. And then, acquiring a second device fingerprint of the target device sent by the client, and correlating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second moment and the service information by using a preset device fingerprint generation algorithm when the service information is acquired by the client and the second moment. The client side also generates the second device fingerprint of the target device while the server side generates the first device fingerprint of the target device, and performs the association operation on the first device fingerprint and the second device fingerprint, so that the success rate and the stability of device fingerprint generation are improved.
Referring to fig. 5, a product flow diagram of a device fingerprint generating method according to an embodiment of the present invention is shown. As shown in fig. 5, specific operations performed by the client and the server in the process of implementing the device fingerprint generation method are described based on the related descriptions of the flows shown in fig. 2 to 4.
First, the client may collect, through the end SDK, traffic information associated with the target device, including but not limited to: hardware information, software information, environment information, network information. Then, a unique trusted ID, that is, a second device fingerprint, is generated based on the service information of the target device collected by the terminal SDK. The above-mentioned terminals may be An Zhuoduan, IOS terminals, etc., where the IOS is collectively called as an Iphone OS (Operating System), which refers to a mobile Operating System developed by apple corporation, and the embodiment of the present invention is not limited thereto. The specific implementation of the client generating the second device fingerprint according to the service information is described in detail in the flow shown in fig. 3, which is not described herein again.
The client sends the service information acquired by the SDK and the generated second device fingerprint to the server, and the server performs real-time issuing operation according to the received service information to generate the first device fingerprint. And asynchronously associating the first equipment fingerprint with the second equipment fingerprint, so that the success rate and the stability of equipment fingerprint generation are improved.
Specific operations of the real-time issue may include: dimension scoring, dimension confusion, similarity detection, expiration detection, and the like. The specific operation of performing the real-time issuing operation according to the service information is described in detail in the flow shown in fig. 4, and will not be described herein.
In addition, the client can also obtain the service information associated with the target equipment periodically, so that daily reporting (or hourly reporting) is realized, and the service information is updated periodically.
Based on the above description, after the device fingerprint is generated, the operations of risk detection, device credit system, model algorithm calculation and device fingerprint marking can be performed according to the device fingerprint and the service information through the algorithm model in the wind control service. Specifically, after the device fingerprint is generated, the device fingerprint and the service information can be input into an algorithm model in the wind control service for calculation in an asynchronous notification mode to obtain a risk tag, so that the wind control service can make a decision according to the wind control tag, and risk detection of the device fingerprint is realized. The generated device fingerprint and risk results may then be invoked by the business system.
The invention also provides an embodiment block diagram of the device corresponding to the embodiment of the device fingerprint generation method.
Referring to fig. 6, a block diagram of an embodiment of a device fingerprint generating apparatus according to an embodiment of the present invention is provided. As shown in fig. 6, the apparatus includes:
an information obtaining module 601, configured to obtain service information associated with a target device sent by a client;
the fingerprint generation module 602 is configured to obtain a first moment, process the first moment and the service information by using a preset device fingerprint generation algorithm, and generate a first device fingerprint of the target device, where the first moment is a moment when the service end obtains the service information sent by the client;
the fingerprint acquisition module 603 is configured to acquire a second device fingerprint of the target device sent by the client, and associate the first device fingerprint with the second device fingerprint, where the second device fingerprint is generated by processing the second time and the service information by using a preset device fingerprint generation algorithm, and the second time is a time when the service information is acquired by the client.
In an alternative embodiment, the fingerprint generation module 602 includes (not shown):
The similarity calculation submodule is used for calculating the service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, wherein the first service information is stored in the storage medium when the service end generates the device fingerprint of the target device for the previous time;
a policy determination submodule, configured to determine, based on the similarity value, an issue policy to be executed on the target device, where the issue policy includes one of: new signing policy, renewing signing policy and retrieving policy;
and the fingerprint generation sub-module is used for processing the first moment and the service information by using a preset equipment fingerprint generation algorithm under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, so as to generate a first equipment fingerprint of the target equipment.
In an alternative embodiment, the policy determination submodule includes (not shown):
the comparison unit is used for comparing the similarity value with a preset similarity threshold value;
the first strategy determining unit is used for determining to execute a renewal strategy or a recovery strategy on the target equipment if the similarity value is larger than or equal to the similarity threshold value;
And the second strategy determining unit is used for determining to execute a new signature strategy on the target equipment if the similarity value is smaller than the similarity threshold value.
In an alternative embodiment, the first policy determining unit is specifically configured to:
determining that the device fingerprint has been generated by the target device if the similarity value is determined to be greater than or equal to the similarity threshold;
determining the generation time length of the generated device fingerprint;
comparing the generated time length with a preset time length threshold;
if the generated time length is greater than a preset time length threshold, determining to execute a renewal strategy on the target equipment;
and if the generated time length is smaller than or equal to a preset time length threshold value, determining to execute a recovery strategy on the target equipment.
In an alternative embodiment, the fingerprint generation module 602 is specifically configured to:
under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, carrying out quality evaluation on the service information according to a preset quality evaluation algorithm to obtain a quality evaluation result of the service information;
and under the condition that the quality evaluation result of the service information is normal, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an alternative embodiment, the information obtaining module 601 is specifically configured to:
acquiring encrypted service information which is transmitted by the client and is associated with target equipment, wherein the encrypted service information is obtained by the client through encryption processing of the service information which is acquired by the client and is associated with the target equipment by using a set information encryption mode;
and decrypting the encrypted service information by using the set information decryption mode to obtain the service information associated with the target equipment.
In an alternative embodiment, the apparatus further comprises (not shown):
and the information storage module is used for determining different storage media for storing the service information and respectively storing the service information to the storage media.
Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and an electronic device 700 shown in fig. 7 includes: at least one processor 701, memory 702, at least one network interface 704, and other user interfaces 703. The various components in the electronic device 700 are coupled together by a bus system 705. It is appreciated that the bus system 705 is used to enable connected communications between these components. The bus system 705 includes a power bus, a control bus, and a status signal bus in addition to the data bus. But for clarity of illustration, the various buses are labeled as bus system 705 in fig. 7.
The user interface 703 may include, among other things, a display, a keyboard, or a pointing device (e.g., a mouse, a trackball), a touch pad, or a touch screen, etc.
It is to be appreciated that memory 702 in embodiments of the invention may be volatile memory or non-volatile memory, or may include both volatile and non-volatile memory. The non-volatile memory may be a Read-only memory (ROM), a programmable Read-only memory (ProgrammableROM, PROM), an erasable programmable Read-only memory (ErasablePROM, EPROM), an electrically erasable programmable Read-only memory (ElectricallyEPROM, EEPROM), or a flash memory, among others. The volatile memory may be a random access memory (RandomAccessMemory, RAM) that acts as an external cache. By way of example, and not limitation, many forms of RAM are available, such as Static RAM (SRAM), dynamic random access memory (DynamicRAM, DRAM), synchronous dynamic random access memory (SynchronousDRAM, SDRAM), double data rate synchronous dynamic random access memory (ddr SDRAM), enhanced Synchronous Dynamic Random Access Memory (ESDRAM), synchronous link dynamic random access memory (SynchlinkDRAM, SLDRAM), and direct memory bus random access memory (DirectRambusRAM, DRRAM). The memory 702 described herein is intended to comprise, without being limited to, these and any other suitable types of memory.
In some implementations, the memory 702 stores the following elements, executable units or data structures, or a subset thereof, or an extended set thereof: an operating system 7021 and application programs 7022.
The operating system 7021 contains various system programs, such as a framework layer, a core library layer, a driver layer, and the like, for implementing various basic services and processing hardware-based tasks. The application programs 7022 include various application programs such as a media player (MediaPlayer), a Browser (Browser), and the like for realizing various application services. A program for implementing the method of the embodiment of the present invention may be contained in the application program 7022.
In the embodiment of the present invention, the processor 701 is configured to execute the method steps provided by the method embodiments by calling a program or an instruction stored in the memory 702, specifically, a program or an instruction stored in the application program 7022, for example, including:
acquiring service information which is sent by a client and is associated with target equipment;
acquiring a first moment, processing the first moment and the service information by using a preset device fingerprint generation algorithm, and generating a first device fingerprint of the target device, wherein the first moment is the moment when a server acquires the service information sent by the client;
And acquiring a second device fingerprint of the target device sent by the client, and associating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second moment and the service information by using a preset device fingerprint generation algorithm when the service information is acquired by the client.
In an optional implementation manner, the processing the first moment and the service information by using a preset device fingerprint generating algorithm to generate a first device fingerprint of the target device includes:
calculating the service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, wherein the first service information is the service information stored in the storage medium when the service end generates the device fingerprint of the target device for the previous time;
determining an issue policy to be executed on the target device based on the similarity value, the issue policy including one of: new signing policy, renewing signing policy and retrieving policy;
And under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an optional embodiment, the determining, based on the similarity value, an issue policy performed on the target device includes:
comparing the similarity value with a preset similarity threshold value;
if the similarity value is greater than or equal to the similarity threshold value, determining to execute a renewal strategy or a recovery strategy on the target equipment;
and if the similarity value is smaller than the similarity threshold value, determining to execute a new sign strategy on the target equipment.
In an optional embodiment, the determining to execute a renewal policy or a recovery policy on the target device if the similarity value is greater than or equal to the similarity threshold includes:
determining that the device fingerprint has been generated by the target device if the similarity value is determined to be greater than or equal to the similarity threshold;
determining the generation time length of the generated device fingerprint;
comparing the generated time length with a preset time length threshold;
If the generated time length is greater than a preset time length threshold, determining to execute a renewal strategy on the target equipment;
and if the generated time length is smaller than or equal to a preset time length threshold value, determining to execute a recovery strategy on the target equipment.
In an optional implementation manner, when the issuing policy is determined to be a new sign policy or a continuation sign policy, the processing the first moment and the service information by using a preset device fingerprint generating algorithm, to generate a first device fingerprint of the target device includes:
under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, carrying out quality evaluation on the service information according to a preset quality evaluation algorithm to obtain a quality evaluation result of the service information;
and under the condition that the quality evaluation result of the service information is normal, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an optional implementation manner, the acquiring the service information associated with the target device and sent by the client includes:
acquiring encrypted service information which is transmitted by the client and is associated with target equipment, wherein the encrypted service information is obtained by the client through encryption processing of the service information which is acquired by the client and is associated with the target equipment by using a set information encryption mode;
And decrypting the encrypted service information by using the set information decryption mode to obtain the service information associated with the target equipment.
In an alternative embodiment, the method further comprises:
and determining different storage media for storing the service information, and storing the service information to the storage media respectively.
The method disclosed in the above embodiment of the present invention may be applied to the processor 701 or implemented by the processor 701. The processor 701 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in the processor 701 or by instructions in the form of software. The processor 701 described above may be a general purpose processor, a digital signal processor (DigitalSignalProcessor, DSP), an application specific integrated circuit (ApplicationSpecificIntegratedCircuit, ASIC), an off-the-shelf programmable gate array (FieldProgrammableGateArray, FPGA) or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software elements in a decoding processor. The software elements may be located in a random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory 702, and the processor 701 reads information in the memory 702 and performs the steps of the method in combination with its hardware.
It is to be understood that the embodiments described herein may be implemented in hardware, software, firmware, middleware, microcode, or a combination thereof. For a hardware implementation, the processing units may be implemented within one or more application specific integrated circuits (ApplicationSpecificIntegratedCircuits, ASIC), digital signal processors (DigitalSignalProcessing, DSP), digital signal processing devices (dspev), programmable logic devices (ProgrammableLogicDevice, PLD), field programmable gate arrays (Field-ProgrammableGateArray, FPGA), general purpose processors, controllers, micro-controllers, microprocessors, other electronic units configured to perform the functions described herein, or a combination thereof.
For a software implementation, the techniques described herein may be implemented by means of units that perform the functions described herein. The software codes may be stored in a memory and executed by a processor. The memory may be implemented within the processor or external to the processor.
The electronic device provided in this embodiment may be an electronic device as shown in fig. 7, and may perform all steps of the device fingerprint generation method shown in fig. 2-4, so as to achieve the technical effects of the device fingerprint generation method shown in fig. 2-4, and the detailed description will be omitted herein for brevity.
The embodiment of the invention also provides a storage medium (computer readable storage medium). The storage medium here stores one or more programs. Wherein the storage medium may comprise volatile memory, such as random access memory; the memory may also include non-volatile memory, such as read-only memory, flash memory, hard disk, or solid state disk; the memory may also comprise a combination of the above types of memories.
When one or more programs in the storage medium are executable by one or more processors, the device fingerprint generation method executed on the electronic device side is implemented.
The processor is configured to execute a device fingerprint generation program stored in the memory, so as to implement the following steps of a device fingerprint generation method executed on the electronic device side:
acquiring service information which is sent by a client and is associated with target equipment;
acquiring a first moment, processing the first moment and the service information by using a preset device fingerprint generation algorithm, and generating a first device fingerprint of the target device, wherein the first moment is the moment when a server acquires the service information sent by the client;
And acquiring a second device fingerprint of the target device sent by the client, and associating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second moment and the service information by using a preset device fingerprint generation algorithm when the service information is acquired by the client.
In an optional implementation manner, the processing the first moment and the service information by using a preset device fingerprint generating algorithm to generate a first device fingerprint of the target device includes:
calculating the service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, wherein the first service information is the service information stored in the storage medium when the service end generates the device fingerprint of the target device for the previous time;
determining an issue policy to be executed on the target device based on the similarity value, the issue policy including one of: new signing policy, renewing signing policy and retrieving policy;
And under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an optional embodiment, the determining, based on the similarity value, an issue policy performed on the target device includes:
comparing the similarity value with a preset similarity threshold value;
if the similarity value is greater than or equal to the similarity threshold value, determining to execute a renewal strategy or a recovery strategy on the target equipment;
and if the similarity value is smaller than the similarity threshold value, determining to execute a new sign strategy on the target equipment.
In an optional embodiment, the determining to execute a renewal policy or a recovery policy on the target device if the similarity value is greater than or equal to the similarity threshold includes:
determining that the device fingerprint has been generated by the target device if the similarity value is determined to be greater than or equal to the similarity threshold;
determining the generation time length of the generated device fingerprint;
comparing the generated time length with a preset time length threshold;
If the generated time length is greater than a preset time length threshold, determining to execute a renewal strategy on the target equipment;
and if the generated time length is smaller than or equal to a preset time length threshold value, determining to execute a recovery strategy on the target equipment.
In an optional implementation manner, when the issuing policy is determined to be a new sign policy or a continuation sign policy, the processing the first moment and the service information by using a preset device fingerprint generating algorithm, to generate a first device fingerprint of the target device includes:
under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, carrying out quality evaluation on the service information according to a preset quality evaluation algorithm to obtain a quality evaluation result of the service information;
and under the condition that the quality evaluation result of the service information is normal, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
In an optional implementation manner, the acquiring the service information associated with the target device and sent by the client includes:
acquiring encrypted service information which is transmitted by the client and is associated with target equipment, wherein the encrypted service information is obtained by the client through encryption processing of the service information which is acquired by the client and is associated with the target equipment by using a set information encryption mode;
And decrypting the encrypted service information by using the set information decryption mode to obtain the service information associated with the target equipment.
In an alternative embodiment, the method further comprises:
and determining different storage media for storing the service information, and storing the service information to the storage media respectively.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of function in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the invention, and is not meant to limit the scope of the invention, but to limit the invention to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the invention are intended to be included within the scope of the invention.

Claims (9)

1. The device fingerprint generation method is characterized by being applied to a server and comprising the following steps:
acquiring service information which is sent by a client and is associated with target equipment;
acquiring a first moment, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm, and generating a first equipment fingerprint of the target equipment, wherein the first equipment fingerprint comprises: calculating the service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, wherein the first service information is the service information stored in the storage medium when the service end generates the device fingerprint of the target device for the previous time; determining an issue policy to be executed on the target device based on the similarity value, the issue policy including one of: new signing policy, renewing signing policy and retrieving policy; under the condition that the issuing strategy is determined to be a new signing strategy or a renewing signing strategy, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment; the first moment is the moment when the service end obtains the service information sent by the client;
And acquiring a second device fingerprint of the target device sent by the client, and associating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second moment and the service information by using a preset device fingerprint generation algorithm when the service information is acquired by the client.
2. The method of claim 1, wherein the determining an issue policy to be performed on the target device based on the similarity value comprises:
comparing the similarity value with a preset similarity threshold value;
if the similarity value is greater than or equal to the similarity threshold value, determining to execute a renewal strategy or a recovery strategy on the target equipment;
and if the similarity value is smaller than the similarity threshold value, determining to execute a new sign strategy on the target equipment.
3. The method of claim 2, wherein the determining to perform a renewal policy or a recovery policy on the target device if the similarity value is greater than or equal to the similarity threshold comprises:
Determining that the device fingerprint has been generated by the target device if the similarity value is determined to be greater than or equal to the similarity threshold;
determining the generation time length of the generated device fingerprint;
comparing the generated time length with a preset time length threshold;
if the generated time length is greater than a preset time length threshold, determining to execute a renewal strategy on the target equipment;
and if the generated time length is smaller than or equal to a preset time length threshold value, determining to execute a recovery strategy on the target equipment.
4. The method of claim 1, wherein, in the case where the issuing policy is determined to be a new sign policy or a renewing sign policy, processing the first moment and the service information by using a preset device fingerprint generation algorithm, generating a first device fingerprint of the target device includes:
under the condition that the issuing strategy is determined to be a new issuing strategy or a renewing strategy, carrying out quality evaluation on the service information according to a preset quality evaluation algorithm to obtain a quality evaluation result of the service information;
and under the condition that the quality evaluation result of the service information is normal, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment.
5. The method of claim 1, wherein the obtaining service information associated with the target device sent by the client comprises:
acquiring encrypted service information which is transmitted by the client and is associated with target equipment, wherein the encrypted service information is obtained by the client through encryption processing of the service information which is acquired by the client and is associated with the target equipment by using a set information encryption mode;
and decrypting the encrypted service information by using the set information decryption mode to obtain the service information associated with the target equipment.
6. The method according to claim 1, wherein the method further comprises:
and determining different storage media for storing the service information, and storing the service information to the storage media respectively.
7. A device fingerprint generation apparatus, wherein the apparatus is applied to a server, and comprises:
the information acquisition module is used for acquiring service information which is sent by the client and is associated with the target equipment;
the fingerprint generation module is configured to acquire a first moment, process the first moment and the service information by using a preset device fingerprint generation algorithm, and generate a first device fingerprint of the target device, where the fingerprint generation module includes: calculating the service information and first service information stored in a preset storage medium by using a similarity algorithm to obtain a similarity value, wherein the first service information is the service information stored in the storage medium when the service end generates the device fingerprint of the target device for the previous time; determining an issue policy to be executed on the target device based on the similarity value, the issue policy including one of: new signing policy, renewing signing policy and retrieving policy; under the condition that the issuing strategy is determined to be a new signing strategy or a renewing signing strategy, processing the first moment and the service information by using a preset equipment fingerprint generation algorithm to generate a first equipment fingerprint of the target equipment; the first moment is the moment when the service end obtains the service information sent by the client;
The fingerprint acquisition module is used for acquiring a second device fingerprint of the target device sent by the client, and correlating the first device fingerprint with the second device fingerprint, wherein the second device fingerprint is generated by processing the second time and the service information by a preset device fingerprint generation algorithm when the service information is acquired by the client.
8. An electronic device, comprising: a processor and a memory, the processor being configured to execute a device fingerprint generation program stored in the memory to implement the device fingerprint generation method of any one of claims 1 to 6.
9. A storage medium storing one or more programs executable by one or more processors to implement the device fingerprint generation method of any one of claims 1-6.
CN202210307570.XA 2022-03-25 2022-03-25 Device fingerprint generation method and device, electronic device and storage medium Active CN114640531B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210307570.XA CN114640531B (en) 2022-03-25 2022-03-25 Device fingerprint generation method and device, electronic device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210307570.XA CN114640531B (en) 2022-03-25 2022-03-25 Device fingerprint generation method and device, electronic device and storage medium

Publications (2)

Publication Number Publication Date
CN114640531A CN114640531A (en) 2022-06-17
CN114640531B true CN114640531B (en) 2024-03-15

Family

ID=81949856

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210307570.XA Active CN114640531B (en) 2022-03-25 2022-03-25 Device fingerprint generation method and device, electronic device and storage medium

Country Status (1)

Country Link
CN (1) CN114640531B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116305295B (en) * 2023-05-18 2023-07-21 深圳凡泰极客科技有限责任公司 Method and platform for issuing applet

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016095739A1 (en) * 2014-12-18 2016-06-23 阿里巴巴集团控股有限公司 Apparatus authentication method and device
CN108156268A (en) * 2016-12-05 2018-06-12 腾讯科技(深圳)有限公司 Acquisition methods and server, the terminal device of device identification
WO2018201965A1 (en) * 2017-05-04 2018-11-08 腾讯科技(深圳)有限公司 Device fingerprint generation method and apparatus and computing device
CN111310242A (en) * 2020-02-03 2020-06-19 同盾控股有限公司 Method and device for generating device fingerprint, storage medium and electronic device
EP3787250A1 (en) * 2019-08-27 2021-03-03 GlobalmatiX AG Authentication between a telematic control unit and a core server system
CN112784243A (en) * 2021-03-04 2021-05-11 北京市商汤科技开发有限公司 Authorization management method and device, electronic equipment and storage medium
CN113037502A (en) * 2021-05-25 2021-06-25 广东信通通信有限公司 Switch safety access method, device, storage medium and network system
WO2021252855A1 (en) * 2020-06-12 2021-12-16 Capital One Services, Llc Systems and methods for payment authentication
CN113849802A (en) * 2021-06-30 2021-12-28 五八有限公司 Equipment authentication method and device, electronic equipment and storage medium
CN113901417A (en) * 2021-10-09 2022-01-07 中原银行股份有限公司 Mobile equipment fingerprint generation method and readable storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110093503A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S Computer Hardware Identity Tracking Using Characteristic Parameter-Derived Data
US11238136B2 (en) * 2019-04-25 2022-02-01 Stanton Kee Nethery Detecting unauthorized access to secure devices

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016095739A1 (en) * 2014-12-18 2016-06-23 阿里巴巴集团控股有限公司 Apparatus authentication method and device
CN108156268A (en) * 2016-12-05 2018-06-12 腾讯科技(深圳)有限公司 Acquisition methods and server, the terminal device of device identification
WO2018201965A1 (en) * 2017-05-04 2018-11-08 腾讯科技(深圳)有限公司 Device fingerprint generation method and apparatus and computing device
CN108804908A (en) * 2017-05-04 2018-11-13 腾讯科技(深圳)有限公司 A kind of device-fingerprint generation method, device and computing device
EP3787250A1 (en) * 2019-08-27 2021-03-03 GlobalmatiX AG Authentication between a telematic control unit and a core server system
CN111310242A (en) * 2020-02-03 2020-06-19 同盾控股有限公司 Method and device for generating device fingerprint, storage medium and electronic device
WO2021252855A1 (en) * 2020-06-12 2021-12-16 Capital One Services, Llc Systems and methods for payment authentication
CN112784243A (en) * 2021-03-04 2021-05-11 北京市商汤科技开发有限公司 Authorization management method and device, electronic equipment and storage medium
CN113037502A (en) * 2021-05-25 2021-06-25 广东信通通信有限公司 Switch safety access method, device, storage medium and network system
CN113849802A (en) * 2021-06-30 2021-12-28 五八有限公司 Equipment authentication method and device, electronic equipment and storage medium
CN113901417A (en) * 2021-10-09 2022-01-07 中原银行股份有限公司 Mobile equipment fingerprint generation method and readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一种新的基于指纹与移动端协助的口令认证方法;安迪;杨超;姜奇;马建峰;;计算机研究与发展(第10期) *

Also Published As

Publication number Publication date
CN114640531A (en) 2022-06-17

Similar Documents

Publication Publication Date Title
US20220014384A1 (en) Methods, apparatuses, devices and systems for backtracking service behavior
CN112333198B (en) Secure cross-domain login method, system and server
CN112100460B (en) Block chain-based network page evidence storing method, device, medium and electronic equipment
KR101418799B1 (en) System for providing mobile OTP service
CN107483418A (en) Login process method, method for processing business, device and server
CN107483500A (en) Risk identification method and device based on user behaviors and storage medium
CN113012008A (en) Identity management method, device and equipment based on trusted hardware
CN108073823B (en) Data processing method, device and system
CN110851800B (en) Code protection method, device, system and readable storage medium
CN111475309A (en) Data processing method, device, block chain service system and storage medium
WO2022116761A1 (en) Self auditing blockchain
CN115134067A (en) Method for detecting private data leakage
CN108564363A (en) A kind of transaction processing method, server, client and system
CN114640531B (en) Device fingerprint generation method and device, electronic device and storage medium
Fan et al. Secure ultra-lightweight RFID mutual authentication protocol based on transparent computing for IoV
CN109657170B (en) Webpage loading method and device, computer equipment and storage medium
CN112100689B (en) Trusted data processing method, device and equipment
CN111783115A (en) Data encryption storage method and device, electronic equipment and storage medium
CN114448722B (en) Cross-browser login method and device, computer equipment and storage medium
CN116346486A (en) Combined login method, device, equipment and storage medium
CN112866296B (en) Application online verification method, device, equipment and storage medium
CN111582954B (en) False data identification method and device
CN109002710A (en) A kind of detection method, device and computer readable storage medium
CN113992353A (en) Login certificate processing method and device, electronic equipment and storage medium
KR101978898B1 (en) Web scraping prevention system using characteristic value of user device and the method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant