CN115102744B - Data access method and device - Google Patents

Data access method and device Download PDF

Info

Publication number
CN115102744B
CN115102744B CN202210684373.XA CN202210684373A CN115102744B CN 115102744 B CN115102744 B CN 115102744B CN 202210684373 A CN202210684373 A CN 202210684373A CN 115102744 B CN115102744 B CN 115102744B
Authority
CN
China
Prior art keywords
information
identification information
verification
stored
browser fingerprint
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210684373.XA
Other languages
Chinese (zh)
Other versions
CN115102744A (en
Inventor
陈锋
卜广宝
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingdong Technology Information Technology Co Ltd
Original Assignee
Jingdong Technology Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingdong Technology Information Technology Co Ltd filed Critical Jingdong Technology Information Technology Co Ltd
Priority to CN202210684373.XA priority Critical patent/CN115102744B/en
Publication of CN115102744A publication Critical patent/CN115102744A/en
Priority to PCT/CN2023/074316 priority patent/WO2023241060A1/en
Application granted granted Critical
Publication of CN115102744B publication Critical patent/CN115102744B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the disclosure provides a data access method and device. The data access method comprises the following steps: the method comprises the steps of firstly receiving an access request of an integrating party for a data page, wherein the access request comprises identification information and browser setting information for accessing the data page, then generating browser fingerprint information corresponding to the integrating party based on the browser setting information, carrying out information verification on the identification information and the browser fingerprint information based on pre-stored verification information, generating a verification result, finally sending a corresponding data access result to the integrating party based on the verification result, and carrying out information verification simultaneously by utilizing the identification information corresponding to the integrating party and the browser fingerprint information, so that safety problems caused by the fact that other users of the integrating party utilize link sharing corresponding to the data page are prevented, and safety and reliability of data access are improved.

Description

Data access method and device
Technical Field
The embodiment of the disclosure relates to the technical field of computers and the technical field of Internet, in particular to the technical field of communication and the technical field of information security, and particularly relates to a data access method and device.
Background
With the continuous development of information communication, in a platform with nested output of external page capability, joint login and login security guarantee are very common scenes, and on the premise that the login state between an integrating party and an integrated party is opened, both parties can access data after confirming the login security, and page links of the integrated party cannot be shared randomly. At present, common anti-theft modes of page links are as follows: a Token (Token, identification information) distribution mechanism, wherein an integrating party acquires a Token through an interface before accessing a page, and accesses an output page of the integrating party through an access link splicing mode when accessing the page; or using a REFEER (reference address) scheme, when the integrated party accesses the page output by the integrated party, the integrated party verifies the correctness of the REFEER value of the integrated party, and the safety and the legality of the page access are ensured; furthermore, the IP or physical address of the visitor is recorded, and the IP or physical address last accessed by the integrator is recorded, and if the IP or physical addresses accessed by the user of the integrator are different, there may be a risk of sharing the link access.
However, the mechanism of the single Token scheme cannot prevent the risk of data leakage caused by the sharing of links by the user, or the reference scheme verification is usually used in a scenario of counting the number of accesses of the user, and the reference antitheft link is used, so that a certain risk exists, part of the scenario is not verified, and moreover, the IP address of the user may change under the condition of switching networks by using the record visitor IP or physical address scheme, so that the possibility of misjudgment exists in the mode of selecting and recording the last user IP.
Disclosure of Invention
Embodiments of the present disclosure provide a data access method, apparatus, electronic device, and computer readable medium.
In a first aspect, embodiments of the present disclosure provide a data access method, the method including: receiving an access request of a collection party for a data page, wherein the access request comprises identification information for accessing the data page and browser setting information; based on the browser setting information, generating browser fingerprint information corresponding to the integrator; based on pre-stored verification information, carrying out information verification on the identification information and browser fingerprint information to generate a verification result; and based on the verification result, sending a corresponding data access result to the integrating party.
In some embodiments, the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information to generate a verification result, wherein the method comprises the following steps of: judging whether at least one piece of pre-stored identification information in pre-stored check information comprises identification information or not; in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information comprises identification information, determining pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information; comparing the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information; and generating a verification result of successful verification in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is identical to the browser fingerprint information.
In some embodiments, based on the pre-stored verification information, performing information verification on the identification information and the browser fingerprint information to generate a verification result, and further including: and in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information does not comprise the identification information, correspondingly storing the identification information and the browser fingerprint information to the pre-stored verification information, and generating a verification result of successful verification.
In some embodiments, based on the pre-stored verification information, performing information verification on the identification information and the browser fingerprint information to generate a verification result, and further including: and generating a verification result of verification failure in response to the fact that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information.
In some embodiments, the method further comprises: acquiring the expiration time corresponding to the identification information in response to the identification information acquired from the access request; judging whether the identification information is in a valid state or not based on the current time and the failure time corresponding to the identification information; and performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information to generate a verification result, wherein the method comprises the following steps of: and in response to determining that the identification information is in a valid state, performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information, and generating a verification result.
In some embodiments, the method further comprises: and generating prompt information for prompting permission invalidation in response to determining that the identification information is in the invalidation state.
In some embodiments, the method further comprises: receiving an acquisition request of an acquisition party aiming at the identification information, wherein the acquisition request comprises login information received by an integration party; based on the login information in the acquisition request, the identification information and the expiration time corresponding to the identification information are generated.
In a second aspect, embodiments of the present disclosure provide a data access apparatus, the apparatus comprising: a receiving module configured to receive an access request of an integration policy to a data page, wherein the access request includes identification information of the access data page and browser setting information; the generation module is configured to generate browser fingerprint information corresponding to the integrator based on the browser setting information; the verification module is configured to carry out information verification on the identification information and the browser fingerprint information based on pre-stored verification information, and generate a verification result; and the sending module is configured to send the corresponding data access result to the integrating party based on the verification result.
In some embodiments, the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and a verification module further configured to: judging whether at least one piece of pre-stored identification information in pre-stored check information comprises identification information or not; in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information comprises identification information, determining pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information; comparing the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information; and generating a verification result of successful verification in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is identical to the browser fingerprint information.
In some embodiments, the verification module is further configured to: and in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information does not comprise the identification information, correspondingly storing the identification information and the browser fingerprint information to the pre-stored verification information, and generating a verification result of successful verification.
In some embodiments, the verification module is further configured to: and generating a verification result of verification failure in response to the fact that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information.
In some embodiments, the apparatus further comprises: an acquisition module configured to: acquiring the expiration time corresponding to the identification information in response to the identification information acquired from the access request; a judgment module configured to: judging whether the identification information is in a valid state or not based on the current time and the failure time corresponding to the identification information; and a verification module further configured to: and in response to determining that the identification information is in a valid state, performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information, and generating a verification result.
In some embodiments, the generation module is further configured to: and generating prompt information for prompting permission invalidation in response to determining that the identification information is in the invalidation state.
In some embodiments, the receiving module is further configured to: receiving an acquisition request of an acquisition party aiming at the identification information, wherein the acquisition request comprises login information received by an integration party; a generation module further configured to: based on the login information in the acquisition request, the identification information and the expiration time corresponding to the identification information are generated.
In a third aspect, embodiments of the present disclosure provide an electronic device comprising: one or more processors; a storage device having one or more programs stored thereon; the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the data access method as described in any of the embodiments of the first aspect.
In a fourth aspect, embodiments of the present disclosure provide a computer readable medium having stored thereon a computer program which, when executed by a processor, implements a data access method as described in any of the embodiments of the first aspect.
According to the data access method and device provided by the embodiment of the disclosure, the executing main body firstly receives the access request of the forming party for the data page, the access request comprises the identification information and the browser setting information of the access data page, then generates the browser fingerprint information corresponding to the forming party based on the browser setting information, performs information verification on the identification information and the browser fingerprint information based on the pre-stored verification information, generates the verification result, finally sends the corresponding data access result to the forming party based on the verification result, and performs information verification simultaneously by utilizing the identification information corresponding to the forming party and the browser fingerprint information, so that the safety problem caused by the fact that other users of the forming party utilize the link sharing corresponding to the data page is prevented, the safety and the reliability of the data access are improved, and the page nesting output joint login scene can be applicable on the premise that the login state of the forming party and the integrated party is communicated, the problem of the page data nesting under the cross-domain or non-cross-domain safety communication can be solved, and the accuracy and the safety of the data access under the joint login scene are improved.
Drawings
Other features, objects and advantages of the present disclosure will become more apparent upon reading of the detailed description of non-limiting embodiments, made with reference to the following drawings:
FIG. 1 is an exemplary system architecture diagram in which an embodiment of the present disclosure may be applied;
FIG. 2 is a flow chart of one embodiment of a data access method according to the present disclosure;
FIG. 3 is a schematic illustration of one application scenario of a data access method according to the present disclosure;
FIG. 4 is a flow chart of one embodiment of information verification of identification information and browser fingerprint information in accordance with the present disclosure;
FIG. 5 is a flow chart of another embodiment of a data access method according to the present disclosure;
FIG. 6 is a flow chart of yet another embodiment of a data access method according to the present disclosure;
FIG. 7 is a schematic diagram of a structure of one embodiment of a data access apparatus according to the present disclosure;
fig. 8 is a schematic structural diagram of an electronic device suitable for use in implementing embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the related disclosure and not limiting thereof. It should be further noted that, for convenience of description, only the portions related to the disclosure are shown in the drawings.
It should be noted that, without conflict, the embodiments of the present disclosure and features of the embodiments may be combined with each other. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which the data access methods and data access apparatuses of embodiments of the present disclosure may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 104, 105, 106, a network 107, servers 101, 102, 103. The network 107 is the medium used to provide communication links between the terminal devices 104, 105, 106 and the servers 101, 102, 103. The network 107 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
A user may interact with servers 101, 102, 103 belonging to the same server cluster via a network 107 via terminal devices 104, 105, 106 to receive or send information etc. Various applications may be installed on the terminal devices 104, 105, 106, such as an item display application, a data analysis application, a search class application, etc.
The terminal devices 104, 105, 106 may be hardware or software. When the terminal device is hardware, it may be a variety of electronic devices having a display screen and supporting communication with a server, including but not limited to smartphones, tablets, laptop and desktop computers, and the like. When the terminal device is software, it can be installed in the above-listed electronic device. Which may be implemented as a plurality of software or software modules, or as a single software or software module. The present invention is not particularly limited herein.
The terminal devices 104, 105, 106 and the servers 101, 102, 103 may act as an integrator and a non-integrator, wherein the integrator may be the side that provides the business capabilities to the integrator and the integrator may be the side that uses the business capabilities provided by the integrator. The terminal devices 104, 105, 106 and the servers 101, 102, 103 may receive an access request of the integration policy to the data page, where the access request includes identification information and browser setting information for accessing the data page, then generate browser fingerprint information corresponding to the integration party based on the browser setting information, perform information verification on the identification information and the browser fingerprint information based on pre-stored verification information, generate a verification result, and finally send the corresponding data access result to the integration party based on the verification result.
The server may be hardware or software. When the server is hardware, it may be various electronic devices that provide various services to the terminal device. When the server is software, a plurality of software or software modules providing various services to the terminal device may be realized, or a single software or software module providing various services to the terminal device may be realized. The present invention is not particularly limited herein.
It should be noted that the data access method provided by the embodiments of the present disclosure may be performed by the terminal devices 104, 105, 106 and the servers 101, 102, 103. Accordingly, the data access means are provided in the terminal devices 104, 105, 106 and the servers 101, 102, 103.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a data access method according to the present disclosure is shown. The data access method comprises the following steps:
at step 210, an access request for an integrated policy to a data page is received.
In this step, the executing body (for example, the terminal devices 104, 105, 106 and the servers 101, 102, 103 in fig. 1) on which the data access method operates may serve as an integrated party, and provide a data access function for the integrated party, so that the integrated party may perform data access on a locally stored data page, and a user may perform login authentication on a terminal display interface of the integrated party, and input an access operation on the data page in the executing body after the login authentication is completed. The integrating party can determine corresponding identification information according to the login authentication information of the user, and the identification information can be used for identifying the user and corresponds to the login authentication information of the user one by one. The integrating party further obtains a browser used when the user inputs the access operation, and obtains browser setting information corresponding to the browser, wherein the browser setting information can comprise information such as a central processing unit (CPU, central Processing Unit), a use language, a time zone, a cache, a platform, fonts, resolution and the like. And then the integrating party determines an access link corresponding to the data page according to the access operation to the data page, the identification information of the access data page and the browser setting information, and the integrating party can generate an access request for accessing the data page according to the access link and send the access request to the execution body. The execution body may receive an access request for the data page generated by the integrating party according to the access operation of the user, where the access request may include identification information for accessing the data page and browser setting information.
And 220, generating browser fingerprint information corresponding to the integrator based on the browser setting information.
In this step, after the execution body receives the access request for the data page, the execution body analyzes the access request to obtain the identification information and the browser setting information included in the access request. The executing body can generate browser fingerprint information corresponding to the integrating party according to the acquired browser setting information, the browser fingerprint information can be a string of character strings capable of uniquely identifying the current browser, different browsers can correspond to different browser fingerprint information, and the browser fingerprint information can be used for identifying the browser sending the access request.
The execution main body can splice various information in the browser setting information, and the spliced result is used as browser fingerprint information; various information in the browser setting information can be encrypted, and the encryption result is used as browser fingerprint information.
The executing body may generate the browser fingerprint information corresponding to the integrator based on the browser setting information in any manner supported by the related art, which is not specifically limited in this disclosure.
And 230, performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information to generate a verification result.
In this step, after the executing body obtains the browser fingerprint information corresponding to the integrating party, the executing body may read the locally stored pre-stored verification information, where the verification information may include identification information and browser fingerprint information corresponding to different integrating parties, and each integrating party corresponds to one identification information and browser fingerprint information.
The executing body can carry out information verification on the identification information and the browser fingerprint information corresponding to the access request and the identification information and the browser fingerprint information corresponding to a plurality of integrated parties in the verification information, and judges whether the identification information and the browser fingerprint information corresponding to the plurality of integrated parties in the verification information simultaneously comprise the identification information and the browser fingerprint information corresponding to the access request or not, namely, whether the identification information and the browser fingerprint information corresponding to the access request simultaneously exist in the verification information or not is determined.
The execution main body can traverse all the identification information and the browser fingerprint information in the check information, and if the identification information and the browser fingerprint information corresponding to the access request are simultaneously included in the check information, the integration party corresponding to the identification information and the browser fingerprint information is determined to have the access authority for accessing the data page, and a check result of successful check can be generated; if it is determined that the verification information does not include the identification information corresponding to the access request and the browser fingerprint information at the same time, that is, only the identification information is included or only the browser fingerprint information is included, it is determined that the integrating party corresponding to the identification information and the browser fingerprint information does not have access authority for accessing the data page, and a verification result of verification failure can be generated.
Step 240, based on the verification result, sending a corresponding data access result to the integrating party.
In this step, after the execution body generates the corresponding verification result through information verification, the data access result corresponding to the verification result can be determined according to different verification results, and the data access result is sent to the integrating party, so that the integrating party can display the data access result to the user through the terminal display interface.
Specifically, the execution main body generates a verification result of successful verification through information verification, acquires a corresponding data page according to the access request, and sends the data page as a corresponding data access result to the integrating party, so that the integrating party can render the data page and display the data page to a user through a terminal display interface.
Or the execution main body generates a verification result of verification failure through information verification, determines that the access request has no permission to access, generates prompt information as a corresponding data access result, and sends the prompt information to the integrating party, so that the integrating party can render the prompt information, and display the prompt information to a user through a terminal display interface, wherein the prompt information is used for prompting the user that the user does not have the access permission of the data page.
With continued reference to fig. 3, fig. 3 is a schematic diagram of an application scenario of the data access method according to the present embodiment. The method can be applied to the application scenario of fig. 3, where the user a inputs an access operation of a data page at the integrating terminal 301, the integrating terminal 301 generates an access request for the data page according to the access operation, and sends the access request including identification information for accessing the data page and browser setting information to the integrated party 302. After receiving the access request of the integrated terminal 301 for the data page, the integrated party 302 may generate browser fingerprint information corresponding to the integrated terminal 301 according to the browser setting information in the access request. And then the integrated party 302 can perform information verification on the identification information and the browser fingerprint information according to locally pre-stored verification information, and if the verification is passed, a verification result of successful verification is generated. The integrated party 302 may acquire a data page corresponding to the access request, and send the data page to the integrated party terminal 301 as a data access result. The integrating terminal 301 may render and display the data access result to the user a. However, if the user a shares the access link corresponding to the access request to the user B, or the user B steals the access link corresponding to the access request of the user a, the user B initiates a new access request to the integrated party 302 through the access link at the terminal 303, and after the integrated party 302 receives the new access request, the new browser fingerprint information may be generated according to the new browser setting information in the new access request. And then the integrated party 302 can perform information verification on the identification information and the new browser fingerprint information according to the locally pre-stored verification information, and can determine that the new browser fingerprint information is different from the browser fingerprint information received last time, and then a verification result of verification failure is generated. The integrated party 302 may also generate a hint message that hint does not have access to the data page and send the hint message to the terminal 303 used by the user B.
According to the data access method provided by the embodiment of the disclosure, the executing main body firstly receives an access request of an integrating party for a data page, the access request comprises identification information and browser setting information for accessing the data page, then generates browser fingerprint information corresponding to the integrating party based on the browser setting information, performs information verification on the identification information and the browser fingerprint information based on pre-stored verification information, generates a verification result, finally sends the corresponding data access result to the integrating party based on the verification result, and performs information verification simultaneously by utilizing the identification information corresponding to the integrating party and the browser fingerprint information, so that security problems caused by sharing of links corresponding to the data page by other users of the integrating party are prevented, the security and reliability of the data access are improved, and a joint login scene of page nesting and outputting can be applicable on the premise that the login state of the integrating party and the integrated party is communicated, and the security communication problem of page data nesting under a cross-domain or a non-cross-domain condition can be solved, and the accuracy and the security of the data access under the joint scene are improved.
Referring to fig. 4, fig. 4 is a flowchart illustrating an embodiment of performing information verification on the identification information and the browser fingerprint information, that is, the step 230, performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information, to generate a verification result, may include the following steps:
Step 410, determining whether at least one piece of pre-stored identification information in the pre-stored verification information includes identification information.
In this step, the executing body may read locally stored pre-stored verification information, where the verification information may include at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information, different pre-stored identification information may identify different users, the pre-stored identification information and the pre-stored browser fingerprint information may be in one-to-one correspondence, and the verification information may be stored in the distributed cache.
The executing body may compare the identification information corresponding to the access request with at least one piece of pre-stored identification information in the check information, and determine whether the at least one piece of pre-stored identification information in the pre-stored check information includes the identification information.
Step 420, in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information includes the identification information, determining pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information.
In this step, the executing body determines that at least one piece of pre-stored identification information in the pre-stored verification information includes the identification information by judging, and then may determine the pre-stored identification information from the verification information, determine pre-stored browser fingerprint information corresponding to the pre-stored identification information from the verification information, and use the pre-stored browser fingerprint information as pre-stored browser fingerprint information corresponding to the identification information.
Step 430, comparing the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information.
In this step, after the executing body obtains the pre-stored browser fingerprint information corresponding to the identification information, the pre-stored browser fingerprint information corresponding to the identification information may be compared with the browser fingerprint information, so as to determine whether the pre-stored browser fingerprint information is identical to the browser fingerprint information.
Step 440, generating a verification result of successful verification in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is identical to the browser fingerprint information.
In this step, the executing body determines that the pre-stored browser fingerprint information corresponding to the identification information is the same as the browser fingerprint information through comparison, and determines that the integrating party corresponding to the identification information and the browser fingerprint information has access authority for accessing the data page, so that a verification result of successful verification can be generated.
In the implementation mode, the identification information and the browser fingerprint information are checked at the same time, and a check result of successful check can be generated only after the identification information and the browser fingerprint information pass through the check at the same time, so that safety problems caused by the fact that other users of the integrating party utilize the link sharing corresponding to the data page are prevented, and safety and reliability of data access are improved.
Referring further to fig. 4, the step 230 of performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information to generate a verification result may include the steps of: and step 450, generating a verification result of verification failure in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information.
In this step, the executing body determines that the pre-stored browser fingerprint information corresponding to the identification information is not the same as the browser fingerprint information by judging that the pre-stored browser fingerprint information corresponding to the identification information is not the same as the browser fingerprint information, and generates a verification result of failure in verification.
In the implementation mode, the identification information and the browser fingerprint information are checked at the same time, if the browser fingerprint information does not accord with the check condition, a check result of failure in check is generated, the information check cannot be passed, and the safety and the reliability of data access are improved.
Referring further to fig. 4, the step 230 of performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information to generate a verification result may include the steps of: step 460, in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information does not include the identification information, storing the identification information and the browser fingerprint information to the pre-stored verification information correspondingly, and generating a verification result of successful verification.
In this step, the executing body determines that at least one piece of pre-stored identification information in the pre-stored verification information does not include the identification information, and determines that the user corresponding to the identification information initiates the data access for the first time, so that the identification information and the browser fingerprint information can be bound correspondingly and stored correspondingly to the pre-stored verification information, and a verification result of successful verification is generated.
In the implementation mode, the identification information and the browser fingerprint information which appear for the first time are bound and stored, and a verification result which is successful in verification is generated, so that a scene of the joint login can be output by using the page nesting under the premise that login states between the integrated party and the integrated party are communicated, the problem of safe communication of the page data nesting under the cross-domain or non-cross-domain condition can be solved by using the identification information and the browser fingerprint information, and the accuracy and the safety of data access under the joint login scene are improved.
Referring to fig. 5, fig. 5 shows a flow chart of another embodiment of a data access method, which may include the steps of:
step 510, an access request for an integrated policy to a data page is received.
Step 510 of this embodiment may be performed in a similar manner to step 210 of the embodiment shown in fig. 2, and is not repeated here.
Step 520, based on the browser setting information, generating the browser fingerprint information corresponding to the integrator.
Step 520 of this embodiment may be performed in a similar manner to step 220 of the embodiment shown in fig. 2, and is not repeated here.
In step 530, in response to obtaining the identification information from the access request, a expiration time corresponding to the identification information is obtained.
In this step, the executing body analyzes the received access request to obtain the corresponding identification information. The execution body can acquire the expiration time corresponding to the identification information in the local storage according to the identification information, the expiration time can represent the duration of the effective state corresponding to the identification information, the expiration time is set for the identification information when the identification information is generated, and the identification information corresponds to the expiration time one by one.
Step 540, based on the current time and the expiration time corresponding to the identification information, it is determined whether the identification information is in a valid state.
In this step, the executing body may acquire the current time, compare the current time with the failure time corresponding to the identification information, and determine whether the current time is in the failure time, that is, determine whether the identification information is in a valid state.
Specifically, if the expiration time is 2022, 3, and 6, it may be determined that the identification information is in an expiration state within a time period after 2022, 3, and 6, and the execution body may compare the current time with the expiration time to determine whether the current time is within a time period after the expiration time, so that it may be determined whether the identification information is in an expiration state.
In step 550, in response to determining that the identification information is in a valid state, information verification is performed on the identification information and the browser fingerprint information based on the pre-stored verification information, and a verification result is generated.
In this step, the executing body further performs information verification on the identification information and the browser fingerprint information according to pre-stored verification information by judging that the identification information is in a valid state, so as to generate a verification result.
Step 560, based on the verification result, sending a corresponding data access result to the integrating party.
Step 560 of this embodiment may be performed in a similar manner to step 240 of the embodiment shown in fig. 2, and is not repeated here.
In this embodiment, by performing the valid state judgment on the received identification information, the information verification is performed on the identification information and the browser fingerprint information only when the identification information is in the valid state, so that the security and reliability of data access are further improved.
With further reference to fig. 5, the above data access method may further include the steps of: in step 570, in response to determining that the identification information is in a disabled state, a hint information is generated that is used to hint the invalidation of rights.
In this step, the executing body may generate the prompt information for prompting the permission failure by judging that the identification information is in the failure state, and send the prompt information to the integrating party, so that the integrating party renders and displays the prompt information to the user.
In this embodiment, the validity state of the received identification information is determined, and if the received identification information is in the invalid state, the prompt information is generated, so that the subsequent steps are not performed, and the security and reliability of data access are improved.
Referring to fig. 6, fig. 6 shows a flow chart of yet another embodiment of a data access method, which may include the steps of:
in step 610, an acquisition request for identification information is received for an integrated party.
In this step, the integrating party may display the user login interface through the terminal display interface, the user may perform login authentication on the user login interface of the integrating party, input corresponding login information, and the integrating party may generate an acquisition request of the identification information according to the login information of the user, and send the acquisition request to the executing body, where the acquisition request may include the login information received by the integrating party.
Step 620, generating the identification information and the expiration time corresponding to the identification information based on the login information in the acquisition request.
In this step, after the execution body receives the acquisition request, the execution body may analyze the acquisition request to obtain the login information in the acquisition request. The execution body may generate identification information corresponding to the login information according to the login information, where the identification information corresponds to the login information one by one and is used for identifying a user corresponding to the login information. After the execution main body generates the identification information, the expiration time corresponding to the identification information can be set according to the setting requirement and the generation time, the expiration time characterizes that the identification information is in an expiration state in the time after the time, and the access right is not provided.
The above-described execution subject may generate the identification information and the expiration time corresponding to the identification information in any manner supported by the related art, which is not specifically limited in the present disclosure.
Step 630, an access request for an integrated policy to a data page is received.
Step 630 of this embodiment may be performed in a similar manner to step 210 of the embodiment shown in fig. 2, and is not repeated here.
And step 640, generating browser fingerprint information corresponding to the integrator based on the browser setting information.
Step 640 of this embodiment may be performed in a similar manner to step 220 of the embodiment shown in fig. 2, and is not repeated here.
Step 650, performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information, and generating a verification result.
Step 650 of this embodiment may be performed in a similar manner to step 230 of the embodiment shown in fig. 2, and is not repeated here.
Step 660, based on the verification result, sending a corresponding data access result to the integrating party.
Step 660 of this embodiment may be performed in a similar manner to step 240 of the embodiment shown in fig. 2, and is not repeated here.
In the embodiment, the identification information is generated according to the login information for the first time, binding storage of the identification information and the browser fingerprint information is completed when the first access is performed, a scene of the joint login can be output by using the page nesting under the premise that the login states of the integrated party and the integrated party are communicated, the problem of safe communication of the page data nesting under the cross-domain or non-cross-domain condition can be solved by using the identification information and the browser fingerprint information, and accuracy and safety of data access under the joint login scene are improved.
With further reference to fig. 7, as an implementation of the method illustrated in the above figures, the present disclosure provides one embodiment of a data access apparatus. This embodiment of the device corresponds to the embodiment of the method shown in fig. 2.
As shown in fig. 7, the data access apparatus 700 of the present embodiment may include: a receiving module 710, a generating module 720, a verifying module 730 and a transmitting module 740.
Wherein the receiving module 710 is configured to receive an access request of an integration policy to a data page, wherein the access request includes identification information for accessing the data page and browser setting information;
a generating module 720 configured to generate browser fingerprint information corresponding to the integrator based on the browser setting information;
The verification module 730 is configured to perform information verification on the identification information and the browser fingerprint information based on pre-stored verification information, and generate a verification result;
And a sending module 740 configured to send a corresponding data access result to the integrating party based on the verification result.
In some optional implementations of the present implementation, the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and a verification module further configured to: judging whether at least one piece of pre-stored identification information in pre-stored check information comprises identification information or not; in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information comprises identification information, determining pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information; comparing the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information; and generating a verification result of successful verification in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is identical to the browser fingerprint information.
In some optional implementations of the present implementation, the verification module is further configured to: and in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information does not comprise the identification information, correspondingly storing the identification information and the browser fingerprint information to the pre-stored verification information, and generating a verification result of successful verification.
In some optional implementations of the present implementation, the verification module is further configured to: and generating a verification result of verification failure in response to the fact that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information.
In some optional implementations of the present implementation, the apparatus further includes: an acquisition module configured to: acquiring the expiration time corresponding to the identification information in response to the identification information acquired from the access request; a judgment module configured to: judging whether the identification information is in a valid state or not based on the current time and the failure time corresponding to the identification information; and a verification module further configured to: and in response to determining that the identification information is in a valid state, performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information, and generating a verification result.
In some optional implementations of the present implementation, the generating module is further configured to: and generating prompt information for prompting permission invalidation in response to determining that the identification information is in the invalidation state.
In some optional implementations of the present implementation, the receiving module is further configured to: receiving an acquisition request of an acquisition party aiming at the identification information, wherein the acquisition request comprises login information received by an integration party; a generation module further configured to: based on the login information in the acquisition request, the identification information and the expiration time corresponding to the identification information are generated.
According to the data access device provided by the embodiment of the disclosure, the execution main body firstly receives an access request of an integrating party for a data page, the access request comprises identification information and browser setting information for accessing the data page, then generates browser fingerprint information corresponding to the integrating party based on the browser setting information, performs information verification on the identification information and the browser fingerprint information based on pre-stored verification information, generates a verification result, finally sends the corresponding data access result to the integrating party based on the verification result, and performs information verification simultaneously by utilizing the identification information corresponding to the integrating party and the browser fingerprint information, so that other users of the integrating party are prevented from sharing by utilizing links corresponding to the data page to cause security problems, the security and the reliability of the data access are improved, and a scene of joint login can be output by using page nesting under the premise that the login states between the integrating party and the integrated party are communicated, the problem of safe communication of page data nesting under a cross-domain or a non-cross-domain condition can be solved, and the accuracy and the security of the data access under the joint login scene are improved.
Those skilled in the art will appreciate that the above-described apparatus also includes some other well-known structures, such as a processor, memory, etc., which are not shown in fig. 7 in order to unnecessarily obscure embodiments of the present disclosure.
Referring now to fig. 8, a schematic diagram of an electronic device 800 suitable for use in implementing embodiments of the present disclosure is shown. The terminal device in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a smart screen, a notebook computer, a PAD (tablet), a PMP (portable multimedia player), an in-vehicle terminal (e.g., in-vehicle navigation terminal), etc., a fixed terminal such as a digital TV, a desktop computer, etc. The terminal device shown in fig. 8 is only one example, and should not impose any limitation on the functions and scope of use of the embodiments of the present disclosure.
As shown in fig. 8, the electronic device 800 may include a processing means (e.g., a central processor, a graphics processor, etc.) 801, which may perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 802 or a program loaded from a storage means 808 into a Random Access Memory (RAM) 803. In the RAM803, various programs and data required for the operation of the electronic device 800 are also stored. The processing device 801, the ROM 802, and the RAM803 are connected to each other by a bus 804. An input/output (I/O) interface 805 is also connected to the bus 804.
In general, the following devices may be connected to the I/O interface 805: input devices 806 including, for example, a touch screen, touchpad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, and the like; an output device 807 including, for example, a Liquid Crystal Display (LCD), speakers, vibrators, etc.; storage 808 including, for example, magnetic tape, hard disk, etc.; communication means 809. The communication means 809 may allow the electronic device 800 to communicate wirelessly or by wire with other devices to exchange data. While fig. 8 shows an electronic device 800 having various means, it is to be understood that not all of the illustrated means are required to be implemented or provided. More or fewer devices may be implemented or provided instead. Each block shown in fig. 8 may represent one device or a plurality of devices as needed.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via communication device 809, or installed from storage device 808, or installed from ROM 802. The above-described functions defined in the methods of the embodiments of the present disclosure are performed when the computer program is executed by the processing device 801. It should be noted that the computer readable medium of the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In an embodiment of the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. Whereas in embodiments of the present disclosure, the computer-readable signal medium may comprise a data signal propagated in baseband or as part of a carrier wave, with computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, fiber optic cables, RF (radio frequency), and the like, or any suitable combination of the foregoing.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments of the present application may be implemented in software or in hardware. The described units may also be provided in a processor, for example, described as: a processor comprises a receiving module, a generating module, a checking module and a transmitting module, wherein the names of the modules do not in some cases constitute a limitation of the module itself.
As another aspect, the present application also provides a computer readable medium, which may be contained in the electronic device; or may exist alone without being incorporated into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving an access request of a collection party for a data page, wherein the access request comprises identification information for accessing the data page and browser setting information; based on the browser setting information, generating browser fingerprint information corresponding to the integrator; based on pre-stored verification information, carrying out information verification on the identification information and browser fingerprint information to generate a verification result; and based on the verification result, sending a corresponding data access result to the integrating party.
The foregoing description is only of the preferred embodiments of the present disclosure and description of the principles of the technology being employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above technical features, but encompasses other technical features formed by any combination of the above technical features or their equivalents without departing from the spirit of the invention. Such as the above-described features, are mutually substituted with (but not limited to) the features having similar functions disclosed in the embodiments of the present disclosure.

Claims (14)

1. A data access method applied to an integrated party providing a data access function, the method comprising:
Receiving an access request of an integrator for a data page, wherein the access request comprises identification information for accessing the data page and browser setting information, and the access request is generated by the integrator based on the access operation of the user to the data page after login authentication is completed;
Based on the browser setting information, generating browser fingerprint information corresponding to the integrating party;
acquiring the expiration time corresponding to the identification information in response to acquiring the identification information from the access request;
Judging whether the identification information is in a valid state or not based on the current time and the failure time corresponding to the identification information;
Based on pre-stored verification information, performing information verification on the identification information and the browser fingerprint information, determining whether the identification information and the browser fingerprint information exist in the pre-stored verification information at the same time, and generating a verification result, including: in response to determining that the identification information is in a valid state, performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information, determining whether the identification information and the browser fingerprint information exist in the pre-stored verification information at the same time, and generating a verification result, wherein the pre-stored verification information comprises identification information and browser fingerprint information corresponding to different integrated parties, and each integrated party corresponds to one identification information and browser fingerprint information;
And based on the verification result, sending a corresponding data access result to the integrating party.
2. The method of claim 1, wherein the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information, determining whether the identification information and the browser fingerprint information exist in the pre-stored verification information at the same time, and generating a verification result, including:
judging whether at least one piece of pre-stored identification information in the pre-stored verification information comprises the identification information or not;
In response to determining that at least one piece of pre-stored identification information in the pre-stored verification information comprises the identification information, determining pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information;
comparing the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information;
And generating a verification result of successful verification in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is identical to the browser fingerprint information.
3. The method of claim 2, wherein the performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information, determining whether the identification information and the browser fingerprint information exist in the pre-stored verification information at the same time, and generating a verification result, further comprises:
and in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information does not comprise the identification information, correspondingly storing the identification information and the browser fingerprint information to the pre-stored verification information, and generating a verification result of successful verification.
4. The method of claim 2, wherein the performing information verification on the identification information and the browser fingerprint information based on pre-stored verification information, determining whether the identification information and the browser fingerprint information exist in the pre-stored verification information at the same time, and generating a verification result, further comprises:
and generating a verification result of verification failure in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information.
5. The method of claim 1, the method further comprising:
And generating prompt information for prompting permission invalidation in response to determining that the identification information is in the invalidation state.
6. The method of claim 1, the method further comprising:
Receiving an acquisition request of the integration party for identification information, wherein the acquisition request comprises login information received by the integration party;
And generating the identification information and the expiration time corresponding to the identification information based on the login information in the acquisition request.
7. A data access apparatus for use with an integrated party providing data access functionality, the apparatus comprising:
the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is configured to receive an access request of an integration policy on a data page, wherein the access request comprises identification information for accessing the data page and browser setting information, and the access request is generated by the integration policy based on an access operation of the data page after login authentication is completed by a user;
the generation module is configured to generate browser fingerprint information corresponding to the integrating party based on the browser setting information;
An acquisition module configured to: acquiring the expiration time corresponding to the identification information in response to acquiring the identification information from the access request;
A judgment module configured to: judging whether the identification information is in a valid state or not based on the current time and the failure time corresponding to the identification information;
The verification module is configured to carry out information verification on the identification information and the browser fingerprint information based on pre-stored verification information, and determine whether the identification information and the browser fingerprint information exist in the pre-stored verification information at the same time or not to generate a verification result, wherein the pre-stored verification information comprises identification information and browser fingerprint information corresponding to different integrated parties, and each integrated party corresponds to one identification information and browser fingerprint information;
a transmitting module configured to transmit a corresponding data access result to the integrating party based on the verification result;
the verification module is further configured to: and in response to determining that the identification information is in a valid state, performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information, determining whether the identification information and the browser fingerprint information exist in the pre-stored verification information at the same time, and generating a verification result.
8. The apparatus of claim 7, wherein the verification information comprises at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and, the verification module is further configured to:
judging whether at least one piece of pre-stored identification information in the pre-stored verification information comprises the identification information or not;
In response to determining that at least one piece of pre-stored identification information in the pre-stored verification information comprises the identification information, determining pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information;
comparing the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information;
And generating a verification result of successful verification in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is identical to the browser fingerprint information.
9. The apparatus of claim 8, wherein the verification module is further configured to:
and in response to determining that at least one piece of pre-stored identification information in the pre-stored verification information does not comprise the identification information, correspondingly storing the identification information and the browser fingerprint information to the pre-stored verification information, and generating a verification result of successful verification.
10. The apparatus of claim 8, wherein the verification module is further configured to:
and generating a verification result of verification failure in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information.
11. The apparatus of claim 7, wherein the generation module is further configured to: and generating prompt information for prompting permission invalidation in response to determining that the identification information is in the invalidation state.
12. The apparatus of claim 7, wherein the receiving module is further configured to: receiving an acquisition request of the integration party for identification information, wherein the acquisition request comprises login information received by the integration party;
The generation module is further configured to: and generating the identification information and the expiration time corresponding to the identification information based on the login information in the acquisition request.
13. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs,
The one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-6.
14. A computer readable medium on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the method according to any one of claims 1-6.
CN202210684373.XA 2022-06-16 2022-06-16 Data access method and device Active CN115102744B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202210684373.XA CN115102744B (en) 2022-06-16 2022-06-16 Data access method and device
PCT/CN2023/074316 WO2023241060A1 (en) 2022-06-16 2023-02-03 Data access method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210684373.XA CN115102744B (en) 2022-06-16 2022-06-16 Data access method and device

Publications (2)

Publication Number Publication Date
CN115102744A CN115102744A (en) 2022-09-23
CN115102744B true CN115102744B (en) 2024-06-14

Family

ID=83290266

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210684373.XA Active CN115102744B (en) 2022-06-16 2022-06-16 Data access method and device

Country Status (2)

Country Link
CN (1) CN115102744B (en)
WO (1) WO2023241060A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115102744B (en) * 2022-06-16 2024-06-14 京东科技信息技术有限公司 Data access method and device
CN117544322B (en) * 2024-01-10 2024-03-22 北京雪诺科技有限公司 Browser identification method, device, equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10628576B1 (en) * 2019-08-20 2020-04-21 Capital One Services, Llc Computer-based platforms or systems, computing devices or components and/or computing methods for technological applications involving provision of a portal for managing user accounts having a login portal configured to defend against credential replay attacks

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6253325B1 (en) * 1998-04-15 2001-06-26 Hewlett-Packard Company Apparatus and method for securing documents posted from a web resource
CN107426181B (en) * 2017-06-20 2019-09-17 竞技世界(北京)网络技术有限公司 The hold-up interception method and device of malice web access request
US11240255B1 (en) * 2018-01-31 2022-02-01 Intuit Inc. System and method to recognize unauthenticated visitors
CN109587133B (en) * 2018-11-30 2021-07-23 武汉烽火众智智慧之星科技有限公司 Single sign-on system and method
US11288398B2 (en) * 2019-06-03 2022-03-29 Jpmorgan Chase Bank, N.A. Systems, methods, and devices for obfuscation of browser fingerprint data on the world wide web
CN112491776B (en) * 2019-09-11 2022-10-18 华为云计算技术有限公司 Security authentication method and related equipment
US11539746B2 (en) * 2020-02-18 2022-12-27 Td Ameritrade Ip Company, Inc. Methods and systems for browser spoofing mitigation
CN111541665A (en) * 2020-04-16 2020-08-14 苏州浪潮智能科技有限公司 Data access method, device, storage medium and cluster type security management platform
CN112100603B (en) * 2020-09-15 2022-06-14 福建天晴在线互动科技有限公司 Website combined graph verification code defense method and system
CN112261012A (en) * 2020-09-30 2021-01-22 北京鸿联九五信息产业有限公司 Browser, server and webpage access method
CN113239308B (en) * 2021-05-26 2023-07-18 杭州安恒信息技术股份有限公司 Page access method, device, equipment and storage medium
CN113556343B (en) * 2021-07-21 2022-01-11 江南信安(北京)科技有限公司 DDoS attack defense method and device based on browser fingerprint identification
CN114257430A (en) * 2021-12-13 2022-03-29 以萨技术股份有限公司 Single sign-on system
CN115102744B (en) * 2022-06-16 2024-06-14 京东科技信息技术有限公司 Data access method and device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10628576B1 (en) * 2019-08-20 2020-04-21 Capital One Services, Llc Computer-based platforms or systems, computing devices or components and/or computing methods for technological applications involving provision of a portal for managing user accounts having a login portal configured to defend against credential replay attacks

Also Published As

Publication number Publication date
WO2023241060A1 (en) 2023-12-21
CN115102744A (en) 2022-09-23

Similar Documents

Publication Publication Date Title
CN110879903B (en) Evidence storage method, evidence verification method, evidence storage device, evidence verification equipment and evidence verification medium
CN111639319B (en) User resource authorization method, device and computer readable storage medium
CN110414268B (en) Access control method, device, equipment and storage medium
CN115102744B (en) Data access method and device
CN108965250B (en) Digital certificate installation method and system
CN111833507B (en) Visitor authentication method, device, equipment and computer readable storage medium
US20140137206A1 (en) Password-free, token-based wireless access
CN111991813B (en) Method and device for logging in game, electronic equipment and storage medium
JP2022541835A (en) Methods and apparatus, electronic devices, storage media and computer programs for processing data requests
CN110855655B (en) Information verification method, device, equipment and storage medium
CN115603982B (en) Vehicle-mounted terminal security authentication method and device, electronic equipment and storage medium
CN113536365B (en) File access method, device, equipment and medium
CN112543194B (en) Mobile terminal login method and device, computer equipment and storage medium
CN113612806A (en) Secure network service method, device, electronic equipment and medium
CN110659476A (en) Method and apparatus for resetting password
CN111786936A (en) Method and device for authentication
CN113742663B (en) Watermark file acquisition method and device and electronic equipment
CN113641966B (en) Application integration method, system, equipment and medium
CN112261659B (en) Control method and device for terminal and server, terminal and storage medium
CN111371745B (en) Method and apparatus for determining SSRF vulnerability
CN114205099B (en) Webpage authentication method, electronic equipment and system
CN111885006B (en) Page access and authorized access method and device
CN117201160A (en) Online reading processing method, device, equipment and medium in public network environment
CN115730324A (en) Business system access method and device, storage medium and electronic equipment
CN115459989A (en) Data access method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant