CN115242478B - Method and device for improving data security, electronic equipment and storage medium - Google Patents
Method and device for improving data security, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN115242478B CN115242478B CN202210835347.2A CN202210835347A CN115242478B CN 115242478 B CN115242478 B CN 115242478B CN 202210835347 A CN202210835347 A CN 202210835347A CN 115242478 B CN115242478 B CN 115242478B
- Authority
- CN
- China
- Prior art keywords
- data
- authentication
- state
- account
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 61
- 238000013475 authorization Methods 0.000 claims abstract description 45
- 238000004891 communication Methods 0.000 claims description 20
- 238000004458 analytical method Methods 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 16
- 238000013507 mapping Methods 0.000 claims description 11
- 230000000694 effects Effects 0.000 abstract description 6
- 238000012545 processing Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 8
- 230000003993 interaction Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000007726 management method Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000006872 improvement Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Health & Medical Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method, a device, electronic equipment and a storage medium for improving data security, wherein the method comprises the following steps: receiving a data authentication instruction, and carrying out data authentication on the data authentication instruction according to primary account data in the data authentication instruction to obtain a data authentication state corresponding to the data authentication instruction; if the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on parameters to be used in the data authentication instruction; and when the authorization state is an authorized state, target data corresponding to the parameter to be used is called, and the target data is fed back to a target client. The method and the device solve the problems of low data acquisition efficiency, long time consumption and data leakage, and achieve the effects of quickly acquiring data and guaranteeing data safety.
Description
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a method and apparatus for improving data security, an electronic device, and a storage medium.
Background
For data security in the business processing process, a data authentication system is generally adopted to perform unified and centralized account management.
Typically, account management may employ a 4A system, where the 4A system, when managed, includes four components defined as network security, including authentication, authorization, accounting, and auditing, thereby establishing the status and role of authentication in the overall network security system. At present, when account management is performed through a 4A system, when a plurality of accounts are required to be logged in together for use, or corresponding data resources are called, the resource acquisition efficiency is low, and the time consumption is long.
In order to solve the above-mentioned problems, an improvement is required in the method of data authentication and data acquisition in the account management process.
Disclosure of Invention
The invention provides a method, a device, electronic equipment and a storage medium for improving data security, which are used for solving the problems of low data acquisition efficiency, long time consumption and data leakage.
In a first aspect, an embodiment of the present invention provides a method for improving data security, including:
receiving a data authentication instruction, and carrying out data authentication on the data authentication instruction according to primary account data in the data authentication instruction to obtain a data authentication state corresponding to the data authentication instruction;
If the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on parameters to be used in the data authentication instruction; the parameters to be used comprise at least one of a sub-account number, a resource address, a port address and a communication protocol which are associated with the main account number data;
and when the authorization state is an authorized state, target data corresponding to the parameter to be used is called, and the target data is fed back to a target client.
In a second aspect, an embodiment of the present invention further provides an apparatus for improving data security, including:
the data authentication state determining module is used for receiving a data authentication instruction, and carrying out data authentication on the data authentication instruction according to main account data in the data authentication instruction to obtain a data authentication state corresponding to the data authentication instruction;
the authorization state determining module is used for determining an authorization state corresponding to the data authentication instruction based on parameters to be used in the data authentication instruction if the data authentication state is an authentication passing state; the parameters to be used comprise at least one of a sub-account number, a resource address, a port address and a communication protocol which are associated with the main account number data;
And the target data security promotion module is used for calling target data corresponding to the parameters to be used when the authorization state is the authorized state, and feeding the target data back to the target client.
In a third aspect, an embodiment of the present invention further provides an electronic device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of improving data security according to any one of the embodiments of the present invention.
In a fourth aspect, an embodiment of the present invention further provides a computer readable storage medium, where computer instructions are stored, where the computer instructions are configured to cause a processor to implement a method for improving data security according to any one of the embodiments of the present invention.
According to the technical scheme, the data authentication instruction is received, data authentication is carried out on the data authentication instruction according to the primary account number data in the data authentication instruction, a data authentication state corresponding to the data authentication instruction is obtained, after the data authentication instruction is received, the primary account number data in the data authentication instruction is obtained, and the data authentication is carried out on the primary account number data, so that the corresponding data authentication state is obtained. If the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on a parameter to be used in the data authentication instruction, determining whether target data to be acquired corresponding to the data authentication instruction is authorized to be acquired or not according to the parameter to be used, if so, determining that the authorization state is an authorized state, namely acquiring corresponding target data from a target server, otherwise, acquiring corresponding target data from the target server. And when the authorization state is the authorized state, the target server acquires the target data based on the parameters to be used and feeds the target data back to the target client. The method and the device solve the problems of low data acquisition efficiency, long time consumption and data leakage, and achieve the effects of quickly acquiring data and guaranteeing data safety.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for improving data security according to a first embodiment of the present invention;
FIG. 2 is a flowchart of a method for improving data security according to a second embodiment of the present invention;
FIG. 3 is a flow chart of a method for improving data security according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of a device for improving data security according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device implementing a method for improving data security according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein.
Before the technical scheme is elaborated, application scenes of the technical scheme are introduced so as to more clearly understand the technical scheme. In the process of processing the service, a data interaction situation exists between the server and the third party system, for example, a corresponding resource request instruction can be sent to the server based on the third party system, so that the server sends the resource corresponding to the instruction to the third party system after receiving the resource request instruction. However, in this process, there may be a risk of data leakage, in order to ensure the security of data interaction, a third party system sending a resource request instruction is generally subjected to data authentication, and when it is confirmed that the system is an authorized system and the acquired resource is an authorized resource, the server may send the corresponding resource to the third party system. Based on the technical scheme, the safety of the data in the interaction process can be ensured, so that the risk of leakage of the data resources is reduced.
Example 1
Fig. 1 is a flowchart of a method for improving data security according to an embodiment of the present invention, where the method may be applicable to a case of obtaining a data resource from a server based on a third party system, and the method may be performed by a device for improving data security, where the device for improving data security may be implemented in a form of hardware and/or software, and the device for improving data security may be configured in a computing device that may perform the method for improving data security.
As shown in fig. 1, the method includes:
s110, receiving a data authentication instruction, and carrying out data authentication on the data authentication instruction according to the primary account data in the data authentication instruction to obtain a data authentication state corresponding to the data authentication instruction.
The data authentication instruction may be understood as an instruction sent by a third party system (i.e., a target client) to obtain a data resource. The primary account number data can understand the unique identification data corresponding to each third party system, for example, if the primary account number data of the third party system is account number a, the data authentication instruction may include account number a, so that after receiving the data authentication instruction, the server may perform account number data authentication on the account number a to determine whether the third party system can log in the server. The data authentication state may be understood as a verification state corresponding to the third party system after the server performs data authentication on the primary account number, and may include an authentication passing state and an authentication failing state.
It should be noted that the primary account data may not only be system account data of the third party system, for example, host account data, but also personal account data logged in based on the third party system. For example, the user a inputs personal account data based on a third party system, and the third party sends the personal account data to the server, so that the server performs data authentication on the personal account data of the user a. If the user A is an authorized user capable of logging in the server, the data authentication state of the personal account data is an authentication passing state, otherwise, if the user A is an unauthorized user, the data authentication state of the personal account data is an authentication failing state.
Specifically, the third party system may send a data authentication instruction to the server, and after receiving the data authentication instruction, the server analyzes the data authentication instruction to obtain primary account data carried in the data authentication instruction, and performs data authentication on the primary account data to determine whether the primary account data is authorized account data. If yes, the data authentication state corresponding to the data authentication instruction is an authentication passing state; otherwise, the data authentication state corresponding to the data authentication instruction is an authentication failed state.
Illustratively, taking primary account data as personal account data as an example, company staff total 100 persons, and each staff corresponds to unique primary account data. The main account data of 30 employees can be authorized to log in the server through the third party system, and corresponding data resources are acquired from the server, if the main account data contained in the data authentication instruction received by the server is the main account data corresponding to the authorized 30 employees, the data authentication state corresponding to the data authentication instruction is an authentication passing state, otherwise, the data authentication state is an authentication failing state.
And S120, if the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on the parameters to be used in the data authentication instruction.
The parameters to be used may be understood as data parameters included in the data authentication instruction, for example, the parameters to be used include at least one of a sub-account number, a resource address, a port address, and a communication protocol associated with the primary account number data. The data resources required to be acquired in the data authentication instruction and the data such as the acquisition path corresponding to the data resources can be determined through the parameters to be used, the authorization state can be understood as the state of whether the primary account number data is authorized to acquire the corresponding data resources, and the authorization state can comprise an authorized state and an unauthorized state.
Specifically, if the data authentication instruction corresponding to the primary account number data passes the authentication, further, the data resources to be acquired, the resource path of the data resources, and the like need to be determined according to the parameters to be used in the data authentication instruction. And determining whether a third party system corresponding to the data authentication instruction can acquire corresponding data resources from the server through further authentication of the parameters to be used. If the authorization state of the data authentication instruction is determined to be the authorized state based on the parameters to be used, the third party system can acquire corresponding data resources from the server; otherwise, if the authorization status of the data authentication instruction is an unauthorized status, the third party system is indicated that the corresponding data resource cannot be acquired from the server.
Optionally, determining the authorization status corresponding to the data authentication instruction based on the parameters to be used in the data authentication instruction includes: based on a preset authorized data table, carrying out data authentication on parameters to be used; if the primary account number data and at least one of the sub account number, the resource address, the port address and the communication protocol associated with the primary account number data exist in the authorized data table, determining that the authorization state of the data authentication instruction is an authorized state.
The authorized main account number data which can acquire corresponding data resources and at least one of sub account numbers, resource addresses, port addresses and communication protocols which are associated with the main account number data are recorded in an authorized data table.
Specifically, in order to determine whether the primary account number data corresponding to the data authentication instruction can obtain the corresponding data resource from the server, the data authentication to the parameters to be used may be performed based on the authorized data table, and if at least one of the primary account number data and the secondary account number, the resource address, the port address and the communication protocol associated with the primary account number data is recorded in the authorized data table, it may be determined that the data authentication instruction corresponding to the primary account number data is in an authorized state, that is, a third party system sending the data authentication instruction may obtain the corresponding data resource from the server.
S130, when the authorization state is the authorized state, the target data corresponding to the parameters to be used are called, and the target data are fed back to the target client.
The target data may be understood as a data resource matched with the parameter to be used, or may be understood as a data resource to be acquired based on the data authentication instruction, for example, the parameter to be used based on the data authentication instruction includes a data name of the data resource and a path where the data name and the path where the data resource are located, and the data resource matched with the data name and the path where the data resource is located in the server is the target data resource.
Specifically, if the authorization status is determined to be the authorized status based on the parameters to be used in the data authentication instruction, the server may acquire corresponding target data according to the parameters to be used, and feed back the target data to the target client.
Optionally, retrieving target data corresponding to the parameter to be used, and feeding back the target data to the target client, including: determining a data access path corresponding to the parameter to be used; and calling target data corresponding to the data authentication instruction based on the data access path, and feeding the target data back to the target client.
Specifically, after receiving the data authentication instruction, the server analyzes the data authentication instruction to obtain a parameter to be used, where the parameter to be used may include a data path corresponding to the target data, that is, a data access path corresponding to the target data. And finding target data according to the data access path, and feeding back the target data to the target client after determining the target data.
According to the technical scheme, the data authentication instruction is received, data authentication is carried out on the data authentication instruction according to the primary account number data in the data authentication instruction, a data authentication state corresponding to the data authentication instruction is obtained, after the data authentication instruction is received, the primary account number data in the data authentication instruction is obtained, and the data authentication is carried out on the primary account number data, so that the corresponding data authentication state is obtained. If the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on a parameter to be used in the data authentication instruction, determining whether target data to be acquired corresponding to the data authentication instruction is authorized to be acquired or not according to the parameter to be used, if so, determining that the authorization state is an authorized state, namely acquiring corresponding target data from a target server, otherwise, acquiring corresponding target data from the target server. And when the authorization state is the authorized state, the target server acquires the target data based on the parameters to be used and feeds the target data back to the target client. The method and the device solve the problems of low data acquisition efficiency, long time consumption and data leakage, and achieve the effects of quickly acquiring data and guaranteeing data safety.
Example two
Fig. 2 is a flowchart of a method for improving data security according to a second embodiment of the present invention, optionally, receiving a data authentication command, and performing data authentication on the data authentication command according to primary account data in the data authentication command, so as to refine a data authentication state corresponding to the data authentication command.
As shown in fig. 2, the method includes:
s210, receiving a data authentication instruction.
It should be noted that, in the present technical solution, the third party system may send a plurality of data authentication instructions at the same time, that is, the target server may receive one or more data authentication instructions at the same time, and analyze and process the plurality of data authentication instructions in batches.
The third party system sends 3 data authentication instructions at the same time, and after receiving each data authentication instruction, the target server analyzes and authenticates the 3 data authentication instructions respectively to determine whether the target server can feed corresponding target data back to the target client, that is, the third party system, according to each data authentication instruction.
S220, calling an analysis plug-in corresponding to the data authentication instruction, and analyzing the data authentication instruction based on the analysis plug-in to obtain the primary account data in the data authentication instruction.
The analysis plug-in can be understood as a plug-in for authenticating a data in a server to obtain a parameter to be used corresponding to a new authentication instruction, and the analysis plug-in can be a section of program code or analysis function with an analysis instruction function.
Specifically, after receiving the data authentication instruction, the server invokes a preset analysis plug-in to analyze the data authentication instruction to obtain parameters to be used, such as primary account data, corresponding to the data authentication instruction.
S230, determining an account type corresponding to the primary account data, and determining a data authentication mode corresponding to the account type.
In the technical scheme, the account types comprise a personal account and a system account. The personal account number may be understood as primary account number data corresponding to the user, and the system account number may be understood as a system account number corresponding to the third party system.
The personal account number may be primary account number data logged in based on the third party system, and has a unique correspondence with the user, so that the user can trace back the user who obtains the data resource after obtaining the corresponding data resource from the server through the personal account number.
For example, in the running process of the service, there may be a case that the third party system obtains the data resource from the server, and in order to distinguish different third party systems, different system accounts may be set for different third party systems, so as to trace the system for obtaining the data resource.
Specifically, after the primary account data is obtained through analysis, the account type of the primary account data needs to be determined, so that data authentication is performed on the data authentication instruction corresponding to the primary account data based on a corresponding data authentication mode. Optionally, according to the data identifier carried by the primary account data, determining the account type corresponding to the primary account data; if the account type is a personal account, carrying out data authentication on the primary account data based on a double-factor authentication mode; and if the account number type is a system account number, carrying out data authentication on the primary account number data based on a single-factor authentication mode.
The preset data identifier of the response in each primary account number data can be used for determining the account number type corresponding to the primary account number data according to the data identifier. The two-factor authentication mode comprises a system authentication mode and an identity authentication mode. The single factor authentication method is a system authentication method.
According to different account types of the primary account data, different data authentication modes are needed. Specifically, if the account type is a personal account, in order to be used by other users when the user corresponding to the primary account data is fraudulent, the identity of the user needs to be double-verified, that is, the data authentication is performed on the primary account data based on a double-factor authentication mode. The two-factor method not only needs to perform data authentication on the primary account data of the server system, but also needs to perform identity authentication on the primary account data after the system authentication is passed, such as inputting a verification code or biometric data associated with the primary account data, and the like, and only when the primary account data passes the system authentication and the identity authentication at the same time, can target data corresponding to the data authentication instruction be acquired from the server.
If the account type is the system account, the situation that the primary account data is falsely used does not exist, so that only the primary account data is required to be subjected to system authentication, that is, at least the primary account data can pass the system authentication, and target data corresponding to the data authentication instruction can be acquired from the server.
Optionally, performing data authentication on the primary account data based on a two-factor authentication mode includes: the primary account data is sent to a target server, so that system authentication is carried out on the primary account data through a system authentication mode based on the target server; after the primary account number data passes the system authentication, an identity authentication instruction is sent to the target client side, so that the target client side obtains and feeds back the identity authentication data based on the identity authentication instruction; and receiving the identity authentication data and carrying out identity authentication on the identity authentication data based on an identity authentication mode.
The target server may be understood as a server that receives the data authentication instruction. The identity authentication instruction may be understood as an authentication instruction sent by the server to the target client, so that the target client obtains corresponding identity authentication data based on the identity authentication instruction. The authentication data may include a verification code or biometric data of the user, etc., based on which it may be determined whether the user currently logged in using the primary account data is a user bound to the primary account data.
Specifically, when the type of the primary account data is a personal account, in order to determine that the user using the primary account data is a user bound with the primary account data, identity authentication is required to be performed on the primary account data on the basis of performing system authentication on the primary account data. After the primary account number data passes the system authentication, the server can send an identity authentication instruction to the target client, so that the target client can generate corresponding identity authentication data after receiving the identity authentication instruction, so as to prompt the user to carry out identity authentication, such as a data verification code or a prompt lamp for prompting the user to input relevant biological identification data. After the user inputs corresponding identity authentication data based on the target client, the target client sends the identity authentication data to the target server so that the target server can conduct identity authentication on the identity authentication data according to an identity authentication mode.
S240, carrying out data authentication on the corresponding primary account data based on the data authentication mode to obtain a data authentication state corresponding to the data authentication instruction.
Optionally, determining whether the primary account number data is an authenticated account number based on the target mapping table; if yes, determining the data authentication state as an authentication passing state; if not, determining the data authentication state as an authentication failure state.
The target mapping table may be understood as a data table for recording authenticated primary account data, where the target mapping table includes at least one primary account data to be matched, and the primary account data to be matched may be understood as each authenticated primary account data.
Specifically, after receiving the data authentication instruction at the target server and analyzing the data authentication instruction to obtain the primary account number data, traversing the target mapping table, and if the target mapping table has the primary account number data to be matched corresponding to the primary account number data, determining that the primary account number data in the data authentication instruction is an authenticated account number. Correspondingly, the data authentication state corresponding to the data authentication instruction is an authentication passing state, otherwise, the data authentication state of the data authentication instruction is an unauthenticated passing state.
S250, if the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on parameters to be used in the data authentication instruction.
And S260, when the authorization state is the authorized state, retrieving target data corresponding to the parameters to be used, and feeding back the target data to the target client.
According to the technical scheme, the analysis plug-in corresponding to the data authentication instruction is called, the data authentication instruction is analyzed based on the analysis plug-in, primary account data in the data authentication instruction is obtained, the analysis plug-in is used for analyzing the data authentication instruction, primary account data in the data authentication instruction can be obtained, data authentication is carried out on the primary account data based on the target server, and the data authentication state of the data authentication instruction is determined. And determining an account type corresponding to the main account data, determining a data authentication mode corresponding to the account type, authenticating the main account data by adopting a double-factor authentication mode when the account type is a personal account, and authenticating the main account data by adopting a single-factor authentication mode when the account type is a system account so as to trace a source of a user or a system for acquiring data resources based on the main account data. And carrying out data authentication on the corresponding primary account number data based on the data authentication mode to obtain a data authentication state corresponding to the data authentication instruction, and determining that the data authentication state of the data authentication instruction is an authentication passing state when the primary account number data meets the corresponding data authentication mode, otherwise, determining that the data authentication state of the data authentication instruction is an authentication failing state. The method solves the problem that data leakage possibly occurs due to the fact that data authentication is not strict, and achieves the effects of improving the data authentication mode and guaranteeing the safety of data interaction.
Example III
In a specific example, as shown in fig. 3, the user may send an authentication instruction (i.e., a data authentication instruction) to the target server through the third party system, or may send a data authentication instruction to the target system when the third party system needs to acquire a corresponding data resource from the target server during operation of the third party system. After receiving the data authentication instruction, the target server analyzes the received data authentication instruction based on an analysis plug-in preset in the account authentication center to obtain parameters to be used, such as main account data, and at least one of a sub-account, a resource address, a port address and a communication protocol associated with the main account data, which are contained in the data authentication instruction. It should be noted that, in the technical solution, the target server may receive one or more data authentication instructions at the same time, and parse each data authentication instruction based on the corresponding parsing plug-in to obtain parameters to be used corresponding to each data authentication instruction.
After the primary account data is obtained, a target mapping table of an account authentication center can be called to detect the primary account data, and if the account data to be matched consistent with the primary account data exists in the target mapping table, the data authentication state corresponding to the primary account data can be determined to be an authentication passing state.
Before performing data authentication, determining an account type corresponding to the primary account data, and if the account type is a personal account, performing data authentication on the primary account data based on a system authentication mode. After the primary account number data passes the system authentication, the target server sends an identity authentication instruction to the third party system so that the third party system prompts a user to input the identity authentication data, and the identity authentication data is fed back to the target server based on the third party system. The identity authentication data may include a verification code, biometric data, and the like. And after receiving the identity authentication data, the target server performs identity authentication on the primary account data based on an identity authentication mode. And only when the primary account number data simultaneously meets the system authentication and the identity authentication, determining the data authentication state of the data authentication instruction corresponding to the primary account number data as an authentication passing state.
If the account number type is the system account number, only the primary account number data is required to be subjected to system authentication, and when the primary account number data passes the system authentication, the data authentication state of the data authentication instruction corresponding to the primary account number data can be determined to be the authentication passing state.
When the authentication state of the data authentication instruction corresponding to the primary account number data is an authentication passing state, acquiring parameters to be used from the data authentication instruction, determining whether the parameters to be used are in an authorized state or not based on an authorized data table of an authorization center in the target server, if so, acquiring target data corresponding to the parameters to be used, and feeding the target data back to a third party system, namely the target client.
According to the technical scheme, the data authentication instruction is received, data authentication is carried out on the data authentication instruction according to the primary account number data in the data authentication instruction, a data authentication state corresponding to the data authentication instruction is obtained, after the data authentication instruction is received, the primary account number data in the data authentication instruction is obtained, and the data authentication is carried out on the primary account number data, so that the corresponding data authentication state is obtained. If the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on a parameter to be used in the data authentication instruction, determining whether target data to be acquired corresponding to the data authentication instruction is authorized to be acquired or not according to the parameter to be used, if so, determining that the authorization state is an authorized state, namely acquiring corresponding target data from a target server, otherwise, acquiring corresponding target data from the target server. And when the authorization state is the authorized state, the target server acquires the target data based on the parameters to be used and feeds the target data back to the target client. The method and the device solve the problems of low data acquisition efficiency, long time consumption and data leakage, and achieve the effects of quickly acquiring data and guaranteeing data safety.
Example IV
Fig. 4 is a schematic structural diagram of a device for improving data security according to a fourth embodiment of the present invention. As shown in fig. 4, the apparatus includes: a data authentication status determination module 310, an authorization status determination module 320, and a target data determination module 330.
The data authentication state determining module 310 is configured to receive a data authentication instruction, and perform data authentication on the data authentication instruction according to primary account data in the data authentication instruction, so as to obtain a data authentication state corresponding to the data authentication instruction;
the authorization status determining module 320 is configured to determine, based on the parameter to be used in the data authentication instruction, an authorization status corresponding to the data authentication instruction if the data authentication status is an authentication passing status; the parameters to be used comprise main account data and at least one of a sub account, a resource address, a port address and a communication protocol which are associated with the main account data;
the target data determining module 330 is configured to, when the authorization status is an authorized status, retrieve target data corresponding to the parameter to be used, and feed back the target data to the target client.
According to the technical scheme, the data authentication instruction is received, data authentication is carried out on the data authentication instruction according to the primary account number data in the data authentication instruction, a data authentication state corresponding to the data authentication instruction is obtained, after the data authentication instruction is received, the primary account number data in the data authentication instruction is obtained, and the data authentication is carried out on the primary account number data, so that the corresponding data authentication state is obtained. If the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on a parameter to be used in the data authentication instruction, determining whether target data to be acquired corresponding to the data authentication instruction is authorized to be acquired or not according to the parameter to be used, if so, determining that the authorization state is an authorized state, namely acquiring corresponding target data from a target server, otherwise, acquiring corresponding target data from the target server. And when the authorization state is the authorized state, the target server acquires the target data based on the parameters to be used and feeds the target data back to the target client. The method and the device solve the problems of low data acquisition efficiency, long time consumption and data leakage, and achieve the effects of quickly acquiring data and guaranteeing data safety.
Optionally, the data authentication status determining module includes: the analysis sub-module is used for calling an analysis plug-in corresponding to the data authentication instruction, and analyzing the data authentication instruction based on the analysis plug-in to obtain primary account data in the data authentication instruction;
the authentication mode determining submodule is used for determining an account type corresponding to the primary account data and determining a data authentication mode corresponding to the account type;
and the authentication state determining sub-module is used for carrying out data authentication on the corresponding primary account data based on the data authentication mode to obtain a data authentication state corresponding to the data authentication instruction.
Optionally, the authentication mode determining submodule includes: the account type determining unit is used for determining the account type corresponding to the primary account data according to the data identifier carried by the primary account data;
the double-factor authentication unit is used for carrying out data authentication on the main account data based on a double-factor authentication mode if the account type is a personal account; the double-factor authentication mode comprises a system authentication mode and an identity authentication mode;
the single factor authentication unit is used for carrying out data authentication on the main account data based on a single factor authentication mode if the account type is a system account; the single factor authentication mode is a system authentication mode.
Optionally, the two-factor authentication unit includes: the system authentication subunit is used for sending the primary account data to the target server so as to carry out system authentication on the primary account data through a system authentication mode based on the target server;
the identity authentication instruction sending subunit is used for sending an identity authentication instruction to the target client after the primary account number data passes through system authentication, so that the target client can acquire and feed back the identity authentication data based on the identity authentication instruction;
and the identity authentication subunit is used for receiving the identity authentication data and carrying out identity authentication on the identity authentication data based on an identity authentication mode.
Optionally, the authentication state determining submodule includes: the primary account number data authentication unit is used for determining whether the primary account number data is an authenticated account number based on the target mapping table; the target mapping table comprises at least one primary account number data to be matched;
the passing state determining unit is used for determining that the data authentication state is an authentication passing state if the data authentication state is the authentication passing state;
and the failure state determining unit is used for determining that the data authentication state is an authentication failure state if not.
Optionally, the authorization status determining module includes: the data authentication sub-module is used for carrying out data authentication on the parameters to be used based on a preset authorized data table;
And the authorization state determining sub-module is used for determining that the authorization state of the data authentication instruction is an authorized state if the main account data and at least one of the sub-account, the resource address, the port address and the communication protocol associated with the main account data exist in the authorized data table.
Optionally, the target data determining module includes: an access path determination submodule for determining a data access path corresponding to a parameter to be used;
and the target data determining sub-module is used for calling target data corresponding to the data authentication instruction based on the data access path and feeding the target data back to the target client.
The device for improving the data security provided by the embodiment of the invention can execute the method for improving the data security provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example five
Fig. 5 shows a schematic structural diagram of the electronic device 10 of the embodiment of the present invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic equipment may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 5, the electronic device 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data required for the operation of the electronic device 10 may also be stored. The processor 11, the ROM 12 and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
Various components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange data/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the various methods and processes described above, such as the method of improving data security.
In some embodiments, the method of improving data security may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into RAM 13 and executed by processor 11, one or more steps of the method of improving data security described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured to perform the method of improving data security in any other suitable way (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for implementing the method of improving data security of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying data to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) through which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.
Claims (10)
1. A method for improving data security, comprising:
receiving a data authentication instruction sent by a target client, analyzing the data authentication instruction to obtain main account data carried in the data authentication instruction, and obtaining a data authentication state corresponding to the data authentication instruction according to whether the main account data is authorized account data or not; the target client comprises system account data of a third party system;
If the data authentication state is an authentication passing state, determining an authorization state corresponding to the data authentication instruction based on parameters to be used in the data authentication instruction; the parameters to be used comprise at least one of a sub-account number, a resource address, a port address and a communication protocol which are associated with the main account number data;
and when the authorization state is an authorized state, target data corresponding to the parameter to be used is called, and the target data is fed back to a target client.
2. The method according to claim 1, wherein the performing data authentication on the data authentication instruction according to the primary account number data in the data authentication instruction to obtain a data authentication state corresponding to the data authentication instruction includes:
invoking an analysis plug-in corresponding to the data authentication instruction, and analyzing the data authentication instruction based on the analysis plug-in to obtain main account data in the data authentication instruction;
determining an account type corresponding to the primary account data, and determining a data authentication mode corresponding to the account type;
And carrying out data authentication on the corresponding primary account data based on the data authentication mode to obtain a data authentication state corresponding to the data authentication instruction.
3. The method according to claim 2, wherein the account types include a personal account and a system account, and the determining the account type corresponding to the primary account data and determining the data authentication method corresponding to the account type includes:
determining an account type corresponding to the primary account data according to the data identifier carried by the primary account data;
if the account type is the personal account, carrying out data authentication on the main account data based on a double-factor authentication mode; the double-factor authentication mode comprises a system authentication mode and an identity authentication mode;
if the account number type is the system account number, carrying out data authentication on the primary account number data based on a single-factor authentication mode; wherein the single factor authentication mode is the system authentication mode.
4. A method according to claim 3, wherein the data authentication of the primary account data based on a two-factor authentication method comprises:
The primary account data is sent to a target server, so that system authentication is carried out on the primary account data through the system authentication mode based on the target server;
after the primary account number data passes through the system authentication, an identity authentication instruction is sent to the target client side, so that the target client side obtains and feeds back the identity authentication data based on the identity authentication instruction;
and receiving the identity authentication data and carrying out identity authentication on the identity authentication data based on the identity authentication mode.
5. The method according to claim 2, wherein the performing data authentication on the corresponding primary account data based on the data authentication manner to obtain a data authentication state corresponding to the data authentication instruction includes:
determining whether the primary account data is an authenticated account based on a target mapping table; the target mapping table comprises at least one primary account number data to be matched;
if yes, determining the data authentication state as an authentication passing state;
if not, determining the data authentication state as an authentication failure state.
6. The method of claim 1, wherein the determining the authorization status corresponding to the data authentication instruction based on the parameters to be used in the data authentication instruction comprises:
Based on a preset authorized data table, carrying out data authentication on the parameters to be used;
and if the primary account number data and at least one of a sub account number, a resource address, a port address and a communication protocol associated with the primary account number data exist in the authorized data table, determining that the authorization state of the data authentication instruction is an authorized state.
7. The method of claim 1, wherein the retrieving the target data corresponding to the parameters to be used and feeding back the target data to the target client comprises:
determining a data access path corresponding to the parameter to be used;
and calling target data corresponding to the data authentication instruction based on the data access path, and feeding the target data back to the target client.
8. An apparatus for improving data security, comprising:
the data authentication state determining module is used for receiving a data authentication instruction sent by a target client, analyzing the data authentication instruction to obtain main account data carried in the data authentication instruction, and obtaining a data authentication state corresponding to the data authentication instruction according to whether the main account data is authorized account data or not; the target client comprises system account data of a third party system;
The authorization state determining module is used for determining an authorization state corresponding to the data authentication instruction based on parameters to be used in the data authentication instruction if the data authentication state is an authentication passing state; the parameters to be used comprise at least one of a sub-account number, a resource address, a port address and a communication protocol which are associated with the main account number data;
and the target data determining module is used for calling target data corresponding to the parameter to be used when the authorization state is the authorized state, and feeding back the target data to the target client.
9. An electronic device, the electronic device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of improving data security of any one of claims 1-7.
10. A computer readable storage medium storing computer instructions for causing a processor to perform the method of improving data security of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210835347.2A CN115242478B (en) | 2022-07-15 | 2022-07-15 | Method and device for improving data security, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210835347.2A CN115242478B (en) | 2022-07-15 | 2022-07-15 | Method and device for improving data security, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115242478A CN115242478A (en) | 2022-10-25 |
| CN115242478B true CN115242478B (en) | 2024-01-02 |
Family
ID=83673138
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210835347.2A Active CN115242478B (en) | 2022-07-15 | 2022-07-15 | Method and device for improving data security, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115242478B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850518A (en) * | 2015-12-07 | 2017-06-13 | 阿里巴巴集团控股有限公司 | Safety certifying method and device |
| CN110199309A (en) * | 2017-01-23 | 2019-09-03 | 万事达卡国际公司 | The method and system authenticated via credible performing environment |
| CN110311929A (en) * | 2019-08-01 | 2019-10-08 | 江苏芯盛智能科技有限公司 | A kind of access control method, device and electronic equipment and storage medium |
| CN112866249A (en) * | 2021-01-18 | 2021-05-28 | 深信服科技股份有限公司 | Application login management method and device and storage medium |
| CN113297557A (en) * | 2021-07-27 | 2021-08-24 | 深兰盛视科技(苏州)有限公司 | Account data authorization method, device, equipment and computer readable storage medium |
-
2022
- 2022-07-15 CN CN202210835347.2A patent/CN115242478B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850518A (en) * | 2015-12-07 | 2017-06-13 | 阿里巴巴集团控股有限公司 | Safety certifying method and device |
| CN110199309A (en) * | 2017-01-23 | 2019-09-03 | 万事达卡国际公司 | The method and system authenticated via credible performing environment |
| CN110311929A (en) * | 2019-08-01 | 2019-10-08 | 江苏芯盛智能科技有限公司 | A kind of access control method, device and electronic equipment and storage medium |
| CN112866249A (en) * | 2021-01-18 | 2021-05-28 | 深信服科技股份有限公司 | Application login management method and device and storage medium |
| CN113297557A (en) * | 2021-07-27 | 2021-08-24 | 深兰盛视科技(苏州)有限公司 | Account data authorization method, device, equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115242478A (en) | 2022-10-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8213906B2 (en) | Communication server and method for generating a one-time password using a mobile phone | |
| US10237254B2 (en) | Conditional login promotion | |
| TWI678909B (en) | Safety authentication method, device and system | |
| CN112651011B (en) | Login verification method, device and equipment for operation and maintenance system and computer storage medium | |
| CN106656985B (en) | Backup account login method, device and system | |
| WO2020006895A1 (en) | Account checking method and apparatus, computer device and storage medium | |
| CN107453872A (en) | A kind of unified safety authentication method and system based on Mesos container cloud platforms | |
| CN107483477B (en) | Account management method and account management system | |
| CN111552942A (en) | Identity authentication method, system, device and computer storage medium | |
| CN114513350A (en) | Identity verification method, system and storage medium | |
| CN114186206A (en) | Login method and device based on small program, electronic equipment and storage medium | |
| CN115242478B (en) | Method and device for improving data security, electronic equipment and storage medium | |
| US20230195940A1 (en) | Blockchain-based data processing method and apparatus, device, and storage medium | |
| CN115550413A (en) | Data calling method and device, service gateway and storage medium | |
| US11363020B2 (en) | Method, device and storage medium for forwarding messages | |
| CN114448715B (en) | Authentication method, device, equipment and storage medium based on token | |
| CN115694843B (en) | Camera access management method, system, device and medium for avoiding counterfeiting | |
| US20230385840A1 (en) | System and method for reducing government identification fraud | |
| CN116318769A (en) | Gateway interception method, device, electronic equipment and storage medium | |
| CN114444041A (en) | Interface access method and device, electronic equipment and storage medium | |
| CN117494200A (en) | System access method and device, storage medium and electronic equipment | |
| CN117692238A (en) | Equipment meeting method and device, electronic equipment and storage medium | |
| CN117336072A (en) | Multi-fort machine access system, method, equipment and storage medium | |
| CN115442114A (en) | Lock screen login method and device, electronic equipment and storage medium | |
| CN116132098A (en) | Login management method, device, system, equipment and storage medium of management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |