CN115250186A - Network connection authentication method, device, computer equipment and storage medium - Google Patents

Network connection authentication method, device, computer equipment and storage medium Download PDF

Info

Publication number
CN115250186A
CN115250186A CN202110387901.0A CN202110387901A CN115250186A CN 115250186 A CN115250186 A CN 115250186A CN 202110387901 A CN202110387901 A CN 202110387901A CN 115250186 A CN115250186 A CN 115250186A
Authority
CN
China
Prior art keywords
certificate
network
target network
network connection
acquiring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110387901.0A
Other languages
Chinese (zh)
Other versions
CN115250186B (en
Inventor
陈运佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SF Technology Co Ltd
Original Assignee
SF Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SF Technology Co Ltd filed Critical SF Technology Co Ltd
Priority to CN202110387901.0A priority Critical patent/CN115250186B/en
Publication of CN115250186A publication Critical patent/CN115250186A/en
Application granted granted Critical
Publication of CN115250186B publication Critical patent/CN115250186B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application provides a network connection authentication method, a device, a computer device and a storage medium, comprising: responding to a network connection operation instruction acting on a target network, and performing validity period verification on the local network certificate to obtain a validity period verification result; acquiring a target network certificate based on the validity period check result; checking and installing the target network certificate, and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate; and sending the system valid certificate to a router corresponding to the target network for network authentication so as to connect the target network after the system valid certificate is authenticated. By adopting the method, the operation flow of the network connection authentication can be saved, the network connection authentication efficiency is improved, the reliability of the network connection authentication can be improved, and the safety of the network connection authentication is effectively improved.

Description

Network connection authentication method, device, computer equipment and storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to a network connection authentication method and apparatus, a computer device, and a storage medium.
Background
With the rapid development of the express industry, the number of transfer sites required by sorting express items in each region is increased, except that part of the sites are network access points provided with an intranet, and most of the rest sites can usually set up an extranet route which can access internal data in order to facilitate the operation of the small express items, so that the small express items can access the intranet through a terminal, and the internal data can be acquired.
However, the existing network access mode is single in verification, so that not only is the leakage risk present, but also the enterprise information safety can be seriously damaged. For example, the current network connection authentication methods using mobile terminals include the following three types: 1. after selecting WI-FI, manually inputting a fixed key for authentication; 2. a user inputs a mobile phone number and a short message in an HTTP page for verification; 3. the activation code input by a user is received through the mobile terminal, the preset encrypted digital certificate is loaded, the certificate is sent to the application server for verification in the networking process, and when the certificate is verified to be legal, the connected equipment is determined to be legal.
However, the connection mode of manually inputting the fixed key and the connection mode of verifying the connection by using the short message are only a pure activation code comparison, and if the attacker bypasses the activation step or the fixed key is leaked, the server cannot judge whether the equipment is legal or not; the problem of release code leakage also exists by loading the preset encrypted digital certificate through the release code, so that the usability of the certificate cannot be guaranteed, and the abnormal condition of network connection is easy to occur.
Therefore, the existing network connection authentication method has the technical problem of low authentication security.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a network connection authentication method, apparatus, computer device and storage medium for improving network authentication security.
In a first aspect, the present application provides a network connection authentication method, including:
responding to a network connection operation instruction acting on a target network, and performing validity period verification on the local network certificate to obtain a validity period verification result;
acquiring a target network certificate based on the validity period verification result;
verifying and installing the target network certificate, and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate;
and sending the system valid certificate to a router corresponding to the target network for network authentication, so as to connect the target network after the system valid certificate is authenticated.
In some embodiments of the present application, the step of performing validity check on the local network certificate in response to the network connection operation instruction acting on the target network, and obtaining a validity check result includes:
responding to a network connection operation instruction acting on a target network, and acquiring a local network certificate label through a preset first interface;
if the label information of the local network certificate label is first label information, acquiring a certificate expiration date corresponding to the local network certificate label through a preset first interface as the certificate expiration time of the local network certificate;
and based on the certificate failure time, carrying out validity period verification on the local network certificate to obtain a validity period verification result.
In some embodiments of the present application, the step of obtaining, through a preset first interface, a local network certificate tag in response to a network connection operation instruction acting on a target network includes:
when a screen unlocking operation instruction acting on a display screen is detected, acquiring a screen unlocking result corresponding to the screen unlocking operation instruction;
if the screen unlocking result is successful, determining that the screen unlocking operation instruction is a network connection operation instruction, and acquiring a target network, wherein the target network is a candidate network meeting a preset condition in at least one candidate network;
and responding to a network connection operation instruction acting on the target network, and acquiring a local network certificate label through a preset first interface.
In some embodiments of the present application, the step of performing validity check on the local network certificate based on the certificate expiration time to obtain a validity check result includes:
acquiring the current time of equipment;
calculating a time difference value between the current time of the equipment and the certificate failure time to obtain effective duration;
if the effective duration is smaller than a preset time threshold, determining that the effective period verification result is a first verification result;
and if the valid duration is greater than or equal to the time threshold, determining that the valid period check result is a second check result.
In some embodiments of the present application, the step of obtaining the target network certificate based on the validity period verification result includes:
if the validity period check result is a first check result, generating a certificate acquisition request, and sending the certificate acquisition request to a server to acquire a target network certificate fed back by the server;
and if the validity period check result is a second check result, determining the local network certificate as the target network certificate.
In some embodiments of the present application, before the steps of verifying and installing the target network certificate, and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate, the method further includes:
based on a message digest algorithm, performing security verification on the target network certificate fed back by the server to obtain a security verification result of the target network certificate fed back by the server;
if the safety verification result is successful verification, acquiring the storage path information, the certificate password information and the certificate file name information of the target network certificate;
wherein the storage path information, the certificate password information and the certificate file name information are used for verifying and installing the target network certificate.
In some embodiments of the present application, the step of verifying and installing the target network certificate, and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate includes:
acquiring storage path information, certificate password information and certificate file name information of the target network certificate through a preset second interface;
based on the storage path information, the certificate password information and the certificate file name information, verifying and installing the target network certificate to obtain an installed target network certificate;
acquiring a network identity of the target network through a preset third interface, and acquiring a user certificate key of the installed target network certificate;
and performing system pre-configuration on the installed target network certificate based on the network identity and the user certificate key to obtain a system valid certificate.
In a second aspect, the present application provides a network connection authentication apparatus, including:
the instruction response module is used for responding to a network connection operation instruction acting on a target network, carrying out validity period verification on the local network certificate and acquiring a validity period verification result;
the certificate acquisition module is used for acquiring a target network certificate based on the validity period check result;
the certificate configuration module is used for verifying and installing the target network certificate and carrying out system pre-configuration on the installed target network certificate to obtain a system valid certificate;
and the network connection module is used for sending the system valid certificate to a router corresponding to the target network for network authentication so as to connect the target network after the system valid certificate is authenticated.
In a third aspect, the present application further provides a computer device, including:
one or more processors;
a memory; and one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the processor to implement the network connection authentication method.
In a fourth aspect, the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program is loaded by a processor to execute the steps in the network connection authentication method.
In a fifth aspect, embodiments of the present application provide a computer program product or a computer program comprising computer instructions stored in a computer-readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the method provided by the first aspect.
According to the network connection authentication method, the network connection authentication device, the computer equipment and the storage medium, the terminal responds to the network connection operation instruction acting on the target network and performs validity verification on the local network certificate, so that full-automatic verification, installation and pre-configuration of the local network certificate can be realized, an activation code does not need to be manually input to load the certificate and complete network connection, the operation flow of network connection authentication is saved, and the network connection authentication efficiency is improved. Meanwhile, the terminal also completes the validity period verification operation before the certificate is preconfigured, the timeliness problem of the existing certificate authentication scheme is effectively solved, the usability of the certificate is greatly ensured, the reliability of network connection authentication is further improved, and finally the safety of the network connection authentication is effectively improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic view of a scenario of a network connection authentication method in an embodiment of the present application;
FIG. 2 is a flowchart illustrating a network connection authentication method according to an embodiment of the present application;
FIG. 3 is a flowchart illustrating a network certificate verification step in an embodiment of the present application;
FIG. 4 is a flowchart illustrating a target network connection procedure in an embodiment of the present application;
fig. 5 is a schematic flowchart illustrating a network connection authentication method according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a network connection authentication apparatus in an embodiment of the present application;
fig. 7 is a schematic structural diagram of a computer device in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
In the description of the present application, the terms "first", "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or as implying a number of the indicated technical features. Thus, features defined as "first" and "second" may explicitly or implicitly include one or more of the described features. In the description of the present application, "a plurality" means two or more unless specifically limited otherwise.
In the description of the present application, the term "for example" is used to mean "serving as an example, instance, or illustration". Any embodiment described herein as "for example" is not necessarily to be construed as preferred or advantageous over other embodiments. The following description is presented to enable any person skilled in the art to make and use the invention. In the following description, details are set forth for the purpose of explanation. It will be apparent to one of ordinary skill in the art that the present invention may be practiced without these specific details. In other instances, well-known structures and processes are not set forth in detail in order to avoid obscuring the description of the present invention with unnecessary detail. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
Embodiments of the present application provide a network connection authentication method and apparatus, a computer device, and a storage medium, which are described in detail below.
Referring to fig. 1, fig. 1 is a schematic view of a scenario of a network connection authentication method provided in the present application, where the network connection authentication method is applicable to a network connection authentication system. The network connection authentication system includes a terminal 100 and a server 200, which are connected to each other via a network. The terminal 100 may be a device that includes both receiving and transmitting hardware, i.e., a device having receiving and transmitting hardware capable of performing two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display. The terminal 100 may specifically be a desktop terminal or a mobile terminal, and the terminal 100 may also specifically be one of a mobile phone, a tablet computer, a rifle, a notebook computer, and the like.
The server 200 may be an independent server, or may be a server network or a server cluster composed of servers, which includes but is not limited to a computer, a network host, a single network server, multiple network server sets, or a cloud server composed of multiple servers. Wherein, the Cloud server is composed of a large number of computers or network servers based on Cloud Computing (Cloud Computing); networks include, but are not limited to: a wide area network, a metropolitan area network, or a local area network.
It should be understood by those skilled in the art that the application environment shown in fig. 1 is only one application scenario applicable to the present application scheme, and does not constitute a limitation on the application scenario of the present application scheme, and that other application environments may further include more or less computer devices than those shown in fig. 1, for example, only one server 200 is shown in fig. 1, and it is understood that the system may further include one or more other servers, or one or more other terminals, which are not limited herein. In addition, the system may further include a memory for storing data, such as storing logistics data, for example, various data of the logistics platform, such as logistics transportation information of the logistics network such as the transit terminal, and specifically, such as waybill information, delivery vehicle information and logistics network information.
It should be understood by those skilled in the art that the scenario diagram of the network connection authentication system shown in fig. 1 is only an example, and the network connection authentication system and the scenario described in the embodiment of the present invention are for more clearly illustrating the technical solution of the embodiment of the present invention, and do not form a limitation on the technical solution provided in the embodiment of the present invention.
Referring to fig. 2, an embodiment of the present application provides a network connection authentication method, which is mainly applied to the terminal 100 in fig. 1 to be described as an example below, and the method includes steps S201 to S204, which are specifically as follows:
s201, responding to a network connection operation instruction acting on a target network, carrying out validity period verification on the local network certificate, and obtaining a validity period verification result.
The target network may be a candidate network that satisfies a preset condition in at least one candidate network, and the candidate network may be set for a certain site (e.g., a logistics transit site), that is, the network information covers a wireless network that can be used in connection with the site, and the preset condition may refer to conditions such as signal strength, signal name, and signal privacy. For example, there are 2 candidate networks in the logistics transit yard, including: WI-FI No. 1 and WIFI No. 2, the signal intensity of WI-FI No. 1 is higher than WIFI No. 2, then terminal 100 can select WI-FI No. 1 as the target network that it wants to apply for connection.
The local network certificate refers to a digital certificate stored in a local device of the terminal 100.
Specifically, it is necessary to understand a Digital Certificate (Digital ID) before the network connection authentication method provided in the embodiment of the present application is determined, which provides a means for identity verification on the Internet and is a Digital information file used for marking and proving the identities of both network communication parties. A digital Certificate is issued by an Authority, CA, also called Certificate Authority (Certificate Authority), which people can use to identify the other party in a transaction. In addition, the digital certificate has timeliness, that is, it not only contains a public key, name and digital signature of the certificate authority, but also generally includes the valid time of the key, the name of the issuing authority (certificate authority), the serial number of the certificate, and other information, and the format of the certificate conforms to the relevant international standard. The validity time of the key is key information for embodying the timeliness of the digital certificate.
Specifically, in the existing internet communication scenario, when the extranet device communicates with the intranet device, the extranet device is authenticated by mostly adopting digital certificate authentication and user name and password authentication modes, i.e. several modes described in the background of the present application, but not only the authentication efficiency is low, but also the authentication is easy to falsely used, and the potential safety hazard is very large. Therefore, the present application provides an optimized network connection authentication method, so that the terminal 100 can customize an interface through a pre-developed operating system to implement full-automatic certificate installation, reduce the probability of errors caused by manual operations, improve the security of network connection, and eliminate the operation threshold. And then, the certificate is used for replacing the fixed activation code, so that the safety of network identity verification is effectively improved, and the network access safety is improved.
However, the authentication method using the digital certificate instead of the fixed activation code has two problems of manual input of the activation code and timeliness of the certificate, so the embodiment of the application is switched in from two points of full automation and timeliness, and the problem of the existing certificate authentication is improved. Therefore, when receiving and responding to the network connection operation instruction acting on the target network, the embodiment of the application provides that the validity check is firstly carried out on the local network certificate to ensure the timeliness of the certificate, and then the subsequent steps are executed after the validity check result is obtained. The validity period checking step involved in the present embodiment will be described in detail below.
In one embodiment, this step includes: responding to a network connection operation instruction acting on a target network, and acquiring a local network certificate label through a preset first interface; if the label information of the local network certificate label is first label information, acquiring a certificate expiration date corresponding to the local network certificate label through a preset first interface as the certificate expiration time of the local network certificate; and carrying out validity period verification on the local network certificate based on the certificate failure time to obtain a validity period verification result.
It should be noted that, in the embodiment of the present application, the operating system applied by the terminal 100 is an Android system, and the Android system supports manual certificate installation, and then performs certificate pre-configuration when connecting to a specified WI-FI, so as to implement installation and connection of a certificate. However, to achieve "full automation", the installation and provisioning of the certificate need to be supported by an Application Programming Interface (API) of the operating system. However, the existing Android system does not develop an API interface for certificate validity determination, certificate installation or uninstallation, and certificate pre-configuration, so that it is necessary to perform function interface deep customization with the Android operating system in combination with actual service requirements, and provide the following function interfaces for the terminal 100: (1) acquiring a certificate validity interface; (2) install/uninstall certificate interfaces; (3) the certificate pre-configures a functional interface to provide a convenient path for the terminal 100 to connect to a network.
The first interface related to this embodiment may refer to the interface for acquiring the validity period of the certificate.
Wherein, the local network certificate label may be a Boolean value, denoted as "true" or "false", for identifying whether the local network certificate exists; when the local network certificate label is "true", it represents that the local network certificate exists, and when the local network certificate label is "false", it represents that the local network certificate does not exist. The first tag information is "true" as described above.
The certificate expiration date may refer to the valid time of the key described above, i.e., the expiration start time of the digital certificate, for example, 1/2021, and 0/1/2021.
Specifically, when the terminal 100 detects a network connection operation instruction acting on a target network, it may first obtain a pre-stored local network certificate tag through a preset first interface, and further determine whether tag information of the tag is first tag information "true" or second tag information "false", and if it is determined that the tag information is the first tag information, it indicates that the terminal 100 has a local network certificate, at this time, the terminal 100 may further obtain corresponding certificate expiration time through the first interface, so as to analyze the certificate expiration time to perform validity check on the local network certificate, and finally obtain a validity check result.
More specifically, if the tag information of the local network certificate tag is the second tag information "false", it indicates that the terminal 100 does not store the local network certificate, and needs to apply for the latest certificate to the CA certificate issuing server, so that the validity period check result is set as the first check result and is applied to the subsequent acquisition certificate. The validity period check result acquisition step related in the present embodiment will be described in detail below.
In one embodiment, the step of obtaining the local network certificate tag through a preset first interface in response to a network connection operation instruction acting on the target network includes: when a screen unlocking operation instruction acting on a display screen is detected, acquiring a screen unlocking result corresponding to the screen unlocking operation instruction; if the screen unlocking result is successful, determining that the screen unlocking operation instruction is a network connection operation instruction, and acquiring a target network, wherein the target network is a candidate network meeting a preset condition in at least one candidate network; and responding to a network connection operation instruction acting on the target network, and acquiring a local network certificate label through a preset first interface.
The screen unlocking operation instruction may be a numeric password or a graphic password for unlocking the terminal 100, that is, it may be a character string, or may be a graphic image having coordinate information or numeric information.
Specifically, as shown in fig. 3, a valid unlocking instruction is preset by the user of the terminal 100 as an "S" graphic instruction, and when the terminal 100 detects a screen unlocking operation instruction acting on the display screen, the currently received screen unlocking operation instruction can be matched with the valid unlocking instruction. If the two are matched to be consistent, the screen unlocking result corresponding to the screen unlocking operation instruction is 'unlocking success', and then the screen unlocking operation instruction is used as a network connection operation instruction capable of triggering the label obtaining step to be started, so that the local network certificate label is further obtained through the first interface.
In one embodiment, the step of performing validity check on the local network certificate based on the certificate expiration time to obtain a validity check result includes: acquiring the current time of equipment; calculating a time difference value between the current time of the equipment and the certificate failure time to obtain effective duration; if the effective duration is smaller than a preset time threshold, determining that the effective period verification result is a first verification result; and if the valid duration is greater than or equal to the time threshold, determining that the valid period check result is a second check result.
Here, the device current time may refer to the beijing time recorded by the terminal 100, and may be "3/1/12/23 minutes 2021, for example.
The time threshold may be a time critical value used for determining whether the certificate needs to be updated, for example, the time threshold may be a time threshold calculated daily for 15 days, 30 days, and the like, and for example, the time threshold may be a time threshold calculated hourly, weekly, monthly, and yearly, which is not limited in this embodiment of the present application.
Specifically, after the terminal 100 acquires the certificate expiration time of the local network certificate, the current device time may be further acquired, so as to calculate a time difference between the current device time and the certificate expiration time, obtain an effective duration, and analyze an effective period verification result. As is known in connection with the above-described embodiments, the validity period check result includes a first check result and a second check result, the first check result is denoted as "checking the certificate to be updated", and the second check result is denoted as "checking the certificate not to be updated".
For example, the current time of the device is "3 months and 1 day in 2021", the certificate expiration time is "3 months and 12 days in 2021", the preset time threshold is "30 days", the calculated validity duration is "11 days", the validity duration is smaller than the current time threshold, which indicates that the certificate is less than 30 days away from expiration, and the certificate should be updated, and then the validity period verification result of the certificate can be determined to be the first verification result.
For another example, the current time of the device is "2 months and 1 day in 2021", the certificate expiration time is "3 months and 12 days in 2021", the preset time threshold is "30 days", the calculated validity duration is "39 days", the validity duration is greater than the currently set time threshold, which indicates that the time is still more than 30 days after the certificate expires, and the validity period check result of the certificate is determined to be the second check result without updating the certificate.
More specifically, if the terminal 100 presets a buffer pool (specified file directory) for storing the certificate aging time of the certificate, the certificate aging time described in the above embodiment should be the time obtained by preferentially obtaining the certificate aging time from the buffer pool. After the validity period check result is judged to be the first check result based on the time, certificate expiration dates stored in the operating system database can be further accessed, whether the validity period check result is still the first check result or not is analyzed again, and if the validity period check result is still the first check result, the certificate stored in the terminal 100 needs to be updated.
Further, the condition for accessing the operating system database is that the validity period check tag is the first tag. The validity period check tag may be a tag for identifying a certificate validity period check state, and is denoted as "1" or "0". For example, a time point is set within a period of 24 hours per day, after which if the terminal 100 verifies the validity period of the certificate, the terminal sets the tag to "1", and then analyzes whether there is a verified validity period of the certificate based on this value. As another example, this tag is reset to "0" at 8 points per day, where "0" indicates the validity period of the certificate has not been verified, and subsequent certificate verification steps can continue.
The first label may be a label "1" of the validity period check label, which indicates the validity period of the checked certificate; the second label may be referred to as a label "0" of the validity period check label, indicating that the validity period of the certificate has not been checked. The first tag and the second tag are two tags that identify opposite verification states.
That is, the terminal 100 may first access the certificate expiration time in the buffer pool of the terminal 100, and analyze whether the validity period check result corresponding to the certificate expiration time is the first check result; if the first verification result is obtained, whether the validity period verification label is the first label needs to be analyzed; if the certificate is the first label, a certificate acquisition request can be generated subsequently to acquire a target network certificate fed back by the CA certificate issuing server; if the verification result is the first verification result, the certificate failure time in the database of the operating system can be further accessed, and whether the verification result of the validity period is still the first verification result is further analyzed; if the first verification result is still obtained, a certificate acquisition request can be generated subsequently to acquire a target network certificate fed back by the CA certificate issuing server; if the first check result is not the second check result, the final validity period check result may be determined to be the second check result.
S202, based on the validity period checking result, obtaining the target network certificate.
Specifically, after the terminal 100 analyzes the validity check result of the local network certificate, different steps may be performed based on the result to determine the target network certificate required for networking. The target network certificate acquisition step involved in the present embodiment will be described in detail below.
In one embodiment, this step includes: if the validity period check result is a first check result, generating a certificate acquisition request, and sending the certificate acquisition request to a server to acquire a target network certificate fed back by the server; and if the validity period check result is a second check result, determining the local network certificate as the target network certificate.
Wherein the certificate acquisition request is a request for requesting the CA certificate issuing server to feed back the latest certificate.
Specifically, the way in which the terminal 100 analyzes the validity period verification result may be, as described in the above embodiment, determining the validity period verification result to be finally analyzed by combining the validity period verification tag. If the validity period check result is the first check result and indicates that the certificate needs to be updated in the check, the terminal 100 may generate a certificate acquisition request based on the device identity identifier of the terminal, so as to send the certificate acquisition request to the server 200, so that the server 200 performs identity validity check on the certificate, and after obtaining a check result that the check is legal, forward the certificate acquisition request to the CA certificate issuing server, so as to obtain the latest certificate fed back by the CA certificate issuing server as the target network certificate.
More specifically, if the validity period check result is the second check result, which indicates "checking does not require updating of the certificate", the terminal 100 may determine that the currently stored local network certificate is the target network certificate required for subsequent networking.
S203, the target network certificate is verified and installed, and system pre-configuration is carried out on the installed target network certificate to obtain a system valid certificate.
Specifically, after acquiring the target network certificate, the terminal 100 may first perform validity check on the certificate, further install the target network certificate that passes the check in the operating system, and finally perform provisioning on the installed target network certificate, that is, may wait for a router signal of the target network to find the provisioned target network certificate, thereby completing a series of certificate authentication operations, and implementing automatic and secure access to the target network. The certificate verification installation step and the certificate pre-configuration step involved in the present embodiment will be described in detail below.
In one embodiment, before this step, the network connection authentication method further includes: based on a message digest algorithm, performing security verification on the target network certificate fed back by the server to obtain a security verification result of the target network certificate fed back by the server; if the safety verification result is successful verification, acquiring the storage path information, the certificate password information and the certificate file name information of the target network certificate; the storage path information, the certificate password information and the certificate file name information are used for verifying and installing the target network certificate.
The Message Digest Algorithm may be an MD5 (Message-Digest Algorithm) Algorithm, which is used to generate a unique "digital fingerprint" for any file (regardless of size, format, and number), and by means of the "digital fingerprint", it is known whether the source file is changed by checking whether the MD5 value is changed before and after the file. For example, the target network certificate is an encrypted string, and the server 200 not only feeds back the encrypted string of the certificate, but also returns an MD5 value corresponding to the string, so that after receiving the certificate string, the terminal 100 converts the certificate into a file, directly obtains a new MD5 value from the file, and matches the new MD5 value with the MD5 value obtained in the preceding step, so as to ensure that the obtained certificate is valid.
Specifically, before verifying and installing the currently obtained target network certificate, the terminal 100 first determines whether the target network certificate is newly issued by the CA certificate issuing server and feeds back the target network certificate through the server 200. If so, the MD5 value verification is required to be performed on the validity of the certificate, and after the verification is passed, the storage path information (i.e., the storage path of the certificate in the operating system of the terminal 100), the certificate password information (i.e., the access password preset for the certificate) and the certificate filename information (i.e., the filename preset for the certificate) of the target network certificate are acquired, so that the information is verified and installed by the operating system on the target network certificate. Otherwise, if not, the certificate does not need to be subjected to validity check.
In one embodiment, this step includes: acquiring storage path information, certificate password information and certificate file name information of the target network certificate through a preset second interface; based on the storage path information, the certificate password information and the certificate file name information, verifying and installing the target network certificate to obtain an installed target network certificate; acquiring a network identity of the target network through a preset third interface, and acquiring a user certificate key of the installed target network certificate; and performing system pre-configuration on the installed target network certificate based on the network identity and the user certificate key to obtain a system valid certificate.
The second interface related to the present embodiment may refer to the install/uninstall certificate interface described above; the third interface related to the present embodiment may refer to the certificate provisioning function interface described above.
The network identity may refer to a globally unique identity of the target network, i.e., an SSID (Service Set Identifier).
The user credential key may be a preset string key for implementing a certificate provisioning operation, and the user credential keys corresponding to different terminals 100 are usually different.
Specifically, after the terminal 100 acquires the target network certificate, the storage path information, the certificate password information and the certificate filename information of the target network certificate may be acquired through the second interface, and the target network certificate is verified and installed based on such information, so as to be installed in the operating system of the terminal 100. However, after the certificate is installed, the terminal 100 cannot be prompted to connect to the target network, and the SSID of the target network, that is, the network identity of the target network, needs to be acquired when the certificate is installed, so as to bind the certificate under the network identity of the target network for pre-configuration, and determine the finally configured certificate as a system valid certificate required by subsequent network connection authentication, where the system valid certificate only needs to be stored in the operating system, so that the terminal 100 or other external devices can access when used.
S204, the system valid certificate is sent to a router corresponding to the target network for network authentication, so that the system valid certificate is connected with the target network after being authenticated.
Specifically, as shown In fig. 4, the system valid certificate installed on the terminal 100 may be obtained by a router corresponding to the target network In real time, that is, after a router signal sent by the router is found, certificate information of the system valid certificate may be taken to the router, and then the certificate information is transmitted to an Authentication cluster (Authentication Server cluster) through a radius (Remote Authentication Dial-In User service) protocol, so that the Authentication management platform authenticates the certificate information, and further establishes a trust channel, thereby implementing secure access of the terminal 100 to the target network.
In the network connection authentication method according to the above embodiment, the terminal performs validity check on the local network certificate by responding to the network connection operation instruction acting on the target network, so that full-automatic check, installation and pre-configuration of the local network certificate can be realized, and manual input of an activation code to load the certificate and complete network connection is not required, thereby saving the operation procedure of network connection authentication and further improving the network connection authentication efficiency. Meanwhile, the terminal also completes the validity period verification operation before the certificate is preconfigured, the timeliness problem of the existing certificate authentication scheme is effectively solved, the usability of the certificate is greatly ensured, the reliability of network connection authentication is further improved, and finally the safety of the network connection authentication is effectively improved.
In order to make those skilled in the art fully understand the network connection authentication scheme proposed in the present application, the present application further provides an application scenario applying the network connection authentication method described above. Specifically, the application of the network connection authentication method in the application scenario will be described as follows with reference to fig. 5:
as shown in fig. 5, the network connection authentication scheme proposed in the present application includes the following steps:
1) The terminal detects a valid screen unlocking operation instruction, namely receives a network connection operation instruction acting on a target network, further responds to the instruction, and triggers time efficiency verification on the local network certificate, namely inquires whether the file directory of the local equipment has the expiration date of a certain certificate, and if so, analyzes whether the current certificate is expired or is about to expire based on the expiration date. If yes, the first interface (the interface for obtaining the validity of the certificate) can be called to inquire the certificate expiration date stored in the operating system, and whether the current certificate is still determined to be expired or about to expire is further judged. If the results of the previous and subsequent analyses are consistent, it can be determined that the current certificate is to be updated.
2) After the terminal analyzes and determines that no available certificate exists at present, the terminal can call a certificate application interface or a certificate updating interface to initiate a request to the server, so that the server forwards the request to the CA certificate issuing server, and the available certificate is fed back.
3) After the terminal receives the available certificate, the validity of the certificate can be checked firstly, if the certificate passes the check, the certificate can be further installed through the second interface (the certificate installing/uninstalling interface), and then the certificate is preconfigured through the third interface (the certificate preconfigured function interface), so that the terminal can be connected with a target network in a subsequent quick authentication mode, and the target network can be safely accessed.
In the network connection authentication method provided in the above embodiment, the terminal performs validity check on the local network certificate by responding to the network connection operation instruction acting on the target network, so that full-automatic check, installation, and pre-configuration of the local network certificate can be realized without manually inputting an activation code to load the certificate and complete network connection, thereby saving an operation procedure of network connection authentication and further improving network connection authentication efficiency. Meanwhile, the terminal also completes the validity period verification operation before the certificate is preconfigured, the timeliness problem of the existing certificate authentication scheme is effectively solved, the usability of the certificate is greatly ensured, the reliability of network connection authentication is further improved, and finally the safety of the network connection authentication is effectively improved.
In order to better implement the network connection authentication method in the embodiment of the present application, on the basis of the network connection authentication method, the embodiment of the present application further provides a network connection authentication apparatus, as shown in fig. 6, where the network connection authentication apparatus 600 includes:
the instruction response module 610 is configured to perform validity check on the local network certificate in response to a network connection operation instruction acting on the target network, and obtain a validity check result;
a certificate obtaining module 620, configured to obtain a target network certificate based on the validity period check result;
the certificate configuration module 630 is configured to verify and install the target network certificate, and perform system pre-configuration on the installed target network certificate to obtain a system valid certificate;
and the network connection module 640 is configured to send the system valid certificate to a router corresponding to the target network for network authentication, so as to connect to the target network after the system valid certificate is authenticated.
In some embodiments of the present application, the instruction response module 610 is further configured to, in response to a network connection operation instruction acting on the target network, obtain a local network certificate tag through a preset first interface; if the label information of the local network certificate label is first label information, acquiring a certificate expiration date corresponding to the local network certificate label through a preset first interface as the certificate expiration time of the local network certificate; and based on the certificate failure time, carrying out validity period verification on the local network certificate to obtain a validity period verification result.
In some embodiments of the present application, the instruction response module 610 is further configured to, when a screen unlocking operation instruction acting on a display screen is detected, obtain a screen unlocking result corresponding to the screen unlocking operation instruction; if the screen unlocking result is successful, determining that the screen unlocking operation instruction is a network connection operation instruction, and acquiring a target network, wherein the target network is a candidate network meeting a preset condition in at least one candidate network; and responding to a network connection operation instruction acting on the target network, and acquiring a local network certificate label through a preset first interface.
In some embodiments of the present application, the instruction response module 610 is further configured to obtain a current time of the device; calculating a time difference value between the current time of the equipment and the certificate failure time to obtain effective duration; if the effective duration is smaller than a preset time threshold, determining that the effective period verification result is a first verification result; and if the valid duration is greater than or equal to the time threshold, determining that the valid period check result is a second check result.
In some embodiments of the present application, the certificate obtaining module 620 is further configured to generate a certificate obtaining request if the validity period check result is a first check result, and send the certificate obtaining request to a server to obtain a target network certificate fed back by the server; and if the validity period check result is a second check result, determining the local network certificate as the target network certificate.
In some embodiments of the present application, the network connection authentication apparatus 600 further includes an information obtaining module, configured to perform security verification on the target network certificate fed back by the server based on a message digest algorithm, and obtain a security verification result of the target network certificate fed back by the server; if the safety verification result is successful verification, acquiring the storage path information, the certificate password information and the certificate file name information of the target network certificate; wherein the storage path information, the certificate password information and the certificate file name information are used for verifying and installing the target network certificate.
In some embodiments of the present application, the certificate configuration module 630 is further configured to obtain, through a preset second interface, storage path information, certificate password information, and certificate filename information of the target network certificate; based on the storage path information, the certificate password information and the certificate file name information, verifying and installing the target network certificate to obtain an installed target network certificate; acquiring a network identity of the target network through a preset third interface, and acquiring a user certificate key of the installed target network certificate; and performing system pre-configuration on the installed target network certificate based on the network identity and the user certificate key to obtain a system valid certificate.
In the above embodiment, the terminal performs validity period check on the local network certificate by responding to the network connection operation instruction acting on the target network, so that full-automatic check, installation and pre-configuration of the local network certificate can be realized, and manual input of an activation code to load the certificate and complete network connection is not required, so that the operation flow of network connection authentication is saved, and the network connection authentication efficiency is further improved. Meanwhile, the terminal also completes the validity period verification operation before the certificate is preconfigured, the timeliness problem of the existing certificate authentication scheme is effectively solved, the usability of the certificate is greatly ensured, the reliability of network connection authentication is further improved, and finally the safety of the network connection authentication is effectively improved.
For specific limitations of the network connection authentication device, reference may be made to the above limitations of the network connection authentication method, which are not described in detail herein. The modules in the network connection authentication device may be implemented in whole or in part by software, hardware, and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In some embodiments of the present application, the network connection authentication apparatus 600 may be implemented in a form of a computer program, and the computer program may be run on a computer device as shown in fig. 7. The memory of the computer device may store various program modules constituting the network connection authentication apparatus 600, such as an instruction response module 610, a certificate acquisition module 620, a certificate configuration module 630, and a network connection module 640 shown in fig. 6. The computer program constituted by the respective program modules causes the processor to execute the steps in the logistics route recommendation method of the respective embodiments of the present application described in the present specification.
For example, the computer device shown in fig. 7 may execute step S201 through the instruction response module 610 in the network connection authentication apparatus 600 shown in fig. 6. The computer device may perform step S202 through the certificate acquisition module 620. The computer device may perform step S203 by the certificate configuration module 630. The computer device may perform step S204 through the network connection module 640. The computer device comprises a processor, a memory, a communication interface, a display screen and an input device which are connected through a system bus.
Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless communication can be realized through WI-FI (wireless fidelity), an operator network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a network connection authentication method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
It will be appreciated by those skilled in the art that the configuration shown in fig. 7 is a block diagram of only a portion of the configuration associated with the present application, and is not intended to limit the computing device to which the present application may be applied, and that a particular computing device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
In some embodiments of the present application, a computer device is provided that includes one or more processors; a memory; and one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the processor to perform the steps of the network connection authentication method described above. Here, the steps of the network connection authentication method may be steps in the network connection authentication methods of the above-described embodiments.
In some embodiments of the present application, a computer-readable storage medium is provided, which stores a computer program, which is loaded by a processor, and causes the processor to execute the steps of the network connection authentication method. Here, the steps of the network connection authentication method may be steps in the network connection authentication methods of the respective embodiments described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the computer program is executed. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The network connection authentication method, apparatus, computer device and storage medium provided in the embodiments of the present application are described in detail above, and a specific example is applied in the present application to explain the principle and the implementation of the present invention, and the description of the above embodiments is only used to help understanding the method and the core idea of the present invention; meanwhile, for those skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (10)

1. A network connection authentication method, comprising:
responding to a network connection operation instruction acting on a target network, and performing validity period verification on the local network certificate to obtain a validity period verification result;
acquiring a target network certificate based on the validity period verification result;
verifying and installing the target network certificate, and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate;
and sending the system valid certificate to a router corresponding to the target network for network authentication, so as to connect the target network after the system valid certificate is authenticated.
2. The network connection authentication method according to claim 1, wherein the step of performing validity check on the local network certificate in response to the network connection operation command to the target network to obtain a result of the validity check comprises:
responding to a network connection operation instruction acting on a target network, and acquiring a local network certificate label through a preset first interface;
if the label information of the local network certificate label is first label information, acquiring a certificate expiration date corresponding to the local network certificate label through a preset first interface as the certificate expiration time of the local network certificate;
and carrying out validity period verification on the local network certificate based on the certificate failure time to obtain a validity period verification result.
3. The network connection authentication method according to claim 2, wherein the step of acquiring the local network certificate tag through the preset first interface in response to the network connection operation command acting on the target network comprises:
when a screen unlocking operation instruction acting on a display screen is detected, acquiring a screen unlocking result corresponding to the screen unlocking operation instruction;
if the screen unlocking result is successful, determining that the screen unlocking operation instruction is a network connection operation instruction, and acquiring a target network, wherein the target network is a candidate network meeting preset conditions in at least one candidate network;
and responding to a network connection operation instruction acting on the target network, and acquiring a local network certificate label through a preset first interface.
4. The network connection authentication method according to claim 2, wherein the step of performing validity check on the local network certificate based on the certificate expiration time to obtain a validity check result comprises:
acquiring the current time of equipment;
calculating a time difference value between the current time of the equipment and the certificate failure time to obtain effective duration;
if the effective duration is smaller than a preset time threshold, determining that the effective period verification result is a first verification result;
and if the valid duration is greater than or equal to the time threshold, determining that the valid period check result is a second check result.
5. The network connection authentication method of claim 1, wherein the step of obtaining the target network certificate based on the validity period check result comprises:
if the validity period check result is a first check result, generating a certificate acquisition request, and sending the certificate acquisition request to a server to acquire a target network certificate fed back by the server;
and if the validity period check result is a second check result, determining the local network certificate as the target network certificate.
6. The network connection authentication method of claim 1, wherein before the steps of verifying the target network certificate and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate, the method further comprises:
based on a message digest algorithm, performing security verification on a target network certificate fed back by a server to obtain a security verification result of the target network certificate fed back by the server;
if the safety verification result is successful, acquiring storage path information, certificate password information and certificate file name information of the target network certificate;
wherein the storage path information, the certificate password information and the certificate file name information are used for verifying and installing the target network certificate.
7. The network connection authentication method of claim 1, wherein the step of verifying and installing the target network certificate and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate comprises:
acquiring storage path information, certificate password information and certificate file name information of the target network certificate through a preset second interface;
based on the storage path information, the certificate password information and the certificate file name information, verifying and installing the target network certificate to obtain an installed target network certificate;
acquiring a network identity of the target network through a preset third interface, and acquiring a user certificate key of the installed target network certificate;
and performing system pre-configuration on the installed target network certificate based on the network identity and the user certificate key to obtain a system valid certificate.
8. A network connection authentication apparatus, comprising:
the instruction response module is used for responding to a network connection operation instruction acting on a target network, carrying out validity period verification on the local network certificate and acquiring a validity period verification result;
the certificate acquisition module is used for acquiring a target network certificate based on the validity period check result;
the certificate configuration module is used for verifying and installing the target network certificate and performing system pre-configuration on the installed target network certificate to obtain a system valid certificate;
and the network connection module is used for sending the system valid certificate to a router corresponding to the target network for network authentication so as to connect the target network after the system valid certificate is authenticated.
9. A computer device, characterized in that the computer device comprises:
one or more processors;
a memory; and one or more applications, wherein the one or more applications are stored in the memory and configured to be executed by the processor to implement the network connection authentication method of any one of claims 1 to 7.
10. A computer-readable storage medium, having stored thereon a computer program which is loaded by a processor to perform the steps of the network connection authentication method of any one of claims 1 to 7.
CN202110387901.0A 2021-04-12 2021-04-12 Network connection authentication method, device, computer equipment and storage medium Active CN115250186B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110387901.0A CN115250186B (en) 2021-04-12 2021-04-12 Network connection authentication method, device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110387901.0A CN115250186B (en) 2021-04-12 2021-04-12 Network connection authentication method, device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN115250186A true CN115250186A (en) 2022-10-28
CN115250186B CN115250186B (en) 2024-04-16

Family

ID=83696333

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110387901.0A Active CN115250186B (en) 2021-04-12 2021-04-12 Network connection authentication method, device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115250186B (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1799240A (en) * 2002-03-20 2006-07-05 捷讯研究有限公司 Certificate information storage system and method
CN104506534A (en) * 2014-12-25 2015-04-08 青岛微智慧信息有限公司 Safety communication secret key negotiation interaction scheme
US20160134621A1 (en) * 2014-11-12 2016-05-12 Qualcomm Incorporated Certificate provisioning for authentication to a network
WO2017020546A1 (en) * 2015-08-06 2017-02-09 中兴通讯股份有限公司 Network access device verifying method and apparatus
CN107026738A (en) * 2016-02-01 2017-08-08 阿里巴巴集团控股有限公司 Digital certificate updating method, digital signature verification method and digital authentication device
CN109359977A (en) * 2018-09-10 2019-02-19 平安科技(深圳)有限公司 Network communication method, device, computer equipment and storage medium
CN110879879A (en) * 2018-09-05 2020-03-13 航天信息股份有限公司 Internet of things identity authentication method and device, electronic equipment, system and storage medium
US10708256B1 (en) * 2015-10-13 2020-07-07 Amazon Technologies, Inc. Identification of trusted certificates
WO2020233308A1 (en) * 2019-05-22 2020-11-26 深圳壹账通智能科技有限公司 Self-checking method, apparatus and device based on local certificate, and storage medium
CN112291279A (en) * 2020-12-31 2021-01-29 南京敏宇数行信息技术有限公司 Router intranet access method, system and equipment and readable storage medium
WO2021031689A1 (en) * 2019-08-19 2021-02-25 北京国双科技有限公司 Single sign-on method, device, and system

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1799240A (en) * 2002-03-20 2006-07-05 捷讯研究有限公司 Certificate information storage system and method
US20160134621A1 (en) * 2014-11-12 2016-05-12 Qualcomm Incorporated Certificate provisioning for authentication to a network
CN104506534A (en) * 2014-12-25 2015-04-08 青岛微智慧信息有限公司 Safety communication secret key negotiation interaction scheme
WO2017020546A1 (en) * 2015-08-06 2017-02-09 中兴通讯股份有限公司 Network access device verifying method and apparatus
US10708256B1 (en) * 2015-10-13 2020-07-07 Amazon Technologies, Inc. Identification of trusted certificates
CN107026738A (en) * 2016-02-01 2017-08-08 阿里巴巴集团控股有限公司 Digital certificate updating method, digital signature verification method and digital authentication device
CN110879879A (en) * 2018-09-05 2020-03-13 航天信息股份有限公司 Internet of things identity authentication method and device, electronic equipment, system and storage medium
CN109359977A (en) * 2018-09-10 2019-02-19 平安科技(深圳)有限公司 Network communication method, device, computer equipment and storage medium
WO2020233308A1 (en) * 2019-05-22 2020-11-26 深圳壹账通智能科技有限公司 Self-checking method, apparatus and device based on local certificate, and storage medium
WO2021031689A1 (en) * 2019-08-19 2021-02-25 北京国双科技有限公司 Single sign-on method, device, and system
CN112291279A (en) * 2020-12-31 2021-01-29 南京敏宇数行信息技术有限公司 Router intranet access method, system and equipment and readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
吴向东;: "构建基于PKI高校校园网身份认证系统", 通信技术, no. 06 *

Also Published As

Publication number Publication date
CN115250186B (en) 2024-04-16

Similar Documents

Publication Publication Date Title
US20210405995A1 (en) Enterprise firmware management
CN108200050B (en) Single sign-on server, method and computer readable storage medium
CN109218260B (en) Trusted environment-based authentication protection system and method
US10645568B2 (en) Carrier configuration processing method, device and system, and computer storage medium
US10542422B2 (en) Data backup method, storage medium and electronic device
CN110324338B (en) Data interaction method, device, fort machine and computer readable storage medium
CN112039826B (en) Login method and device applied to applet end, electronic equipment and readable medium
US20140317704A1 (en) Method and system for enabling the federation of unrelated applications
CN109257426B (en) Service line resource loading method and device, computer equipment and storage medium
WO2023093500A1 (en) Access verification method and apparatus
CN111966422A (en) Localized plug-in service method and device, electronic equipment and storage medium
CN110677391B (en) Third-party link verification method based on URL Scheme technology and related equipment
US20110154436A1 (en) Provider Management Methods and Systems for a Portable Device Running Android Platform
CN104348616A (en) Method for visiting terminal security component, device thereof and system thereof
CN110830479B (en) Multi-card-based one-key login method, device, equipment and storage medium
CN109992298B (en) Examination and approval platform expansion method and device, examination and approval platform and readable storage medium
CN108228280A (en) The configuration method and device of browser parameters, storage medium, electronic equipment
CN106919812B (en) Application process authority management method and device
CN111400684A (en) Electronic certificate information acquisition method, system, device, equipment and storage medium
WO2022151865A1 (en) Service interface generation method and apparatus, and readable medium and device
CN115250186B (en) Network connection authentication method, device, computer equipment and storage medium
CN113114623B (en) Data connection method, device, terminal equipment and computer readable storage medium
CN113536365A (en) File access method, device, equipment and medium
CN112464225A (en) Request processing method, request processing device and computer readable storage medium
CN112367347B (en) Encryption equipment access method, device and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant