CN115529177A - Cross-platform system security login authentication system - Google Patents
Cross-platform system security login authentication system Download PDFInfo
- Publication number
- CN115529177A CN115529177A CN202211175173.8A CN202211175173A CN115529177A CN 115529177 A CN115529177 A CN 115529177A CN 202211175173 A CN202211175173 A CN 202211175173A CN 115529177 A CN115529177 A CN 115529177A
- Authority
- CN
- China
- Prior art keywords
- authentication
- cross
- platform
- module
- platform security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 claims abstract description 53
- 230000008569 process Effects 0.000 claims abstract description 41
- 230000006978 adaptation Effects 0.000 claims description 22
- 238000005516 engineering process Methods 0.000 claims description 18
- 230000003993 interaction Effects 0.000 claims description 9
- 238000013461 design Methods 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 5
- 230000009471 action Effects 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 3
- 238000009434 installation Methods 0.000 claims description 2
- 238000012423 maintenance Methods 0.000 abstract description 6
- 238000011161 development Methods 0.000 description 7
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 241000272041 Naja Species 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/163—In-band adaptation of TCP data exchange; In-band control procedures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Stored Programmes (AREA)
Abstract
The invention relates to a cross-platform system security login authentication system, and belongs to the technical field of identity authentication security. The cross-platform system security login authentication system designed and realized by the invention can overcome the problems of difficult software development and maintenance, poor adaptability and low security caused by the difference of system login module interface styles and authentication processes among different platforms and different system versions.
Description
Technical Field
The invention belongs to the technical field of identity authentication security, and particularly relates to a cross-platform system security login authentication system.
Background
With the development of computer security, the system login modules of each platform cannot meet the requirements, and people begin to use self-developed system login modules to replace the login modules of the systems.
The system login relates to the bottom principle of an operating system, and each system manufacturer provides an interface: a windows xp system login module is realized by using gina technology, and an interface is realized by using windows api, such as MFC; 2, the system login module above windows7 is realized by using a creative Providers technology, and an interface is realized by using a template carried by the module; and 3, realizing the Linux system login module by using technologies such as GNOME, lightDM and the like.
In any operating system, the system login module only performs simple authentication of the system user name and the system password, and different login technologies and different interfaces api are used. Not only the security is poor, and difficult to maintain development. Developers need to use corresponding technologies according to different systems and versions to realize login modules of corresponding versions, the development process is complicated, particularly, during maintenance and upgrading, all platform codes are needed to be maintained, and due to the fact that the developers are involved in the bottom layer of an operating system and develop across platforms, the developers can carelessly cause the problems that the developers cannot enter the operating system or the security is difficult to achieve, and the immeasurable consequences are caused. And the styles of the interfaces under each platform are inconsistent, so that the use and study cost and the attractiveness are increased.
Disclosure of Invention
Technical problem to be solved
The technical problem to be solved by the invention is as follows: how to design a cross-platform system security login authentication system solves the problems that a login module provided by an operating system is low in security and the cross-platform development and maintenance difficulty is large.
(II) technical scheme
In order to solve the above technical problem, the present invention provides a cross-platform system security login authentication system, which includes:
the platform adaptation module is deployed according to different operating systems and only processes interaction with the operating systems;
a cross-platform security authentication module which is developed by using Qt and used for displaying a login interface and processing an authentication process;
and the authentication server is used for communicating with the cross-platform security authentication module and verifying the login validity.
Preferably, the operation related to the operating system is implemented in the platform adaptation module, and this module only calls an interface of the cross-platform security authentication module to obtain the authentication result, and if the authentication result is successful, the cross-platform security authentication module is called again, and if the authentication result is failed, the cross-platform security authentication module is logged into the system.
Preferably, the cross-platform security authentication module is developed by using a cross-platform interface library Qt, has a cross-platform capability, starts an event cycle once being called, synchronously calls an authentication logic, returns after the authentication is finished, has a TCP communication capability, can be connected with an authentication server, encrypts user input information and sends the encrypted user input information to a server side to assist in finishing an authentication process.
Preferably, the authentication server is deployed at a remote end or at a local end, communicates with the cross-platform security authentication module through a TCP protocol, compares information to be verified with contents in the database, and returns result information to the cross-platform security authentication module to assist the cross-platform security authentication module in completing identity authentication.
Preferably, the system installation is deployed on Windows XP/7/10, galaxy kylin, winning bid kylin or inux system;
in a Windwos XP system, the platform adaptation module uses a GINA technology to rewrite a system login function, circularly calls a cross-platform security authentication module, obtains an authentication result and tries to login the system;
in a Windwos 7/10 system, the platform adaptation module uses a Credential Providers technology, circularly calls a cross-platform security authentication module in a sub-process mode, waits for the process to be finished, obtains an authentication result and tries to log in the system;
on the systems of the Galaxy kylin, the winning symbol kylin or the Linux system, the platform adaptation module uses the LightDM technology, and can directly and circularly call the platform security authentication module to obtain the authentication result and try to log in the system.
Preferably, the cross-platform security authentication module can format the content input by the user in the human-computer interaction interface according to a TCP authentication protocol and then send the formatted content to the authentication server.
Preferably, in the Windows XP system, the cross-platform security authentication module selects an MSVC compiler to perform joint compilation with the Qt, selects an MSVC2013 version as the version of the MSVC compiler, and adjusts a load path of a Qt default library to solve the problem of library shortage.
Preferably, in a Windows7/10 system, a mode of modifying a system function entry is used for capturing an authentication action, a sub-process is subsequently used for calling a cross-platform security authentication module, a cross-platform authentication process is adapted, when system authentication starts, a sub-process is newly established, a current system authentication process is locked, an authentication logic is executed, an authentication result is returned through a process return value, and then the system authentication process is continuously executed;
in the Linux system, a LightDM technology is used, the cross-platform security authentication module is called to complete the authentication process, and then the interaction with an operating system is carried out through LightDM/Gretter classes.
Preferably, the communication function in the cross-platform security authentication module uses a customized TCP module, a TCP protocol is customized in the cross-platform security authentication module, the message type and the data body are input, and the cross-platform security authentication module can communicate with the authentication server, and TCP sticky packet processing and MTU packet packaging design are designed in the customized TCP module; the cross-platform security authentication module is realized by using a winsocket in a Windows system and a BSD socket in a Linux system.
The invention also provides a design method of the system.
(III) advantageous effects
The invention designs and realizes a cross-platform system security login authentication system, and can overcome the problems of difficult software development and maintenance, poor adaptability and low security caused by the difference of system login module interface styles and authentication processes among different platforms and different system versions.
Drawings
FIG. 1 is a schematic diagram of a module call relationship of the system of the present invention.
Detailed Description
In order to make the objects, contents and advantages of the present invention clearer, the following detailed description of the embodiments of the present invention will be made in conjunction with the accompanying drawings and examples.
The invention designs a cross-platform system security login authentication system aiming at the problems of difficult software development and maintenance, poor adaptability and low security caused by the difference of system login module interface styles and authentication processes between different platforms and different system versions.
(I) System component parts
The system described in the present invention mainly comprises the following components:
1) And the platform adaptation module is deployed according to different operating systems and only processes interaction with the operating systems.
2) And the cross-platform security authentication module is developed by using Qt and is used for login interface display and authentication process processing.
3) And the authentication server is used for communicating with the cross-platform security authentication module and verifying the login validity.
(II) Module Call relationship
The invention covers the difference between the operating systems to the maximum extent, and puts the operation related to the operating system into the platform adaptation module, referring to fig. 1, the module only calls the interface of the cross-platform security authentication module to obtain the authentication result, if the authentication result is successful, the cross-platform security authentication module is called again, if the authentication result is failed.
The cross-platform security authentication module is developed by using a cross-platform interface library Qt, has cross-platform capability, can realize uniform interface styles under various platforms, starts event circulation once being called, synchronously calls authentication logic, and returns after the authentication is finished. The module also has the TCP communication capability, can be connected with an authentication server, encrypts user input information and then sends the encrypted user input information to a server side to assist in completing an authentication process.
The authentication server can be deployed at a far end or a local end, communicates with the cross-platform security authentication module through a TCP protocol, compares information to be verified with contents in the database for verification, and returns result information to the cross-platform security authentication module to assist the cross-platform security authentication module in completing identity authentication.
(III) Adaptation and maintenance
The system can be installed and deployed on Windows XP/7/10, galaxy kylin, winning symbol kylin, or other Linux systems.
1) In a Windwos XP system, a platform adaptation module uses a GINA technology to rewrite a system login function, circularly calls a cross-platform security authentication module, obtains an authentication result and tries to log in the system.
2) In the Windwos 7/10 system, the platform adaptation module uses the Credential services technology, because an interface and an event loop already exist in the platform adaptation module, the platform adaptation module circularly calls the cross-platform security authentication module in a subprocess mode, waits for the process to be finished, acquires an authentication result and tries to log in the system.
3) In the systems of Galaxy kylin, naja kylin or other Linux systems, the platform adaptation module uses the LightDM technology, because the LightDM supports Qt, the platform security authentication module can be directly and circularly called, the authentication result is obtained, and the login of the system is attempted.
Because the platform adaptation module is only responsible for calling the cross-platform security authentication module and system operation, once the platform adaptation module is installed and deployed, the platform adaptation module is not required to be upgraded or maintained, and all platforms can be updated only by modifying the cross-platform security authentication module when needed subsequently.
The invention adopts the idea of modular architecture design, the functions of each module are independent, the functions of the modules are decoupled, and programmers can select required modules according to requirements and can write and replace corresponding modules according to module specifications.
The cross-platform security authentication module can format the content input by the user in the human-computer interaction interface according to a TCP authentication protocol and then send the formatted content to the authentication server, and a programmer can upgrade the authentication server according to project requirements and can also realize a new authentication server according to the TCP authentication protocol.
In addition, a brand-new authentication module can be realized according to a cross-platform security authentication module interface, at the moment, a programmer only needs to return an authentication result after the authentication process of the programmer is finished without knowing the operation principle of a system login module in each system, and the integration can be easily realized.
(IV) function realization
1) Under the Windows XP system, in official and some existing implementations, the interface compiling and authentication functions are implemented by using the Gina calling MFC, and the cross-platform requirements of the system are not met, so that the problem of the adaptation of the Gina and the Qt is solved under the Windows XP system. The verification proves that the MinGW compiler cannot be adapted to Gina, so the MSVC compiler and Qt are selected for joint compilation, and the virtual studio 2015 and later versions have poor adaptability to the Windows XP system, so the MSVC2013 version is selected as the version of the MSVC compiler. And adjusting the Qt default library loading path to solve the problem of library shortage.
The invention captures the authentication action by modifying the function entry in the system library, replaces the default behavior of the system, changes the mode of calling the cross-platform security authentication module to realize the authentication process, and acquires the authentication result and logs in the operating system after the authentication is finished.
2) In the Windows7/10 system, interface templates are provided in the confidential Providers provided by the authorities, only a few controls, background pictures and the like can be operated, relatively responsible authentication processes cannot be completed, and interface tools such as MFCs and Qts cannot be used for joint development, so that the problem of large cross-platform is brought.
In the invention, the authentication action is captured by modifying the system function entry, the sub-process is subsequently used, and the sub-process calls the cross-platform security authentication module to adapt to the cross-platform authentication process. When the system authentication starts, a sub-process is newly established, the current system authentication process is locked, the authentication logic is executed, the authentication result is returned through the process return value, and then the system authentication process is continuously executed.
3) In a Linux system, a LightDM technology is used, qt development is supported, an authentication process is completed by calling a cross-platform security authentication module, and then interaction with an operating system is performed through a LightDM/Gretter class.
4) The communication function in the cross-platform security authentication module uses the customized TCP module, the TCP protocol is customized inside, a caller does not need to know the internal implementation principle of a socket, only needs to input the message type and the data body, and can communicate with the authentication server, the development work of the authentication process is greatly simplified, and the customized TCP module is added with TCP sticky package processing, MTU subpackage design is adopted, the communication stability and efficiency are improved, the cross-platform security authentication module uses winsocket in a Windows system to implement, and uses BSD socket in a Linux system to implement.
5) The cross-platform security authentication module uses two login technologies, and can selectively use a self-research login process, an operating system self-login process or both the self-research login process and the operating system self-login process through interface parameters, so that the system security is further improved. Meanwhile, a system administrator can automatically use a login process of the operating system when the cross-platform security authentication module cannot be connected to a fingerprint instrument or an authentication server by changing the configuration, so that a user can be ensured to safely log in the operating system, and the problem that the system cannot enter the conventional similar system due to equipment problems or server disconnection and other reasons is solved.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (10)
1. A cross-platform system secure login authentication system, comprising:
the platform adaptation module is deployed according to different operating systems and only processes interaction with the operating systems;
a cross-platform security authentication module which is developed by using Qt and used for displaying a login interface and processing an authentication process;
and the authentication server is used for communicating with the cross-platform security authentication module and verifying the login validity.
2. The system of claim 1, wherein operations related to the operating system are implemented in the platform adaptation module, which only calls an interface of the cross-platform security authentication module, obtains authentication results, logs into the system if successful, and re-calls the cross-platform security authentication module if unsuccessful.
3. The system of claim 2, wherein the cross-platform security authentication module is developed using a cross-platform interface library Qt, has cross-platform capabilities, and once invoked, opens an event loop, synchronously invokes authentication logic, and returns after authentication is completed, and further has TCP communication capabilities, and is connectable to an authentication server, encrypts user input information and sends it to a server to assist in completing an authentication process.
4. The system of claim 3, wherein the authentication server is deployed at a remote end or locally, communicates with the cross-platform security authentication module through a TCP protocol, compares information to be verified with contents in the database for verification, and returns result information to the cross-platform security authentication module to assist the cross-platform security authentication module in completing identity authentication.
5. The system of claim 4, wherein the system installation is deployed on Windows XP/7/10, kylin, midbid kylin, or inux system;
in a Windwos XP system, the platform adaptation module uses a GINA technology to rewrite a system login function, circularly calls a cross-platform security authentication module, obtains an authentication result and tries to log in the system;
in a Windwos 7/10 system, the platform adaptation module uses a credentialProviders technology, circularly calls a cross-platform security authentication module in a sub-process mode, waits for the process to be finished, obtains an authentication result and tries to log in the system;
on the system of the Galaxy kylin, the winning kylin or the Linux, the platform adaptation module uses the LightDM technology, can directly and circularly call the platform security authentication module, obtains the authentication result and tries to log in the system.
6. The system of claim 5, wherein the cross-platform security authentication module is capable of formatting content input by the user in the human-computer interaction interface according to a TCP authentication protocol and sending the formatted content to the authentication server.
7. The system of claim 6, wherein under a Windows XP system, the cross-platform security authentication module selects an MSVC compiler to perform joint compilation with Qt, selects an MSVC2013 version as the version of the MSVC compiler, and further adjusts a Qt default library loading path to solve the problem of library shortage.
8. The system of claim 7, wherein in the Windows7/10 system, the authentication action is captured by modifying the system function entry, the sub-process is started, the sub-process calls the cross-platform security authentication module to adapt to the cross-platform authentication process, when the system authentication starts, a sub-process is newly established, the current system authentication process is locked, the authentication logic is executed, the authentication result is returned by the process return value, and then the system authentication process is continuously executed;
in the Linux system, a LightDM technology is used, an authentication process is completed by calling a cross-platform security authentication module, and then interaction with an operating system is carried out through LightDM/Gretter types.
9. The system of claim 8, wherein the communication function in the cross-platform security authentication module uses a customized TCP module, the TCP protocol is customized inside the customized TCP module, the message type and the data body are input, and the customized TCP module is designed with a TCP sticky packet process and an MTU packet design; the cross-platform security authentication module is realized by using a winsocket in a Windows system and a BSD socket in a Linux system.
10. A method of designing a system as claimed in any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211175173.8A CN115529177A (en) | 2022-09-26 | 2022-09-26 | Cross-platform system security login authentication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211175173.8A CN115529177A (en) | 2022-09-26 | 2022-09-26 | Cross-platform system security login authentication system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115529177A true CN115529177A (en) | 2022-12-27 |
Family
ID=84700230
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211175173.8A Pending CN115529177A (en) | 2022-09-26 | 2022-09-26 | Cross-platform system security login authentication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115529177A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109063457A (en) * | 2018-06-22 | 2018-12-21 | 杭州才云科技有限公司 | The cross-platform login unified certification interconnection method of one kind, storage medium, electronic equipment |
| CN110247901A (en) * | 2019-05-29 | 2019-09-17 | 苏宁云计算有限公司 | The cross-platform method for exempting from close sign-on access, system and equipment |
| US20200184545A1 (en) * | 2018-12-05 | 2020-06-11 | Zebra Technologies Corporation | MULTI-VENDOR CROSS-PLATFORM SYSTEMS AND METHODS FOR IMPLEMENTING CROSS-PLATFORM INTERACTIVE GUIDED INTERFACES (GUIs) |
| CN112491881A (en) * | 2020-11-26 | 2021-03-12 | 中国人寿保险股份有限公司 | Cross-platform single sign-on method, system, electronic equipment and storage medium |
-
2022
- 2022-09-26 CN CN202211175173.8A patent/CN115529177A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109063457A (en) * | 2018-06-22 | 2018-12-21 | 杭州才云科技有限公司 | The cross-platform login unified certification interconnection method of one kind, storage medium, electronic equipment |
| US20200184545A1 (en) * | 2018-12-05 | 2020-06-11 | Zebra Technologies Corporation | MULTI-VENDOR CROSS-PLATFORM SYSTEMS AND METHODS FOR IMPLEMENTING CROSS-PLATFORM INTERACTIVE GUIDED INTERFACES (GUIs) |
| CN110247901A (en) * | 2019-05-29 | 2019-09-17 | 苏宁云计算有限公司 | The cross-platform method for exempting from close sign-on access, system and equipment |
| CN112491881A (en) * | 2020-11-26 | 2021-03-12 | 中国人寿保险股份有限公司 | Cross-platform single sign-on method, system, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112769834B (en) | Identity verification system, method and platform | |
| US20140359301A1 (en) | Uniform modular framework for a host computer system | |
| CN103810008B (en) | Plug-in loading method and system | |
| CN112491948B (en) | Non-invasive monomer application micro-service method, device and computer equipment | |
| WO2021223278A1 (en) | Sim card configuration distribution method and system | |
| CN111918274A (en) | Code number configuration and management method and device, electronic equipment and readable storage medium | |
| CN107704277A (en) | Plug-in loading method and system | |
| CN112416453A (en) | Method for integrating domestic external equipment unified data under trusted environment and storage equipment | |
| US20090319985A1 (en) | Method, system and apparatus for acquiring interface | |
| US7653382B2 (en) | Radiocommunication module executing a main software and a client software comprising several client applications | |
| CN115529177A (en) | Cross-platform system security login authentication system | |
| US8533736B2 (en) | System and method for adding local resources for use by a mobile agent object | |
| CN116340956A (en) | Trusted protection optimization method and device for electric embedded terminal equipment | |
| CN113672264B (en) | System upgrading method and device of embedded universal integrated circuit card and electronic equipment | |
| CN106940655B (en) | Method and terminal for integrating virtual machines based on trusted execution environment | |
| CN115794372A (en) | Method and system for communication between cross-language application systems | |
| CN114172743A (en) | Safety authentication system and method for medical insurance terminal | |
| CN112804676A (en) | Autonomous number issuing method and system based on eSIM M2M | |
| CN111752627A (en) | External device mounting method and system for virtual machine in cloud environment | |
| CN111399824A (en) | Component port implementation method and terminal based on hybrid transmission mechanism | |
| CN110286933A (en) | A kind of cross-system serial ports upgrade method | |
| CN110489134A (en) | A kind of dispositions method and system of PXE server and High-Performance Computing Cluster environment | |
| CN116546062A (en) | Cloud mobile phone control method and device, cloud server and storage medium | |
| CN114915961B (en) | Data communication method and device and Internet of things equipment | |
| CN110912896B (en) | Non-invasive HTTP interface security policy injection method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |