CN116980209A - User authentication method, device, electronic equipment and storage medium - Google Patents
User authentication method, device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN116980209A CN116980209A CN202310955486.3A CN202310955486A CN116980209A CN 116980209 A CN116980209 A CN 116980209A CN 202310955486 A CN202310955486 A CN 202310955486A CN 116980209 A CN116980209 A CN 116980209A
- Authority
- CN
- China
- Prior art keywords
- access token
- information
- verification
- verification information
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 71
- 238000012795 verification Methods 0.000 claims abstract description 345
- 230000004044 response Effects 0.000 claims abstract description 24
- 238000004422 calculation algorithm Methods 0.000 claims description 42
- 238000004364 calculation method Methods 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 12
- 239000004973 liquid crystal related substance Substances 0.000 claims description 5
- 238000004891 communication Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 9
- 238000012545 processing Methods 0.000 description 6
- 230000009471 action Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000001960 triggered effect Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 235000014510 cooky Nutrition 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/108—Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
The present disclosure relates to a user authentication method, and more particularly to a user authentication device, an electronic device, and a storage medium. The specific implementation scheme is as follows: generating first authentication information in response to a user authentication request; generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to a user side, wherein the user side is configured to acquire second verification information which is obtained according to user input operation and corresponds to the first verification information, and send the first access token as a second access token and the second verification information to a server side; responding to the second access token and the second verification information, verifying the second access token according to the first access token, and verifying the second verification information according to the first verification information; and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
Description
Technical Field
The disclosure relates to the field of communication technologies, and in particular, to a user authentication method, a device, an electronic device and a storage medium.
Background
At present, people use electronic equipment such as mobile phones and computers to perform various activities, and user authentication is often required through a user side in links such as user registration, operation authentication and the like. The user authentication is performed mainly by sending authentication information to the user terminal, receiving input authentication information input by the user of the user terminal, and performing user authentication according to the authentication information and the input authentication information. By adopting the mode, the verification mode is single, the security of the verification information is low, and the verification information is easy to tamper or forge through a machine, so that the accuracy of user verification is low.
Disclosure of Invention
The present disclosure provides a method, an apparatus, and an electronic device for detecting an interruption anomaly of an operating system for solving at least one of the above technical problems.
According to an aspect of the present disclosure, there is provided a user authentication method, applied to a server, the method including:
generating first verification information in response to a user verification request, wherein the user verification request is generated and sent by a user side;
generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to the user side, wherein the user side is configured to respond to the first verification information, acquire second verification information which is obtained according to user input operation and corresponds to the first verification information, and send the first access token as a second access token, and the second verification information to the server side;
Verifying the second access token according to the first access token and verifying the second verification information according to the first verification information in response to the second access token and the second verification information;
and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
According to another aspect of the present disclosure, there is provided a user authentication method, applied to a user terminal, the method including:
generating a user verification request and sending the user verification request to a server, wherein the server is configured to: generating first verification information in response to the user verification request, generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to the user side;
responding to the first verification information, and acquiring second verification information which is obtained according to user input operation and corresponds to the first verification information;
the first access token is used as a second access token, and the second verification information is sent to the server;
wherein the server is further configured to: verifying the second access token according to the first access token and verifying the second verification information according to the first verification information in response to the second access token and the second verification information; and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
According to another aspect of the present disclosure, there is provided a user authentication apparatus, the apparatus comprising:
the first generation module is used for responding to a user authentication request and generating first authentication information, wherein the user authentication request is generated and sent by a user side;
the first sending module is used for generating a corresponding first access token according to the first verification information and sending the first verification information and the first access token to the user side, wherein the user side is configured to respond to the first verification information, acquire second verification information which is obtained according to user input operation and corresponds to the first verification information, and send the first access token as a second access token and the second verification information to the server side;
a first verification module, configured to respond to the second access token and the second verification information, verify the second access token according to the first access token, and verify the second verification information according to the first verification information;
and the first determining module is used for determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
According to another aspect of the present disclosure, there is provided a user authentication apparatus, the apparatus comprising:
the second generating module is configured to generate a user authentication request and send the user authentication request to the server, where the server is configured to: generating first verification information in response to the user verification request, generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to the user side;
the second acquisition module is used for responding to the first verification information and acquiring second verification information which is obtained according to user input operation and corresponds to the first verification information;
the second sending module is used for sending the first access token as a second access token and the second verification information to the server;
wherein the server is further configured to: verifying the second access token according to the first access token and verifying the second verification information according to the first verification information in response to the second access token and the second verification information; and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
According to another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method described above.
According to another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method according to the above.
According to another aspect of the present disclosure, there is provided a computer program product comprising a computer program which, when executed by a processor, implements a method according to the above.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.
Drawings
The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
Fig. 1 is a flowchart of a user authentication method according to a first embodiment of the present disclosure;
fig. 2 is a flowchart of a user authentication method according to a second embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of a user authentication device according to a third embodiment of the present disclosure;
fig. 4 is a schematic structural view of a user authentication device according to a fourth embodiment of the present disclosure;
fig. 5 is a block diagram of an electronic device used to implement the methods of embodiments of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Embodiments of the disclosure and features of embodiments may be combined with each other without conflict.
As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used herein, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and the present disclosure, and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
The User authentication method according to the present disclosure may be performed by an electronic device such as a terminal device or a server, the terminal device may be a vehicle-mounted device, a User Equipment (UE), a mobile device, a User terminal, a cellular phone, a cordless phone, a personal digital assistant (Personal Digital Assistant, PDA), a handheld device, a computing device, a vehicle-mounted device, a wearable device, etc., and the method may be implemented by a processor invoking computer readable program instructions stored in a memory. Alternatively, the user authentication method provided by the present disclosure may be performed by a server.
In disclosing the first embodiment, referring to fig. 1, fig. 1 shows a schematic flow chart of a user authentication method provided in the first embodiment of the present disclosure. The method can be applied to a server, and the server is any server which provides communication service and performs service management. The method comprises the following steps:
s101, generating first verification information in response to a user verification request.
The user authentication request is generated and sent by the user through the user side. For example: in a scenario that a user registers an account through a client application program of the user side and triggers a user authentication process, the user side generates a user authentication request according to user information and sends the user authentication request to the server side, and the server side is requested to perform user authentication.
S102, generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to the user side.
The user side receives the first verification information and the first access token, and is configured to respond to the first verification information, acquire second verification information which is obtained according to user input operation and corresponds to the first verification information, take the first access token as a second access token and send the second access token and the second verification information to the server side.
After receiving the first verification information, the user side displays the first verification information to the user stewed by the user, and the user performs user input operation according to the first verification information to input second verification information corresponding to the first verification information, so that the user side can obtain the second verification information according to the input operation.
Wherein the first authentication information/second authentication information may specifically include any one of the following: graphic verification codes, verification digital codes, verification action information and the like; accordingly, the user input operation includes any one of the following: an image verification code input operation, a verification digital code input operation, a verification action execution operation, and the like.
S103, responding to the second access token and the second verification information, verifying the second access token according to the first access token, and verifying the second verification information according to the first verification information.
S104, determining a user verification result corresponding to the user verification request according to the verification result of the second access token and the verification result of the second verification information.
The first verification information and the second verification information are corresponding relations, and the first verification information represents original verification information generated by a server side; the second verification information represents verification information which is input by a user of the user terminal through user input operation according to the first verification information and corresponds to the first verification information; in the case that the user authentication passes, the first authentication information and the second authentication information are identical.
The first access token or the second access token is a corresponding relation, the first access token represents an original access token generated by the server, the user side receives the first access token and returns the first access token to the server, the returned first access token is called a second access token, and under normal conditions (for example, the first access token is not tampered and is completely transmitted), the first access token is consistent with the second access token.
The first access Token or the second access Token is collectively called an access Token (Token), and the access Token is used for allowing the user side to access a service side interface (API) based on a verification mode of the Token (Token). The user side needs to carry an access token to access the server side API, and the server side API checks whether a title (scope) field in the access token (second access token) contains a specific permission item through the interceptor to determine whether to return information. The access token (including the first access token and the second access token) may include multiple types, such as: a fuzzy access token (Opaque Access Token), which is a string of random character strings from which no information can be obtained, and the user side needs to send the fuzzy access token to the server side for analysis by the server side; JAVA object numbered Web access Token (JSON Web Token, JWT) is tamper-proof by following the JWT standard, and the JWT contains contents such as a main body, audience, authority, issuance time, expiration time, user information field, and the like, and has a signature.
The verification principle of the user verification method provided by the disclosure is as follows: generating a first access token according to the first authentication information and sending the first access token to the user side, and performing double authentication according to second authentication information returned by the user side and the second access token, wherein under the condition that both the authentication information and the access token pass the authentication, the user authentication is determined to pass, so that the reliability of the user authentication is improved, and the access token is difficult to tamper compared with the authentication information, so that the authentication result is more accurate; and the first verification information and the first access token are sent to the user side together, if the second verification information and the second access token returned by the user side are both the same as the first verification information and the first access token sent to the user side, the user side returning the second verification information can be determined, the user side triggering the user verification request to obtain the first verification information is triggered to be consistent, and the user identity can be determined in this way without consuming additional database resources to store the corresponding relation between the first verification information and the user side.
Wherein, after S102, before S103, the method further comprises:
the method comprises the following substeps: the first access token is saved to the cache.
Based on the first substep, S103 specifically includes:
and responding to the second access token and the second verification information, receiving the cache, acquiring the first access token from the cache, and verifying the second access token according to the first access token.
In the related art, the user authentication mainly adopts the following procedures: the user terminal sends a user verification request to the server terminal; the server generates verification information and sends the verification information to the user terminal, and invokes a database to store the corresponding relation between the verification information and the user of the user terminal; the user side responds to the verification information, and after acquiring the input verification information according to the user input operation, the user side sends the input verification information to the server side; the server receives the input verification information, invokes the database to acquire the corresponding verification information according to the corresponding relation between the stored verification information and the user of the user terminal, and then performs user verification according to the verification information and the input verification information.
By adopting the mode, the whole verification process needs to call the server side, the user side and the database for interaction, the interaction link is long, and additional database resources are consumed to store the corresponding relation between the verification code and the user of the user side. In order to solve the above-mentioned problem, in the present disclosure, according to the first substep, after the first access token is generated in S102, the first access token is stored in a cache (cookie), where the cache may be a cache of a front-end application program stored in a server-side communication connection, and the front-end application program generates a front-end application program of a user authentication interface, for example, if a user logs in a website using a mobile terminal or a browser application program installed on a computer, and triggers the user authentication interface of the website, the front-end application program is a browser application program, and the cache is a cache of the browser application program; if the user logs in the client application program and triggers the user authentication interface of the client application program, the front-end application program is the client application program, which is not limited herein. The server side transmits the first access token to the cache, and when the front-end application program calls the interface of the server side to transmit the second access token and the second verification information, the cache is also transmitted to the server side, so that the server side can acquire the first access token from the cache. In this way, the server can directly obtain the first access token through the cache without calling the database to store the corresponding relation between the first verification information and the user and without storing the first access token, and verify the consistency of the first access token and the second access token, so that whether the verification code belongs to the corresponding user can be determined, the calling chain is simplified, and the consumption of extra database resources is avoided.
In some examples, in S102, after generating the corresponding first access token according to the first authentication information and before sending the first authentication information and the first access token to the user side, the method provided by the present disclosure further includes:
step A: and encrypting the first access token according to a preset encryption algorithm.
Based on the foregoing, in response to the second access token and the second authentication information, before authenticating the second access token according to the first access token in S103, the method further includes:
and (B) step (B): and decrypting the second access token according to a decryption algorithm corresponding to the preset encryption algorithm.
The preset encryption algorithm comprises the following steps: any of a symmetric encryption (DES) algorithm, an Advanced Encryption Standard (AES) algorithm. Correspondingly, the decryption algorithm corresponding to the preset encryption algorithm comprises a decryption algorithm of the DES algorithm and a decryption algorithm of the AES algorithm.
Taking an encryption algorithm as an AES algorithm as an example, the step a specifically includes: according to the AES encryption algorithm, the first access token is encrypted by an AES encryption function using the generated key.
Correspondingly, the step B specifically comprises the following steps: and decrypting the second access token by using the key according to an AES decryption algorithm through an AES decryption function to obtain the first authentication information carried in the second access token, the user information carried by the user authentication request, the preset authentication effective time and other information.
The first access token is encrypted when being generated, and the encrypted first access token is sent to the user side and stored in a cache; after receiving a second access token (namely an original first access token) returned by the user side, decrypting the second access token by adopting a decryption algorithm corresponding to a pre-agreed encryption algorithm to obtain a decrypted second access token, acquiring the first access token stored in a cache, and verifying the consistency of the first access token and the second access token.
According to S102, in some examples, generating a corresponding first access token according to the first authentication information in S102 specifically includes:
step one: hash calculation is carried out according to the first verification information, the user information carried by the user verification request and the preset verification effective time, and summary information is generated.
Step two: and calculating to obtain signature information according to the abstract information and the generated private key.
Step three: and carrying the signature information in the first access token to obtain a final first access token.
The first access token carries first verification information, user information carried by a user verification request and preset verification valid time, and correspondingly, the second access token carries the first verification information, the user information carried by the user verification request and the preset verification valid time, so that the corresponding relation between the first verification information and the user information can be obtained from the information carried by the second access token.
The verification effective time can be set according to the requirement, for example, 60 seconds, and the timeliness of the second verification information can be ensured by setting the verification effective time, so that the security of the second verification information is further ensured.
Wherein the hash calculation is performed according to a pre-agreed hash algorithm, such as a secure hash (MD 5) algorithm, a first cryptographic hash function (SHA 1) algorithm, a second cryptographic hash function (SHA 256), etc. Before hash calculation, a pair of private key and public key are generated, signature information is generated by using the private key, and the public key is stored. Correspondingly, signature information verification is carried out subsequently, and the same hash algorithm as that used in the first step is adopted for verification.
In some examples, authenticating the second access token according to the first access token in S103 specifically includes:
step one A: and verifying the consistency of the second access token and the first access token according to the first access token.
If the first access token is consistent with the second access token (i.e. the user side returns to the server side after receiving the first access token, the first access token returned by the user side is called the second access token), the first access token is not tampered, and whether the user identity is correct or not can be determined according to the consistency of the second access token and the first access token.
Specifically, based on the step one-step three of S102, the step one a of S103 includes:
the method comprises the following substeps: and decrypting the signature information carried by the second access token according to the public key corresponding to the private key to obtain abstract information.
Sub-step two: performing hash calculation on the second access token to generate new abstract information;
and a sub-step three: and verifying the consistency of the summary information and the new summary information according to the summary information, and determining the consistency of the second access token and the first access token according to the verification result.
Wherein the hash calculation is performed according to a hash algorithm agreed in advance, and the hash algorithm used is the same as the hash algorithm used in step one of S102, i.e., the same as the hash algorithm used when generating digest information of the first access token, for example, a secure hash (MD 5) algorithm, a first cryptographic hash function (SHA 1) algorithm, a second cryptographic hash function (SHA 256), and the like. If the first access token is not tampered, the digest information calculated by the second access token consistent with the first access token according to the same hash algorithm should be the same as the original digest information of the first access token.
In some examples, verifying the second verification information according to the first verification information in S103 specifically includes:
Step one B: and verifying the consistency of the first verification information and the second verification information according to the first verification information.
If the first authentication information is identical with the second authentication information (i.e., the second authentication information obtained according to the user input operation after the user terminal receives the first authentication information), it means that the user at the user terminal correctly recognizes the first authentication information and correctly inputs the first authentication information, so that it can be determined that the user is a natural human being rather than a robot, and further forgery of the authentication information is prevented.
In some examples, step one B of S103 includes:
the method comprises the following substeps: the first time period is determined based on the time of sending the first authentication information and the time of receiving the second authentication information.
Sub-step two: and determining whether the second verification information is valid or not according to the first duration and the preset verification valid time.
The first duration is an interval duration between sending the first verification information to receiving the second verification information input by the user and obtained according to the first verification information, and the preset verification valid time can be obtained through the step one-step three of S102. The first access token/the second access token carries first verification information, user information carried by a user verification request and preset verification valid time, and after the server receives the second access token, the server can acquire the preset verification valid time from the second access token so as to verify the timeliness of the second verification information and further guarantee the security of the second verification information.
In some examples, S103 specifically includes:
step one: and responsive to the second access token and the second authentication information, authenticating the second access token in accordance with the first access token.
Step two: and under the condition that the verification result of the second access token is that the verification is passed, verifying the second access token according to the first access token.
In some examples, the authentication corresponding to the second access token and the authentication of the second authentication information may set the same priority, and the authentication execution sequence of the two may be in no sequence, so as to ensure the integrity of the authentication; in other examples, the authentication priority of the second access token may be higher than that of the second authentication information, the second access token is authenticated first, and the second authentication information is authenticated again under the condition that the authentication is passed, and if the authentication is not passed, the second authentication information is not required to be authenticated, so that the system calculation amount can be reduced, and the system resource can be saved.
In S104, the verification result of the second access token is a result of verifying the consistency of the first access token and the second access token according to step a of S103, and if the first access token and the second access token are consistent, the verification result of the second access token is verification passing; the verification result of the second verification information is a result of verifying the consistency of the first verification information and the second verification information according to the step B of the step S103, and if the first verification information is consistent with the second verification information, the verification result of the second verification information is verification passing; under the condition that both verification results are verification passing, determining that the user verification result is user verification passing; in the case that either one of the two authentication results is that authentication is not passed, it is determined that the user authentication result is that the user authentication failed.
According to the method provided by the disclosure, the first access token is generated according to the first authentication information and is sent to the user side, double authentication is carried out according to the second authentication information returned by the user side and the second access token, and under the condition that both the authentication information and the access token pass the authentication, the user authentication is determined to pass, so that the reliability of the user authentication is improved, and the access token is difficult to tamper compared with the authentication information, so that the authentication result is more accurate; and the first verification information and the first access token are sent to the user side together, if the second verification information and the second access token returned by the user side are both the same as the first verification information and the first access token sent to the user side, the user side returning the second verification information can be determined, the user side triggering the user verification request to obtain the first verification information is triggered to be consistent, and the user identity can be determined in this way without consuming additional database resources to store the corresponding relation between the first verification information and the user side; further, the first access token is stored in the cache, the cache is transmitted to the server when the server interface is called each time, the server acquires the first access token from the cache to carry out consistency authentication on the second access token, and the server does not need to store the first access token and call the database to store the corresponding relation between the first verification information and the user in the process, so that on one hand, a call chain is simplified, and on the other hand, additional database resources are avoided being consumed.
In the disclosure of the second embodiment, referring to fig. 2, fig. 2 shows a flow chart of a User authentication method provided in the second embodiment of the disclosure, where the method may be applied to a User Equipment (UE), and the User Equipment may be a smart phone, a computer, or the like, but is not limited thereto. The method comprises the following steps:
s201, generating a user verification request and sending the user verification request to a server.
For example: in a scenario that a user registers an account through a client application program of the user side and triggers a user authentication process, the user side generates a user authentication request according to user information and sends the user authentication request to the server side, and the server side is requested to perform user authentication.
The server side is configured as follows: and responding to the user authentication request, generating first authentication information, generating a corresponding first access token according to the first authentication information, and sending the first authentication information and the first access token to the user side.
S202, responding to the first verification information, and acquiring second verification information corresponding to the first verification information, wherein the second verification information is obtained according to user input operation.
The user side receives the first verification information and the first access token, and is configured to respond to the first verification information, acquire second verification information which is obtained according to user input operation and corresponds to the first verification information, take the first access token as a second access token and send the second access token and the second verification information to the server side.
After receiving the first verification information, the user side displays the first verification information to the user stewed by the user, and the user performs user input operation according to the first verification information to input second verification information corresponding to the first verification information, so that the user side can obtain the second verification information according to the input operation.
Wherein the first authentication information/second authentication information may specifically include any one of the following: graphic verification codes, verification digital codes, verification action information and the like; accordingly, the user input operation includes any one of the following: an image verification code input operation, a verification digital code input operation, a verification action execution operation, and the like.
S203, the first access token is used as a second access token, and second verification information is sent to the server.
Wherein the server is further configured to: responding to the second access token and the second verification information, verifying the second access token according to the first access token, and verifying the second verification information according to the first verification information; and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
The first verification information and the second verification information are corresponding relations, and the first verification information represents original verification information generated by a server side; the second verification information represents verification information which is input by a user of the user terminal through user input operation according to the first verification information and corresponds to the first verification information; in the case that the user authentication passes, the first authentication information and the second authentication information are identical.
The first access token or the second access token is a corresponding relation, the first access token represents an original access token generated by the server, the user side receives the first access token and returns the first access token to the server, the returned first access token is called a second access token, and under normal conditions (for example, the first access token is not tampered and is completely transmitted), the first access token is consistent with the second access token.
The first access Token or the second access Token is collectively called an access Token (Token), and the access Token is used for allowing the user side to access a service side interface (API) based on a verification mode of the Token (Token). The user side needs to carry an access token to access the server side API, and the server side API checks whether a title (scope) field in the access token (second access token) contains a specific permission item through the interceptor to determine whether to return information. The access token (including the first access token and the second access token) may include multiple types, such as: a fuzzy access token (Opaque Access Token), which is a string of random character strings from which no information can be obtained, and the user side needs to send the fuzzy access token to the server side for analysis by the server side; JAVA object numbered Web access Token (JSON Web Token, JWT) is tamper-proof by following the JWT standard, and the JWT contains contents such as a main body, audience, authority, issuance time, expiration time, user information field, and the like, and has a signature.
The verification principle of the user verification method provided by the disclosure is as follows: generating a first access token according to the first authentication information and sending the first access token to the user side, and performing double authentication according to second authentication information returned by the user side and the second access token, wherein under the condition that both the authentication information and the access token pass the authentication, the user authentication is determined to pass, so that the reliability of the user authentication is improved, and the access token is difficult to tamper compared with the authentication information, so that the authentication result is more accurate; and the first verification information and the first access token are sent to the user side together, if the second verification information and the second access token returned by the user side are both the same as the first verification information and the first access token sent to the user side, the user side returning the second verification information can be determined, the user side triggering the user verification request to obtain the first verification information is triggered to be consistent, and the user identity can be determined in this way without consuming additional database resources to store the corresponding relation between the first verification information and the user side.
In disclosing a third embodiment, based on the same principle as fig. 1, fig. 3 shows a user authentication device 30 provided in the third embodiment of the present disclosure, the device comprising:
A first generation module 301, configured to generate first authentication information in response to a user authentication request, where the user authentication request is generated and sent by a user terminal;
the first sending module 302 is configured to generate a corresponding first access token according to the first authentication information, and send the first authentication information and the first access token to the user side, where the user side is configured to obtain second authentication information corresponding to the first authentication information, which is obtained according to a user input operation, in response to the first authentication information, and send the first access token as a second access token, and the second authentication information to the server side;
a first verification module 303, configured to respond to the second access token and the second verification information, verify the second access token according to the first access token, and verify the second verification information according to the first verification information;
the first determining module 304 is configured to determine a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
In some examples, the first generation module is specifically to:
hash calculation is carried out according to the first verification information, the user information carried by the user verification request and the preset verification effective time, so that abstract information is generated;
Calculating to obtain signature information according to the abstract information and the generated private key;
and carrying the signature information in the first access token to obtain a final first access token.
In some examples, the first verification module includes:
and the consistency verification sub-module is used for verifying the consistency of the second access token and the first access token according to the first access token.
In some examples, the consistency verification submodule is specifically configured to:
decrypting the signature information carried by the second access token according to the public key corresponding to the private key to obtain abstract information;
performing hash calculation on the second access token to generate new abstract information;
and verifying the consistency of the summary information and the new summary information according to the summary information, and determining the consistency of the second access token and the first access token according to the verification result.
In some examples, the first verification module includes:
and the verification information verification sub-module is used for verifying the consistency of the first verification information and the second verification information according to the first verification information.
In some examples, the verification information submodule is to:
determining a first time length according to the time of sending the first verification information and the time of receiving the second verification information;
And determining whether the second verification information is valid or not according to the first duration and the preset verification valid time.
In some examples, the apparatus further comprises:
and the encryption module is used for encrypting the first access token according to a preset encryption algorithm.
And the decryption module is used for decrypting the second access token according to a decryption algorithm corresponding to the preset encryption algorithm.
The preset encryption algorithm comprises the following steps: any one of a symmetric encryption algorithm and an advanced encryption standard algorithm.
In some examples, the apparatus further comprises:
the cache module is used for storing the first access token into a cache;
the first verification module is specifically configured to:
and responding to the second access token and the second verification information, receiving the cache, acquiring the first access token from the cache, and verifying the second access token according to the first access token.
In some examples, the first verification module is specifically to:
verifying the second access token according to the first access token in response to the second access token and the second verification information;
and under the condition that the verification result of the second access token is that the verification is passed, verifying the second access token according to the first access token.
In disclosing a third embodiment, based on the same principle as fig. 2, fig. 4 shows a user authentication device 40 provided in the third embodiment of the present disclosure, the device comprising:
the second generating module 401 is configured to generate a user authentication request, send the user authentication request to a server, and configure the server to: generating first verification information in response to a user verification request, generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to a user side;
a second obtaining module 402, configured to obtain second verification information corresponding to the first verification information, where the second verification information is obtained according to a user input operation, in response to the first verification information;
a second sending module 403, configured to send the first access token as a second access token and second verification information to the server;
wherein the server is further configured to: responding to the second access token and the second verification information, verifying the second access token according to the first access token, and verifying the second verification information according to the first verification information; and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
In the technical scheme of the disclosure, the acquisition, storage, application and the like of the related user personal information all conform to the regulations of related laws and regulations, and the public sequence is not violated.
According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.
Fig. 5 illustrates a schematic block diagram of an example electronic device 500 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 5, the apparatus 500 includes a computing unit 501 that can perform various suitable actions and processes according to a computer program stored in a Read Only Memory (ROM) 502 or a computer program loaded from a storage unit 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data required for the operation of the device 500 can also be stored. The computing unit 501, ROM 502, and RAM 503 are connected to each other by a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
Various components in the device 500 are connected to the I/O interface 505, including: an input unit 506 such as a keyboard, a mouse, etc.; an output unit 507 such as various types of displays, speakers, and the like; a storage unit 508 such as a magnetic disk, an optical disk, or the like; and a communication unit 509 such as a network card, modem, wireless communication transceiver, etc. The communication unit 509 allows the device 500 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The computing unit 501 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 501 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The computing unit 501 performs the respective methods and processes described above, such as a user authentication method. For example, in some embodiments, the user authentication method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 508. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device 500 via the ROM 502 and/or the communication unit 509. When the computer program is loaded into RAM 503 and executed by computing unit 501, one or more steps of the user authentication method described above may be performed. Alternatively, in other embodiments, the computing unit 501 may be configured as a user authentication method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the internet.
The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server may be a cloud server, a server of a distributed system, or a server incorporating a blockchain.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel, sequentially, or in a different order, provided that the desired results of the disclosed aspects are achieved, and are not limited herein.
The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.
Claims (20)
1. A user authentication method, applied to a server, the method comprising:
generating first verification information in response to a user verification request, wherein the user verification request is generated and sent by a user side;
generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to the user side, wherein the user side is configured to respond to the first verification information, acquire second verification information which is obtained according to user input operation and corresponds to the first verification information, and send the first access token as a second access token, and the second verification information to the server side;
Verifying the second access token according to the first access token and verifying the second verification information according to the first verification information in response to the second access token and the second verification information;
and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
2. The method of claim 1, wherein the generating the corresponding first access token from the first authentication information comprises:
hash calculation is carried out according to the first verification information, the user information carried by the user verification request and the preset verification effective time, so that abstract information is generated;
calculating to obtain signature information according to the abstract information and the generated private key;
and carrying the signature information in the first access token to obtain a final first access token.
3. The method of claim 2, wherein the verifying the second access token from the first access token comprises:
and verifying the consistency of the second access token and the first access token according to the first access token.
4. A method according to claim 3, wherein said verifying the identity of the second access token with the first access token from the first access token comprises:
decrypting signature information carried by the second access token according to a public key corresponding to the private key to obtain the abstract information;
performing hash calculation on the second access token to generate new abstract information;
and verifying the consistency of the summary information and the new summary information according to the summary information, and determining the consistency of the second access token and the first access token according to a verification result.
5. The method according to any one of claims 1-4, wherein said verifying said second verification information according to said first verification information comprises:
and verifying the consistency of the first verification information and the second verification information according to the first verification information.
6. The method of claim 5, wherein the verifying the second authentication information according to the first authentication information after verifying the consistency of the first authentication information and the second authentication information according to the first authentication information, further comprises:
Determining a first time length according to the time of sending the first verification information and the time of receiving the second verification information;
and determining whether the second verification information is valid or not according to the first duration and the preset verification valid time.
7. The method according to any one of claims 1-6, wherein after the generating the corresponding first access token according to the first authentication information and before the transmitting the first authentication information and the first access token to the user side, the method further comprises:
encrypting the first access token according to a preset encryption algorithm;
after said responding to said second access token and said second authentication information, said method further comprises, prior to said authenticating said second access token from said first access token:
and decrypting the second access token according to a decryption algorithm corresponding to a preset encryption algorithm.
8. The method of claim 7, wherein the preset encryption algorithm comprises: any one of a symmetric encryption algorithm and an advanced encryption standard algorithm.
9. The method of any of claims 1-8, wherein the verifying the second access token from the first access token and verifying the second verification information from the first verification information in response to the second access token and the second verification information comprises:
Verifying the second access token according to the first access token in response to the second access token and the second verification information;
and under the condition that the verification result of the second access token is that the verification is passed, verifying the second access token according to the first access token.
10. The method according to any one of claims 1-9, wherein after the generating the corresponding first access token according to the first authentication information and transmitting the first authentication information and the first access token to the user side, the authenticating the second access token according to the first access token in response to the second access token and the second authentication information, and before the authenticating the second authentication information according to the first authentication information, the method further comprises:
storing the first access token into a cache;
the verifying the second access token according to the first access token in response to the second access token and the second verification information comprises:
and responding to the second access token and the second verification information, receiving the cache, acquiring the first access token from the cache, and verifying the second access token according to the first access token.
11. A user authentication method, applied to a user terminal, the method comprising:
generating a user verification request and sending the user verification request to a server, wherein the server is configured to: generating first verification information in response to the user verification request, generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to the user side;
responding to the first verification information, and acquiring second verification information which is obtained according to user input operation and corresponds to the first verification information;
the first access token is used as a second access token, and the second verification information is sent to the server;
wherein the server is further configured to: verifying the second access token according to the first access token and verifying the second verification information according to the first verification information in response to the second access token and the second verification information; and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
12. A user authentication device, the device comprising:
The first generation module is used for responding to a user authentication request and generating first authentication information, wherein the user authentication request is generated and sent by a user side;
the first sending module is used for generating a corresponding first access token according to the first verification information and sending the first verification information and the first access token to the user side, wherein the user side is configured to respond to the first verification information, acquire second verification information which is obtained according to user input operation and corresponds to the first verification information, and send the first access token as a second access token and the second verification information to the server side;
a first verification module, configured to respond to the second access token and the second verification information, verify the second access token according to the first access token, and verify the second verification information according to the first verification information;
and the first determining module is used for determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
13. The apparatus of claim 12, wherein the first generation module is specifically configured to:
hash calculation is carried out according to the first verification information, the user information carried by the user verification request and the preset verification effective time, so that abstract information is generated;
calculating to obtain signature information according to the abstract information and the generated private key;
and carrying the signature information in the first access token to obtain a final first access token.
14. The apparatus of claim 13, wherein the first verification module comprises:
and the consistency verification sub-module is used for verifying the consistency of the second access token and the first access token according to the first access token.
15. The apparatus of claim 14, wherein the consistency verification submodule is specifically configured to:
decrypting signature information carried by the second access token according to a public key corresponding to the private key to obtain the abstract information;
performing hash calculation on the second access token to generate new abstract information;
and verifying the consistency of the summary information and the new summary information according to the summary information, and determining the consistency of the second access token and the first access token according to a verification result.
16. The apparatus according to any one of claims 12-15, wherein the apparatus further comprises:
the cache module is used for storing the first access token into a cache;
the first verification module is specifically configured to:
and responding to the second access token and the second verification information, receiving the cache, acquiring the first access token from the cache, and verifying the second access token according to the first access token.
17. A user authentication device, the device comprising:
the second generating module is configured to generate a user authentication request and send the user authentication request to the server, where the server is configured to: generating first verification information in response to the user verification request, generating a corresponding first access token according to the first verification information, and sending the first verification information and the first access token to the user side;
the second acquisition module is used for responding to the first verification information and acquiring second verification information which is obtained according to user input operation and corresponds to the first verification information;
the second sending module is used for sending the first access token as a second access token and the second verification information to the server;
Wherein the server is further configured to: verifying the second access token according to the first access token and verifying the second verification information according to the first verification information in response to the second access token and the second verification information; and determining a user authentication result corresponding to the user authentication request according to the authentication result of the second access token and the authentication result of the second authentication information.
18. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-10 or to perform the method of claim 11.
19. A non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method of any one of claims 1-10 or to perform the method of claim 11.
20. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of claims 1-10, or implements the method according to claim 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310955486.3A CN116980209A (en) | 2023-07-31 | 2023-07-31 | User authentication method, device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310955486.3A CN116980209A (en) | 2023-07-31 | 2023-07-31 | User authentication method, device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116980209A true CN116980209A (en) | 2023-10-31 |
Family
ID=88476418
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310955486.3A Pending CN116980209A (en) | 2023-07-31 | 2023-07-31 | User authentication method, device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116980209A (en) |
-
2023
- 2023-07-31 CN CN202310955486.3A patent/CN116980209A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111460429B (en) | Task processing method, device, equipment and medium based on trusted execution environment | |
| CN111080295B (en) | Electronic contract processing method and device based on blockchain | |
| US9578004B2 (en) | Authentication of API-based endpoints | |
| CN109995776B (en) | Internet data verification method and system | |
| CN112738253A (en) | Data processing method, device and equipment based on block chain and storage medium | |
| CN112116474A (en) | Electronic contract verification method and device, electronic equipment and storage medium | |
| CN113630412B (en) | Resource downloading method, resource downloading device, electronic equipment and storage medium | |
| CN114363088A (en) | Method and device for requesting data | |
| CN111400743B (en) | Transaction processing method, device, electronic equipment and medium based on blockchain network | |
| US8904508B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
| CN114884714B (en) | Task processing method, device, equipment and storage medium | |
| CN114785583B (en) | Encryption sending and checking method, device, equipment and medium of interface request | |
| CN114036364B (en) | Method, apparatus, device, medium, and system for identifying crawlers | |
| CN114398678A (en) | Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium | |
| CN115391805A (en) | Encrypted data migration method, device, equipment and storage medium | |
| CN115396206A (en) | Message encryption method, message decryption method, device and program product | |
| CN116980209A (en) | User authentication method, device, electronic equipment and storage medium | |
| CN113961911A (en) | Model data sending method, model data integration method and device | |
| CN110659476A (en) | Method and apparatus for resetting password | |
| CN114282237B (en) | Communication method, device, equipment and storage medium | |
| CN114978626B (en) | Trusted computing method, device, equipment and medium based on block chain | |
| CN115543392B (en) | Trusted program upgrading method, device, equipment and storage medium | |
| CN117670341A (en) | Authentication method, device, equipment and storage medium for payment terminal | |
| CN116094835A (en) | Service data encryption method, service data decryption method, device and equipment | |
| CN116226932A (en) | Service data verification method and device, computer medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |