CN1588846A - Dynamic encrypting device in network and its password identification method - Google Patents
Dynamic encrypting device in network and its password identification method Download PDFInfo
- Publication number
- CN1588846A CN1588846A CNA200410074253XA CN200410074253A CN1588846A CN 1588846 A CN1588846 A CN 1588846A CN A200410074253X A CNA200410074253X A CN A200410074253XA CN 200410074253 A CN200410074253 A CN 200410074253A CN 1588846 A CN1588846 A CN 1588846A
- Authority
- CN
- China
- Prior art keywords
- password
- network
- client terminal
- service
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
This invention relates to a dynamic encipheror and its password certification method in a network of data certification field. The device includes a data management device, a service provide device, an internal network, a safety service device, a network safety device, a shared network and a customer end device. The method includes the following steps: The customer end requests for identity certification, a service provide device responds the request to generate initialized data and send it to the customer end which receives the data, checks and downloads the latest edition password input control parts to display its screen, the user inputs the customer identification, clicks a picture region with password character for inputting the password which controller converts the click position to an intermediate value and ciphers it, judges if the input is finished and sends certification data to the service provide device receiving it for certification and returning the result to the customer end which displays the result.
Description
Technical field
The present invention relates to the data authentication technical field in the network, particularly relate to dynamic encrypting device and command identifying method thereof in a kind of network.
Background technology
Command identifying method has static password authentication method and dynamic password authentication method.The password of present static password authentication method is stolen by trojan horse program easily, and is very dangerous.Present dynamic password authentication method all is based on intelligent token, and hard token mode is safe but need sizable hardware device investment, and soft token software of soft token mode and static password may be obtained by trojan horse program equally.
In ecommerce, authenticating user identification is the primary link of system's access control, yet at present the trojan horse program thing of stealing password constantly takes place, and has caused certain economic loss for client and enterprise, and people are more and more worried safety of electrical business.Though used some dynamic command identifying methods at present, but these methods substantially all are based on intelligent token realization, hard token mode is safe but need sizable hardware device investment, and soft token software of soft token mode and static password may be obtained by trojan horse program equally.And this intelligent token mode makes troubles also for client's use, increased the management and the use cost of client and enterprise.The selection that is forced to customer resources appears in enterprise, has limited the expansion of customer resources.
Summary of the invention
Dynamic encrypting device and command identifying method thereof are a kind of identification authentication system and method in a kind of network, and its main purpose is often to steal the problem of user password in order to solve present trojan horse program.The present invention analyzes by the various approach that may steal user password to trojan horse program, adopts a kind of comprehensive method, and the various approach that may steal user password to trojan horse program solve one by one.It prevents the input of trojan horse program monitors physical keyboard by the password input mode of using the soft keyboard pattern, prevents that by using the mode of carrying out dynamic encryption based on random password encrypted instruction string trojan horse program from stealing the password in the internal memory.
Form by data administrator, service generator, internal network, security service device, network security device, public network, client terminal apparatus, internal network is connected to data administrator, service generator, security service device and network security device, and network security device is connected in client terminal apparatus by public network;
Data administrator is used to deposit business data and customer information, and is responsible for the client access management after authentication is passed through;
The service generator is for the client provides access service;
The security service device is for the user provides authentication service;
Network security device is used to protect the safety of Intranet;
Public network, client terminal apparatus connect to the service generator of enterprise by public network;
Client terminal apparatus is the client of network system.
The present invention uses the password input method of soft keyboard pattern, but it is different with general soft keyboard technology, it is realized by special password input control, in the password input process, when the user clicks the picture region that shows character on the password input control, control is converted to the interim median of the shown respective symbols of expression picture with the position of click, and (this interim median is by the algorithm decision of control, and use a password encryption strings of commands at random that it is encrypted rather than the character value of user input).This random password encrypted instruction string produces at random at server end and returns to client, and this random password encrypted instruction string all is different in each authentication.Random password encrypted instruction string can be an encryption key, also can be the instruction sequence that other self-defining password input control can be discerned.Random password encrypted instruction string can dynamically be generated by certificate server, also can deposit a large amount of random password encrypted instruction strings in advance in certificate server, randomly draws use when authenticating at every turn, to improve authentication speed.
Finish the input of each character of password by the control and treatment of a circulation, at last the secret value of each character of password is coupled together the password of forming an encryption.In the password input process and password input be old password can be stored in the internal memory of client after finishing, be encrypted password and be saved in the internal memory.Behind the password of the encryption that the client of receiving the certificate server of enterprise transmits, use the password decryption instructions string deciphering corresponding, compare with the password that leaves in the database again with the password encryption strings of commands.
In addition, the password input control also can regular update, as upgrading in a week, upgraded in one month etc., effectively prevents the decoding of control algorithm.
Description of drawings
Fig. 1 is a dynamic encrypting device structural representation in the network of the present invention.
Fig. 2 is a security service apparatus structure schematic diagram of the present invention.
Fig. 3 is a client terminal apparatus structural representation of the present invention.
Fig. 4 is an authentication method flow chart of the present invention.
Fig. 5 is the interface instance graph of password input control of the present invention.
Embodiment
Among Fig. 1, data administrator 1 can be a PC server or main frame, and the service data base management system is deposited business data and customer information, and as user name, password etc., and the client access of being responsible for after authentication is passed through is managed.
Service generator 2 can be a Web server or the server that access is provided.For the client provides based on http and https protocol service, dynamically generate the Web pagefile, offer client terminal apparatus and client terminal apparatus and carry out alternately.When relating to safe service in the client terminal apparatus 7 beginning access services generators 2, if the user is not also by authentication, service generator 2 just requires authentification of user, obtain a password encryption strings of commands at random from security service device 4, generate the required primary data of authentification of user, send to client terminal apparatus 7, primary data can be a Web pagefile, wherein comprises a password encryption strings of commands and a password input control.
Service generator 2 is given security service device 4 with user authentication data and is authenticated, if security service device 4 return authentications are correct, then provide the user required service to client terminal apparatus 7, if security service device 4 return authentications failure, then serve generator 2 and require the user to authenticate once more, or refusal provides the user required service to client terminal apparatus 7.
Internal network 3 is the local area network (LAN) of enterprise, can be Ethernet (Ethernet), also can be other LAN, as Fiber Distributed Data Interface (FDDI), token ring (Token-Ring) etc.
Security service device 4 is certificate servers, for the user provides authentication service.Generation, the encrypted ones in the user authentication information of being responsible for random password encrypted instruction string and password deciphering string deciphered, obtained user's old password also relatively from data administrator.
It comprises four funtion parts as shown in Figure 2.When serving generator 2 when generating the authentication primary data of giving client terminal apparatus, can ask security service device 4 to provide this user conversation the required password encryption strings of commands.Security service device 4 produces a pair of password encryption strings of commands and password decryption instructions string at random by random password encrypted instruction string and password decryption instructions string generation device 10, the password encryption strings of commands and the password decryption instructions string of being noted this user conversation use by tape deck 11 are right, and the password encryption strings of commands is returned to service generator 2.When service generator 2 hands over security service device 4 to authenticate user's verify data, decryption device 12 in the security service device 4 takes out the password decryption instructions string of this user conversation from tape deck 11, the encrypted ones in the verify data is decrypted.Security service device 4 is obtained user's original password from data administrator 1, the password of original password and decryption device 12 deciphering double ratio is together installed 13 compare, and comparative result is returned to service generator 2.Wherein random password encrypted instruction string and password decryption instructions string generation device 10 can dynamically produce a pair of password encryption strings of commands and password decryption instructions string, and the password encryption strings of commands of each authentication and password decryption instructions string are to being different.For raising speed, also can produce a large amount of password encryption strings of commands and password decryption instructions string in advance to leaving in the security service device 4, during each the authentication, random password encrypted instruction string and 10 need of password decryption instructions string generation device are randomly drawed use.
Network security device 5 is a fire compartment wall, is used to protect the safety of Intranet, prevents that disabled user in the public network is to the visit and the attack of internal network.
Public network 6 can be the Internet (Internet), also can be other extranet (Extranet).Client terminal apparatus connects to the service generator of enterprise by public network.
Client terminal apparatus 7 is clients of network system, can be an individual PC, and browser software is installed, and also can be the device that other can operate browser software, as NC, Windows graphic terminal etc.It has display unit and input unit, and display unit can be a display, and input unit can be keyboard and mouse.It is connected to public network by modulator-demodulator (Modem) or network interface card.
After client terminal apparatus 7 receives primary data, check earlier whether the password input control exists in this device,, then arrive the password input control of serving generator 2 download latest editions if do not have or version is not up-to-date.In display unit, show the authentication picture that offers the user then.
The password input control can be an ActiveX control or Java Applet control, also other control type of supporting by browser, but client terminal apparatus 7 must be equipped with the software of supporting this control type, as for Java Applet control, Java Virtual Machine (VM) should be installed on the client terminal apparatus 7.The password input control has the interface of a soft keyboard, as shown in Figure 4, there is one to show the big picture buttons that all characters concentrated in the password character on the soft keyboard, or has a lot of little picture buttons, each little picture to show the character that the password character is concentrated respectively.The user enters password by the character on the big picture buttons of click or clicks each little picture buttons, the password input control converts the position of click to interim median that a representative of consumer is clicked character, re-use the password encryption strings of commands this median is encrypted, and the input of the password on new password input control progress indicator more.Wait for that then the user imports next password character, by the input of each character in the loop control password, and the encrypted result that will at every turn obtain connects together the password of an encryption of composition.
When the user by the submission authentication event in mouse or the keyboard triggering authentication interface, as " determining " button in using in the click authentication interface, send to and serve generator 2 just client terminal apparatus 7 will comprise the verify data of encrypted ones.
Among Fig. 2, random password encrypted instruction string and password decryption instructions string generation device 10 are a device that uses software program, can dynamically produce random password encrypted instruction string and password decryption instructions string, also can from a password encryption strings of commands and password decryption instructions string storehouse, obtain at random.
The password encryption strings of commands and password decryption instructions string that tape deck 11 recording user sessions are used.
Encrypted ones in the authentication information that 12 pairs of client terminal apparatus of decryption device are submitted to is decrypted.
12 deciphering of 13 pairs of decryption devices of comparison means password that obtains and the user password that leaves in the data administrator 1 compare.
Among Fig. 3, display unit 20 is a display, and input unit 22 is mouse and keyboard, and communication device 23 is Modem.
Among Fig. 4, prevent the input of trojan horse program monitors physical keyboard by the password input mode of using the soft keyboard pattern, by using the mode of carrying out dynamic encryption based on random password encrypted instruction string to prevent that trojan horse program from stealing the password in the internal memory, its concrete steps are as follows:
Step 100: client terminal 7 sends ID authentication request to service generator 2;
Step 101: the customer in response terminal request, service generator 2 is accepted the ID authentication request of client terminal 7;
Step 102: service generator 2 is to security service device 4 requests one random password encrypted instruction string; It is right that random password encrypted instruction string in the security service device 4 and password decryption instructions string generation device 10 produce a pair of password encryption strings of commands and password decryption instructions string at random, and the password encryption strings of commands that 11 pairs of user conversations of tape deck use and password decryption instructions string are to carrying out record; Security service device 4 returns to the password encryption strings of commands service generator 2 at last;
Step 103: service generator 2 generates the initialization data that sends to client terminal 7, comprises the random password encrypted instruction string that returns from security service device 4 in the initialization data;
Step 104: service generator 2 sends to client terminal 7 with the initialization data that generates;
Step 105: client terminal 7 receives the initialization data that service generator 2 sends;
Step 106: whether client terminal 7 inspections itself exist the password input control of latest edition, if there is no or version be not up-to-date, then change step 107, otherwise change step 108;
Step 107: client terminal 7 is downloaded the password input control of latest edition from service generator 2;
Step 108: client terminal 7 shows the password authentication panel, waits for that the user imports customer ID, password and other required authentication information;
Step 109: the user imports customer ID and other required verify data except that password on client terminal 7;
Step 110: the user uses the picture region that shows the password character on the click password input control, carries out the password input;
Step 111: the password input control converts the position of click to an interim median, and this median is corresponding with the character that user's click location shows, and uses the password encryption strings of commands that comprises in the initialization data that this median is encrypted;
Step 112: the password input control is preserved the password data of encrypting, and more new password is imported progress indicator;
Step 113: the password input control checks whether the password input is finished, if do not finish then change step 110, accepts the input of next password character of user;
Step 114: client terminal 7 sends to service generator 2 with the verify data of user's input;
Step 115: service generator 2 receives the verify data that client terminal 7 sends;
Step 116: service generator 2 sends to security service device 4 with verify data and authenticates; Security service device 4 takes out the password decryption instructions string corresponding with the password encryption strings of commands that sends to client terminal 7 from tape deck 11, the encrypted ones in verify data hands over decryption device 12 to be decrypted; And the user password double ratio of password in leaving data administrator 1 in of deciphering installed 13 and compare; At last comparative result is returned to service generator 2;
Step 117: service generator 2 sends to client terminal 7 with the authentication result data;
Step 118: client terminal 7 receives the authentication result data that service generator 2 sends, and shows authentication result at panel.
The deciphering of password encryption and password is not two antipodal processes in the above-mentioned steps, because the password encryption process is that a median is encrypted, and the password decrypting process need obtain original password.The password decrypting process is that elder generation is decrypted the password of encrypting and obtains former median, again median is converted to old password.
Dynamic encryption command identifying method in the network, client terminal comprises direct request and indirect request to the ID authentication request that the service generator sends:
Directly request, the authentication service of the direct access services generator of client terminal;
Indirect request, client terminal relate to safe service in the request access services generator under the situation by authentication not, the service generator then wouldn't provide this service and provide the authentication service to client terminal by force.
The password encryption strings of commands and password decryption instructions string be to relevant with client sessions, in promptly each authentication the password encryption strings of commands and password decryption instructions string to being different,
The password encryption strings of commands can be an encryption key, also can be a self-defining encrypted instruction series;
Password decryption instructions string can be a decruption key, also can be a self-defining decryption instructions series.
The password input control is a kind of component software that can move on client terminal, and it has the graphical interfaces of a soft keyboard pattern, and the picture region that shows character by click is carried out the password input; The position of click is converted to an interim median and uses the password encryption strings of commands to encrypt by control.
Decide according to the character set of password at the interface of password input control, if the character set of password is a letter and number, then the picture region of password input control is the shape of a big keyboard.If the character set of password is a numeral, then the picture region of password input control is the shape of a keypad.As shown in Figure 5, be the password input control interface example of a keypad pattern:
Wherein, " ★ ★ ★ ★ ★ ★ " is password input progress indicator, indicates the number of characters of password input with the number of " ★ ".In the character picture region, all characters can also can be that each character is respectively on a little picture buttons on a big picture buttons.
The invention superiority
Command identifying method of the present invention has prevented that effectively trojan horse program from stealing the problem of user password, mainly realizes from following two aspects:
1), the mode of using the click picture to carry out the input of password character has prevented the problem of trojan horse program monitors physical keyboard input;
2), the original value of password can not leave in the internal memory of client, and any one moment in the password input process, can not have original password on client, the random password encrypted instruction string that is to use that is stored in the client internal memory has carried out the password of encrypting.Because the random password encrypted instruction string that each authentication is used is different, so, even the password that trojan horse program has been obtained after the encryption by the scanning internal memory is also utterly useless, effectively prevented the problem of trojan horse program scanning and monitoring internal memory.
Claims (12)
1, dynamic encrypting device in a kind of network, prevent the input of trojan horse program monitors physical keyboard by the password input mode of using the soft keyboard pattern, by using the mode of carrying out dynamic encryption to prevent that trojan horse program from stealing the password in the internal memory based on random password encrypted instruction string
It is characterized in that, form by data administrator, service generator, internal network, security service device, network security device, public network, client terminal apparatus, internal network is connected to data administrator, service generator, security service device and network security device, and network security device is connected in client terminal apparatus by public network;
Data administrator is used to deposit business data and customer information, and is responsible for the client access management after authentication is passed through;
The service generator is for the client provides access service;
The security service device is for the user provides authentication service;
Network security device is used to protect the safety of Intranet;
Public network, client terminal apparatus connect to the service generator of enterprise by public network;
Client terminal apparatus is the client of network system.
According to dynamic encrypting device in the network of claim 1, it is characterized in that 2, data administrator can be a PC server or main frame.
According to dynamic encrypting device in the network of claim 1, it is characterized in that 3, the service generator can be a Web server or the server that access is provided.
According to dynamic encrypting device in the network of claim 1, it is characterized in that 4, internal network is a local area network (LAN), can be Ethernet.
5, according to dynamic encrypting device in the network of claim 1, it is characterized in that, security service device, generation, the encrypted ones in the user authentication information of being responsible for random password encrypted instruction string and password deciphering string are deciphered, are obtained user's old password also relatively from data administrator; Its structure comprises:
Random password encrypted instruction string and password decryption instructions string generation device can dynamically generate random password encrypted instruction string and password decryption instructions string, also can obtain at random from a password encryption strings of commands and password decryption instructions string storehouse;
Tape deck, the password encryption strings of commands and password decryption instructions string that the recording user session is used;
Decryption device is decrypted the encrypted ones in the authentication information of client terminal apparatus submission;
Comparison means, the password that deciphering obtains to decryption device compares with the user password that leaves in the data administrator.
According to dynamic encrypting device in the network of claim 1, it is characterized in that 6, network security device is a fire compartment wall, be used to protect the safety of Intranet, prevent that disabled user in the public network is to the visit and the attack of internal network.
According to dynamic encrypting device in the network of claim 1, it is characterized in that 7, public network can be the Internet or extranet, client terminal apparatus connects to the service generator of enterprise by public network.
According to dynamic encrypting device in the network of claim 1, it is characterized in that 8, client terminal apparatus is the client of network system, can be an individual PC, comprising: display unit is a display, and input unit is mouse and keyboard, and communication device is Modem.
9, dynamic encryption command identifying method in a kind of network, prevent the input of trojan horse program monitors physical keyboard by the password input mode of using the soft keyboard pattern, by using the mode of carrying out dynamic encryption based on random password encrypted instruction string to prevent that trojan horse program from stealing the password in the internal memory, its concrete steps are as follows:
Step 100: client terminal sends ID authentication request to the service generator;
Step 101: the customer in response terminal request, the service generator is accepted the ID authentication request of client terminal;
Step 102: the service generator is to security service device request one random password encrypted instruction string; It is right that random password encrypted instruction string in the security service device and password decryption instructions string generation device produce a pair of password encryption strings of commands and password decryption instructions string at random; The password encryption strings of commands that tape deck uses user conversation and password decryption instructions string are to carrying out record; The security service device returns to the service generator with the password encryption strings of commands at last;
Step 103: the service generator generates the initialization data that sends to client terminal, comprises the random password encrypted instruction string that returns from the security service device in the initialization data;
Step 104: the service generator sends to client terminal with the initialization data that generates;
Step 105: client terminal receives the initialization data that the service generator sends;
Step 106: whether client terminal inspection itself exists the password input control of latest edition, if there is no or version be not up-to-date, then change step 107, otherwise change step 108;
Step 107: client terminal is downloaded the password input control of latest edition from the service generator;
Step 108: client terminal shows the password authentication panel, wait for the user import customer ID, password with and required authentication information;
Step 109: the user imports customer ID and the required verify data except that password on client terminal;
Step 110: the user uses the picture region that shows the password character on the click password input control, carries out the password input;
Step 111: the password input control converts the position of click to an interim median, and this median is corresponding with the character that user's click location shows, and uses the password encryption strings of commands that comprises in the initialization data that this median is encrypted;
Step 112: the password input control is preserved the password data of encrypting, and more new password is imported progress indicator;
Step 113: the password input control checks whether the password input is finished, if do not finish then change step 110, accepts the input of next password character of user;
Step 114: client terminal sends to the service generator with the verify data of user's input;
Step 115: the service generator receives the verify data that client terminal sends;
Step 116: the service generator sends to the security service device with verify data and authenticates; The security service device takes out the password decryption instructions string corresponding with the password encryption strings of commands that sends to client terminal from tape deck, the encrypted ones in verify data hands over decryption device to be decrypted; And with the user password double ratio of password in leaving data administrator in of deciphering device compare; At last comparative result is returned to the service generator;
Step 117: the service generator sends to client terminal with the authentication result data;
Step 118: client terminal receives the authentication result data that the service generator sends, and shows authentication result at panel.
According to dynamic encryption command identifying method in the network of claim 9, it is characterized in that 10, client terminal comprises direct request and indirect request to the ID authentication request that the service generator sends:
Directly request, the authentication service of the direct access services generator of client terminal;
Indirect request, client terminal relate to safe service in the request access services generator under the situation by authentication not, the service generator then wouldn't provide this service and provide the authentication service to client terminal by force.
11, according to dynamic encryption command identifying method in the network of claim 9, it is characterized in that, the password encryption strings of commands and password decryption instructions string be to relevant with client sessions, and the password encryption strings of commands and password decryption instructions string are to being different in promptly each authentication
The password encryption strings of commands can be an encryption key, also can be a self-defining encrypted instruction series;
Password decryption instructions string can be a decruption key, also can be a self-defining decryption instructions series.
12, according to dynamic encryption command identifying method in the network of claim 9, it is characterized in that, the password input control is a kind of component software that can move on client terminal, and it has the graphical interfaces of a soft keyboard pattern, and the picture region that shows character by click is carried out the password input; The position of click is converted to an interim median and uses the password encryption strings of commands to encrypt by control.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB200410074253XA CN100425018C (en) | 2004-09-08 | 2004-09-08 | Dynamic encrypting device in network and its password identification method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB200410074253XA CN100425018C (en) | 2004-09-08 | 2004-09-08 | Dynamic encrypting device in network and its password identification method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1588846A true CN1588846A (en) | 2005-03-02 |
| CN100425018C CN100425018C (en) | 2008-10-08 |
Family
ID=34604806
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB200410074253XA Active CN100425018C (en) | 2004-09-08 | 2004-09-08 | Dynamic encrypting device in network and its password identification method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100425018C (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008022559A1 (en) * | 2006-08-18 | 2008-02-28 | Tong Shao | Device and method for safely making use of network service needless of relying on security of client side |
| WO2009000172A1 (en) * | 2007-06-28 | 2008-12-31 | Tencent Technology (Shenzhen) Company Limited | Device, method and system for inputting content |
| WO2009018685A1 (en) * | 2007-08-08 | 2009-02-12 | Kamfu Wong | The device and the method of encrypting and authenticating against trojan horse with one time key |
| CN101635015A (en) * | 2009-08-31 | 2010-01-27 | 北京飞天诚信科技有限公司 | Method for improving interface safety |
| CN101388059B (en) * | 2007-09-14 | 2010-06-02 | 英业达股份有限公司 | Screen key entry system for preventing trojan program and method thereof |
| CN101222334B (en) * | 2008-01-11 | 2010-08-04 | 华中科技大学 | Cipher token safety authentication method adopting picture interference |
| CN101179382B (en) * | 2006-12-20 | 2010-11-10 | 腾讯科技(深圳)有限公司 | Login method and system |
| CN101388772B (en) * | 2007-09-10 | 2011-11-30 | 捷德(中国)信息科技有限公司 | Digital signature method and system |
| CN102469080A (en) * | 2010-11-11 | 2012-05-23 | 中国电信股份有限公司 | Method for pass user to realize safety login application client and system thereof |
| CN101599954B (en) * | 2008-06-03 | 2012-11-14 | 联想(北京)有限公司 | Safety input system, safety input method and auxiliary display device based on auxiliary display unit |
| CN103441851A (en) * | 2013-08-23 | 2013-12-11 | 成都卫士通信息产业股份有限公司 | Method for allowing terminal equipment to have access to VPN equipment |
| CN103701614A (en) * | 2014-01-15 | 2014-04-02 | 网易宝有限公司 | Authentication method and device |
| CN103870307B (en) * | 2014-03-14 | 2017-06-06 | 大唐移动通信设备有限公司 | A kind of synchronous apparatus and method with alarm of data source |
| CN106936844A (en) * | 2017-03-31 | 2017-07-07 | 深圳市科迈爱康科技有限公司 | The data interactive method and system of remote access service |
| CN109862015A (en) * | 2019-02-18 | 2019-06-07 | 北京奇艺世纪科技有限公司 | A kind of information transferring method and device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6285991B1 (en) * | 1996-12-13 | 2001-09-04 | Visa International Service Association | Secure interactive electronic account statement delivery system |
| CN1110003C (en) * | 1999-05-31 | 2003-05-28 | 王子忠 | Universal payment coding system for bank |
| CN100454809C (en) * | 2001-12-20 | 2009-01-21 | 西北工业大学 | Nonrecurring countersign and business confirmation method |
-
2004
- 2004-09-08 CN CNB200410074253XA patent/CN100425018C/en active Active
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008022559A1 (en) * | 2006-08-18 | 2008-02-28 | Tong Shao | Device and method for safely making use of network service needless of relying on security of client side |
| CN101179382B (en) * | 2006-12-20 | 2010-11-10 | 腾讯科技(深圳)有限公司 | Login method and system |
| WO2009000172A1 (en) * | 2007-06-28 | 2008-12-31 | Tencent Technology (Shenzhen) Company Limited | Device, method and system for inputting content |
| WO2009018685A1 (en) * | 2007-08-08 | 2009-02-12 | Kamfu Wong | The device and the method of encrypting and authenticating against trojan horse with one time key |
| CN101388772B (en) * | 2007-09-10 | 2011-11-30 | 捷德(中国)信息科技有限公司 | Digital signature method and system |
| CN101388059B (en) * | 2007-09-14 | 2010-06-02 | 英业达股份有限公司 | Screen key entry system for preventing trojan program and method thereof |
| CN101222334B (en) * | 2008-01-11 | 2010-08-04 | 华中科技大学 | Cipher token safety authentication method adopting picture interference |
| CN101599954B (en) * | 2008-06-03 | 2012-11-14 | 联想(北京)有限公司 | Safety input system, safety input method and auxiliary display device based on auxiliary display unit |
| CN101635015A (en) * | 2009-08-31 | 2010-01-27 | 北京飞天诚信科技有限公司 | Method for improving interface safety |
| CN102469080A (en) * | 2010-11-11 | 2012-05-23 | 中国电信股份有限公司 | Method for pass user to realize safety login application client and system thereof |
| CN102469080B (en) * | 2010-11-11 | 2015-07-15 | 中国电信股份有限公司 | Method for pass user to realize safety login application client and system thereof |
| CN103441851A (en) * | 2013-08-23 | 2013-12-11 | 成都卫士通信息产业股份有限公司 | Method for allowing terminal equipment to have access to VPN equipment |
| CN103441851B (en) * | 2013-08-23 | 2016-12-28 | 成都卫士通信息产业股份有限公司 | A kind of terminal unit accesses the method for VPN device |
| CN103701614A (en) * | 2014-01-15 | 2014-04-02 | 网易宝有限公司 | Authentication method and device |
| CN103701614B (en) * | 2014-01-15 | 2018-08-10 | 网易宝有限公司 | A kind of auth method and device |
| CN103870307B (en) * | 2014-03-14 | 2017-06-06 | 大唐移动通信设备有限公司 | A kind of synchronous apparatus and method with alarm of data source |
| CN106936844A (en) * | 2017-03-31 | 2017-07-07 | 深圳市科迈爱康科技有限公司 | The data interactive method and system of remote access service |
| WO2018176700A1 (en) * | 2017-03-31 | 2018-10-04 | 深圳市科迈爱康科技有限公司 | Data interaction method and system for remote access service |
| CN109862015A (en) * | 2019-02-18 | 2019-06-07 | 北京奇艺世纪科技有限公司 | A kind of information transferring method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100425018C (en) | 2008-10-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107257334B (en) | Identity authentication method for Hadoop cluster | |
| JP5619019B2 (en) | Method, system, and computer program for authentication (secondary communication channel token-based client-server authentication with a primary authenticated communication channel) | |
| CN1212716C (en) | Method of sharing subscriber confirming information in different application systems of internet | |
| CN1290014C (en) | Method and apparatus for serving content from semi-trusted server | |
| JP3466025B2 (en) | Method and apparatus for protecting masquerade attack in computer network | |
| US7895432B2 (en) | Method and apparatus for using a third party authentication server | |
| CN1588846A (en) | Dynamic encrypting device in network and its password identification method | |
| CN111698225B (en) | Application service authentication encryption method suitable for power dispatching control system | |
| US8438383B2 (en) | User authentication system | |
| CN1878170A (en) | Method and device for managing session identifiers | |
| CN1866822A (en) | Method for realizing uniform authentication | |
| CN1701295A (en) | Method and system for a single-sign-on access to a computer grid | |
| CN1731723A (en) | Electron/handset token dynamic password identification system | |
| CN1722658A (en) | Efficient and secure authentication of computer system | |
| CN1885771A (en) | Method and apparatus for establishing a secure communication session | |
| CN1823513A (en) | Method and system for stepping up to certificate-based authentication without breaking an existing ssl session | |
| CN101427510A (en) | Digipass for the web-functional description | |
| CN1897523A (en) | System and method for realizing single-point login | |
| CN101076796A (en) | Virtual special purpose network established for roam user | |
| CN1855814A (en) | Safety uniform certificate verification design | |
| CN100365974C (en) | Device and method for controlling computer access | |
| CN1268157C (en) | A handset used for dynamic identity authentication | |
| CN1725687A (en) | Security identification method | |
| WO2010098789A1 (en) | Multifactor authentication system and methodology | |
| WO2006049520A1 (en) | Systems and methods of user authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |