CN1855814A - Safety uniform certificate verification design - Google Patents
Safety uniform certificate verification design Download PDFInfo
- Publication number
- CN1855814A CN1855814A CN 200510067872 CN200510067872A CN1855814A CN 1855814 A CN1855814 A CN 1855814A CN 200510067872 CN200510067872 CN 200510067872 CN 200510067872 A CN200510067872 A CN 200510067872A CN 1855814 A CN1855814 A CN 1855814A
- Authority
- CN
- China
- Prior art keywords
- user
- door
- resource
- credential
- scheme
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title description 7
- 235000014510 cooky Nutrition 0.000 claims abstract description 5
- 238000012797 qualification Methods 0.000 claims 1
- 230000007246 mechanism Effects 0.000 abstract description 7
- 238000000034 method Methods 0.000 description 13
- 230000008569 process Effects 0.000 description 9
- 230000008676 import Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
When user accesses network resources across domains, his ID certificate is required to show many times in order to make system log-in so as to bring low efficiency and potential security problem. The invention provides a unified ID authentication mechanism in distributed network condition, which uses cookie and redirection function in a standard internet browser to authenticate user at portal site; the portal site transmits the authenticated documents to resource site; the resource site explains the user access right and responds its access request.
Description
One. technical field
The invention belongs to computer network security and cryptographic technique field, is a kind of based on the WEB mode, realizes the safety certification scheme of cross-domain authentication, has realized the security authentication mechanism that single login is repeatedly visited.Be applicable to the unified identity authentication demand, require to realize the cross-domain safety certification application scenarios of single login.
Two. background technology
At present, what the authenticating user identification of distributed system generally adopted is to disperse login, Decentralization, owing to lack good versatility, frequent identity registration and the potential safety hazard of hiding become outstanding problem between each subsystem.In numerous management systems that need login, our usual way is to register general the user name and password.Yet,,, mean the security mechanism forfeiture of other system in case the log-on message of user in certain system lost because the security mechanism of different system is strong and weak different; If different system with different identity registrations, then will be remembered too many information.Therefore, information system needs an authentication system unification, that have higher security control, and is easy to operate with the user to guarantee data security.
Three. invention is concise and to the point
In order to overcome the deficiency of existing authenticating user identification mechanism, the invention provides a kind of secure user identity authentication mechanism, this mechanism can not only be discerned user identity, and can realize the cross-domain automatic identification user identity of user easily, be the user when cross-domain access resources, only need show an identity documents and just can realize that a plurality of territories of secure log visit resource.
Four. summary of the invention
We will divide three parts to introduce this programme to solve the technical scheme that its technical problem adopts, and we introduce the general frame of this scheme at 4.1 joints, introduce the details of scheme operation at 4.2 joints, introduce its fail safe at 4.3 joints; The 4.4th joint is introduced the application scenarios of this programme.
Term and explanation
● door: a WEB website, be responsible for all users' management and authentication, provide the user to select the tabulation of resource, the X.509 digital certificate that needs authoritative institution to issue, can set up HTTPS with other entities is connected, can carry out the DES enciphering and deciphering algorithm, and preserve the key that is used for the DES encryption and decryption, can utilizing X.509, the pairing private key of digital certificate carries out the digital signature computing.
● the resource website: the WEB website, trust door, accept the Service Ticket that door is presented to the user, can utilize the X.509 digital certificate of door to carry out the certifying digital signature computing.Recommend to use the server end setting of supporting that HTTPS connects.
● client: support Cookie and the standard browser that is redirected.
● UID: the user logins the user name of door.
● passwd: the user logins the password of door.
● UIP: the IP address during subscription client login door.
● RoleID: the role that the user obtains on door number, it shows user's type, when the user registers, is determined according to user characteristics by the keeper of door.When being delivered to the resource website, explain its implication by the resource website.
● timeInterval: the term of validity time span of user's voucher of door definition.
● WebServerURL: the URL of user access resources website.
● Pcookie: its content is that the user is by the relevant information after authenticating, its structure is Ek (UID+RoleID+timeInterval+UIP), this structure represents to use k as encryption key, DES is as cryptographic algorithm, encrypt the result that UID+RoleID+timeInterval+UIP information obtains, wherein, k is that door is to encrypt the random cipher that Pcookie produces, and leaves on the door local memory device with the document form secret.Door is written to the user side browser with Pcookie as Cookie.
● timeStamp: the system time (timestamp) of the current door when door generates user's voucher.
● Credential: door is presented to the voucher of validated user, and its structure is: RoleID+timeInterval+timeStamp+UIP+WebServerURL.
4.1 scheme introduction
As shown in Figure 1, (a) under the SSL protection, the user imports UID and passwd; login door, door check whether user's UID and passwd be legal, if legal just (b) generates Pcookie; store on the user browser, otherwise just point out the user illegally to login.
1. the corresponding resource website of user capture, 2. resource website access control program is automatically the user access request family of being redirected that bride visits her parents with her husband for the first time after the wedding, in this course, portal program can read the Pcookie on the client browser automatically, the RoleID among the Pcookie is extracted in DES deciphering back, timeInterval, UIP, and the timeStamp that obtains, WebServerURL constructs Credential, 3. door utilizes the private key of its digital certificate that Credential is carried out digital signature, and 4. Credential and signature thereof are redirected the access control program that sends to the resource website by user browser, the resource website is verified the signature of Credential, simultaneously the content of user Credential is expressly verified; If the Credential that the station resource point is received is legal, 5. the resource website just returns to user institute requested resource.
4.2 the operation details of scheme
As shown in Figure 2, the running of scheme is divided into three phases, initial phase, gate verification stage and resource website authentication phase.
4.2.1 initial phase
At first, door obtains the X.509 digital certificate that authoritative institution issues, and be stored in the relevant position, this digital certificate X.509 of the Web service procedure identification of door, and preparation is connected with the SSL that the browser of Any user is set up the authentication of one directional service device, simultaneously, this certificate is used for the user's voucher that mails to the resource website is carried out digital signature.Secondly, the resource website need be downloaded the door certificate from door, is used for the signature of user's voucher of receiving is verified.At last, the user need be on door information of registered users, mainly comprise UID, passwd etc., the door keeper gives user RoleID according to the user's registration information characteristic allocation.
4.2.2 the gate verification stage
This stage is divided two processes: the user logins door and obtains the validated user identity documents, promptly is stored in the Pcookie in the client browser; Another process is, in the user access resources website process, and the user authentication process of carrying out.
(1) safety set up based on SSL by browser and door of user is connected, and simultaneously the identity of door is authenticated.
(2) user imports UID and passwd, the login door.
(3) after the user logined success, door was searched the RoleID of this UID correspondence.Door structure Pcookie is written to user side.The clear content of Pcookie is: UID+RoleID+timeInterval+UIP is stored in client as cookie with this structure after with des encryption.
(4) user can visit shielded resource website by dual mode, a kind of from door provide " the Resources list,, the resource website is selected in the lining; Another kind is the direct access resources website of user.Which kind of situation no matter, resource website program all can be redirected to door to the user, and WebServerURL is submitted to door.
(5) door checks whether Pcookie exists in the client browser:
If a) Pcookie does not exist, then return the door login interface, require the user to login door.
B) if Pcookie exists, it is carried out the DES deciphering, if can not isolate effective UID+RoleID+timeInterval+UIP structure, think that then Pcookie is invalid, provide the visit of error message and end user.If can correctly separate, then Pcookie is effective.Door structure Credential, structure is: RoleID+timeInterval+timeStamp+UIP+WebServerURL, and utilize the door certificate to sign to Credential, the signature algorithm acquiescence is: SHA1withRSA.So far, the user has obtained the voucher of user access resources and the door signature of this voucher.
4.2.3 resource website authentication phase
This phase resource website is checked the legitimacy of user access resources according to Credential that obtains previous stage and door signature thereof, is given correct response to legitimate request.
(1) door is redirected to the resource website to the user, and Credential and signature thereof are submitted to the access control program of resource website with the list form.
(2) the station resource point is received the redirect request of door, takes out Credential, and utilizes the X.509 digital certificate of door that its signature is verified:
If a) signature verification is not passed through, just think that this redirect request is illegal, provide error message, and the end user visit.
B) if signature verification is passed through, just take out RoleID, UIP, timeInterval, timeStamp and WebServerURL among the Credential;
C) user's voucher is verified.
● compare UIP and active user IP among the Credential, if different, then the user is illegal, stops visit;
If ● identical, then relatively the current time of resource website and timeStamp difference whether less than timeInterval, if greater than, Credential term of validity mistake be described, termination is visited;
● otherwise relatively whether the domain name of resource website is included in WebServerURL, if do not comprise, just stops user capture;
● otherwise just passed through the proof procedure of user's voucher.
D) utilize the RoleID that is obtained to carry out local user capture control.
4.3 the fail safe of scheme
4.3.1 Replay Attack
In each verification process, we require the resource website that user present IP address and the UIP among the Credential are compared, and the User IP that the UIP among the Credential comes from the user when logining door, if Replay Attack, because assailant's IP is different with the IP among the Credential, will be refused by the resource website.Simultaneously, because the door of Credential signature is to forge, guaranteed that the UIP among the Credential can not forge.In addition, the life cycle of Credential, the term of validity of Replay Attack also was very restricted by the timestamp and the timeInterval decision of door.
4.3.2 for DoS attack (Denial of Service attack)
Because native system does not relate to intrusion detection etc. and prevents the technology of DoS attack,, require each to realize that the corresponding hardware and software of site deployment means prevent DoS attack so can not resist dos attack.
4.3.3SSL the fail safe that connects
Require door must possess the certificate that authoritative institution issues, and client admit that its legitimacy could set up being connected based on SSL of client and the safety of portal.
4.4 the application scenarios of this scheme
The present invention be directed under the distributed network environment application scenarios of the cross-domain access resources of user.By utilizing door centralized and unified management subscriber identity information, utilize the DES encipher-decipher method to realize the legal identity behind the authentification of user is stored into the user browser end, guaranteed that user's legal identity is not leaked; Then, the user relies on this legal identity voucher to visit all to implement resource website of the present invention, participating user verification process once more, thereby the safety of realization, authentification of user, access resources easily.Along with Development of E-business, the process of enterprise's globalization, it is very urgent that the network user strides the demand of a plurality of domain browsing resources, and the present invention is fit to and a plurality of relevant industries, relevant enterprise or the network domains environment that concerns with other forms formation alliances carry out authentification of user management scene.The present invention has operated in " national science and technology basic condition platform " project of the shared national scientific and technological resources that the Department of Science and Technology presides over, has shown huge advantage.
According to this programme, can structuring user's unified identity authentication framework, integrate the existing resources system, and the program of standard is provided for moving into of later newly-built resource system.From user perspective, the user only safeguards single identity documents, and only need show once on the one hand, just can visit resource in interior all territories of framework; From each resource domains angle, no longer need a whole set of user management process of independent maintenance on the other hand, the legitimacy that only need admit the user of door just can realize the authentication process to the user.Potential huge social agency of the present invention is the universalness and the day-to-day that can promote network application.
Five. description of drawings
Accompanying drawing 1 is the overall plan figure of this programme
Accompanying drawing 2 is program flow diagrams of this programme.
Claims (2)
1. the unified identity authentication scheme of a safety, in distributed network environment, Cookie technology based on standard browser, Collective qualification user on door, voucher behind the safe transfer authentification of user is to the resource website, resource website interpreting user role number also responds its access request, and it is characterized in that: the user only shows identity documents information one time, all the resource websites in can the secure access scheme.
2. as the scheme as described in the above-mentioned claim 1, the form of Credential in the scheme is: RoleID+timeInterval+timeStamp+UIP+WebServerURL, and door Credential and door utilize its X.509 certificate the result of Credential signature is made the as a whole resource website that is sent to.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510067872 CN1855814A (en) | 2005-04-29 | 2005-04-29 | Safety uniform certificate verification design |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510067872 CN1855814A (en) | 2005-04-29 | 2005-04-29 | Safety uniform certificate verification design |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1855814A true CN1855814A (en) | 2006-11-01 |
Family
ID=37195686
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510067872 Pending CN1855814A (en) | 2005-04-29 | 2005-04-29 | Safety uniform certificate verification design |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1855814A (en) |
Cited By (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101694663A (en) * | 2009-10-20 | 2010-04-14 | 上海欧菲司健康管理咨询有限公司 | System for one-station registering, logging and all-web authentication |
| CN101719238A (en) * | 2009-11-30 | 2010-06-02 | 中国建设银行股份有限公司 | Method and system for managing, authenticating and authorizing unified identities |
| CN101902472A (en) * | 2010-07-09 | 2010-12-01 | 北京工业大学 | Method for pushing remote declaration based on behaviors in trusted network |
| CN101207485B (en) * | 2007-08-15 | 2010-12-01 | 深圳市同洲电子股份有限公司 | System and method of unification identification safety authentication for users |
| WO2010148815A1 (en) * | 2009-12-21 | 2010-12-29 | 中兴通讯股份有限公司 | System and method for visiting a web application site by a wapi terminal |
| CN101610502B (en) * | 2009-07-23 | 2011-01-26 | 江苏鸿信系统集成有限公司 | Method for mobile information integration based on different business systems of mobile application portal |
| WO2011022950A1 (en) * | 2009-08-31 | 2011-03-03 | 中国移动通信集团公司 | Service access method, system and device based on wlan access authentication |
| CN102045398A (en) * | 2010-12-24 | 2011-05-04 | 杭州华三通信技术有限公司 | Portal-based distributed control method and equipment |
| CN101335626B (en) * | 2008-08-06 | 2011-05-18 | 中国网通集团宽带业务应用国家工程实验室有限公司 | Multi-stage authentication method and multi-stage authentication system |
| CN101399726B (en) * | 2007-09-29 | 2011-09-07 | 中国电信股份有限公司 | Method for WLAN terminal authentication |
| CN101399724B (en) * | 2007-09-28 | 2011-11-30 | 中国电信股份有限公司 | Disposal authentication method for network access and service application oriented to user |
| CN102469075A (en) * | 2010-11-09 | 2012-05-23 | 中科正阳信息安全技术有限公司 | Integration authentication method based on WEB single sign on |
| CN102638441A (en) * | 2011-02-15 | 2012-08-15 | 中兴通讯股份有限公司 | Method and system for realizing single sign on (SSO) in IP multimedia subsystem (IMS) network |
| CN101605140B (en) * | 2009-07-16 | 2012-10-03 | 阿里巴巴集团控股有限公司 | Network user identity verification and authentication system and verification and authentication method |
| CN101998406B (en) * | 2009-08-31 | 2013-01-16 | 中国移动通信集团公司 | WLAN access authentication based method for accessing services |
| CN101848198B (en) * | 2009-03-24 | 2013-03-20 | 英业达股份有限公司 | Authorization sharing system and method thereof |
| CN103546432A (en) * | 2012-07-12 | 2014-01-29 | 腾讯科技(深圳)有限公司 | Method and system for realizing cross-domain jumping, browser and domain name servers |
| CN103634399A (en) * | 2013-11-29 | 2014-03-12 | 北京奇虎科技有限公司 | Method and device for realizing cross-domain data transmission |
| CN101998407B (en) * | 2009-08-31 | 2014-07-02 | 中国移动通信集团公司 | WLAN access authentication based method for accessing services |
| CN102006271B (en) * | 2008-09-02 | 2014-09-24 | F2威尔股份有限公司 | IP address secure multi-channel authentication for online transactions |
| CN104506518A (en) * | 2014-12-22 | 2015-04-08 | 中软信息系统工程有限公司 | Identity authentication method for access control of MIPS (Million Instructions Per Second) platform network system |
| CN104753895A (en) * | 2013-12-31 | 2015-07-01 | 北京新媒传信科技有限公司 | Authentication method and system for a plurality of sub-domain sites in parent domain site |
| CN108241803A (en) * | 2016-12-23 | 2018-07-03 | 航天星图科技(北京)有限公司 | A kind of access control method of heterogeneous system |
| CN108737350A (en) * | 2017-04-24 | 2018-11-02 | 腾讯科技(深圳)有限公司 | A kind of information processing method and client |
| CN112202813A (en) * | 2020-10-29 | 2021-01-08 | 杭州迪普科技股份有限公司 | Network access method and device |
-
2005
- 2005-04-29 CN CN 200510067872 patent/CN1855814A/en active Pending
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101207485B (en) * | 2007-08-15 | 2010-12-01 | 深圳市同洲电子股份有限公司 | System and method of unification identification safety authentication for users |
| CN101399724B (en) * | 2007-09-28 | 2011-11-30 | 中国电信股份有限公司 | Disposal authentication method for network access and service application oriented to user |
| CN101399726B (en) * | 2007-09-29 | 2011-09-07 | 中国电信股份有限公司 | Method for WLAN terminal authentication |
| CN101335626B (en) * | 2008-08-06 | 2011-05-18 | 中国网通集团宽带业务应用国家工程实验室有限公司 | Multi-stage authentication method and multi-stage authentication system |
| CN102006271B (en) * | 2008-09-02 | 2014-09-24 | F2威尔股份有限公司 | IP address secure multi-channel authentication for online transactions |
| CN101848198B (en) * | 2009-03-24 | 2013-03-20 | 英业达股份有限公司 | Authorization sharing system and method thereof |
| CN101605140B (en) * | 2009-07-16 | 2012-10-03 | 阿里巴巴集团控股有限公司 | Network user identity verification and authentication system and verification and authentication method |
| CN101610502B (en) * | 2009-07-23 | 2011-01-26 | 江苏鸿信系统集成有限公司 | Method for mobile information integration based on different business systems of mobile application portal |
| CN101998406B (en) * | 2009-08-31 | 2013-01-16 | 中国移动通信集团公司 | WLAN access authentication based method for accessing services |
| CN101998407B (en) * | 2009-08-31 | 2014-07-02 | 中国移动通信集团公司 | WLAN access authentication based method for accessing services |
| WO2011022950A1 (en) * | 2009-08-31 | 2011-03-03 | 中国移动通信集团公司 | Service access method, system and device based on wlan access authentication |
| RU2573212C2 (en) * | 2009-08-31 | 2016-01-20 | Чайна Мобайл Коммуникейшенс Корпорейшн | Method of accessing services, systems and devices based on wlan access authentication |
| CN101694663A (en) * | 2009-10-20 | 2010-04-14 | 上海欧菲司健康管理咨询有限公司 | System for one-station registering, logging and all-web authentication |
| CN101719238A (en) * | 2009-11-30 | 2010-06-02 | 中国建设银行股份有限公司 | Method and system for managing, authenticating and authorizing unified identities |
| WO2010148815A1 (en) * | 2009-12-21 | 2010-12-29 | 中兴通讯股份有限公司 | System and method for visiting a web application site by a wapi terminal |
| CN101902472B (en) * | 2010-07-09 | 2013-04-24 | 北京工业大学 | Method for pushing remote declaration based on behaviors in trusted network |
| CN101902472A (en) * | 2010-07-09 | 2010-12-01 | 北京工业大学 | Method for pushing remote declaration based on behaviors in trusted network |
| CN102469075A (en) * | 2010-11-09 | 2012-05-23 | 中科正阳信息安全技术有限公司 | Integration authentication method based on WEB single sign on |
| CN102045398B (en) * | 2010-12-24 | 2013-08-28 | 杭州华三通信技术有限公司 | Portal-based distributed control method and equipment |
| CN102045398A (en) * | 2010-12-24 | 2011-05-04 | 杭州华三通信技术有限公司 | Portal-based distributed control method and equipment |
| CN102638441A (en) * | 2011-02-15 | 2012-08-15 | 中兴通讯股份有限公司 | Method and system for realizing single sign on (SSO) in IP multimedia subsystem (IMS) network |
| CN103546432A (en) * | 2012-07-12 | 2014-01-29 | 腾讯科技(深圳)有限公司 | Method and system for realizing cross-domain jumping, browser and domain name servers |
| US9686344B2 (en) | 2012-07-12 | 2017-06-20 | Tencent Technology (Shenzhen) Company Limited | Method for implementing cross-domain jump, browser, and domain name server |
| CN103546432B (en) * | 2012-07-12 | 2015-12-16 | 腾讯科技(深圳)有限公司 | Realize method and system and browser, the name server of cross-domain redirect |
| CN103634399B (en) * | 2013-11-29 | 2017-02-08 | 北京奇虎科技有限公司 | Method and device for realizing cross-domain data transmission |
| CN103634399A (en) * | 2013-11-29 | 2014-03-12 | 北京奇虎科技有限公司 | Method and device for realizing cross-domain data transmission |
| CN104753895B (en) * | 2013-12-31 | 2018-05-11 | 北京新媒传信科技有限公司 | The authentication method and system of a kind of multiple subdomain websites under father field website |
| CN104753895A (en) * | 2013-12-31 | 2015-07-01 | 北京新媒传信科技有限公司 | Authentication method and system for a plurality of sub-domain sites in parent domain site |
| CN104506518A (en) * | 2014-12-22 | 2015-04-08 | 中软信息系统工程有限公司 | Identity authentication method for access control of MIPS (Million Instructions Per Second) platform network system |
| CN104506518B (en) * | 2014-12-22 | 2018-07-24 | 中软信息系统工程有限公司 | The identity identifying method of MIPS platform network system access controls |
| CN108241803A (en) * | 2016-12-23 | 2018-07-03 | 航天星图科技(北京)有限公司 | A kind of access control method of heterogeneous system |
| CN108241803B (en) * | 2016-12-23 | 2019-03-08 | 中科星图股份有限公司 | A kind of access control method of heterogeneous system |
| CN108737350A (en) * | 2017-04-24 | 2018-11-02 | 腾讯科技(深圳)有限公司 | A kind of information processing method and client |
| CN108737350B (en) * | 2017-04-24 | 2020-10-16 | 腾讯科技(深圳)有限公司 | Information processing method and client |
| CN112202813A (en) * | 2020-10-29 | 2021-01-08 | 杭州迪普科技股份有限公司 | Network access method and device |
| CN112202813B (en) * | 2020-10-29 | 2023-04-18 | 杭州迪普科技股份有限公司 | Network access method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1855814A (en) | Safety uniform certificate verification design | |
| US11757641B2 (en) | Decentralized data authentication | |
| US9871791B2 (en) | Multi factor user authentication on multiple devices | |
| Lodderstedt et al. | OAuth 2.0 threat model and security considerations | |
| CN1212716C (en) | Method of sharing subscriber confirming information in different application systems of internet | |
| Sumitra et al. | A survey of cloud authentication attacks and solution approaches | |
| CN1507203A (en) | Method and system for conducting user verification to sub position of network position | |
| CN1835438A (en) | Method of realizing single time accession between systems and system thereof | |
| CN1547343A (en) | A Single Sign On method based on digital certificate | |
| CN103179134A (en) | Single sign on method and system based on Cookie and application server thereof | |
| CN1812403A (en) | Single-point logging method for realizing identification across management field | |
| CN101207485A (en) | System and method of unification identification safety authentication for users | |
| US10516653B2 (en) | Public key pinning for private networks | |
| CN104683306A (en) | Safe and controllable internet real-name certification mechanism | |
| CN116032533A (en) | Remote office access method and system based on zero trust | |
| Bazaz et al. | A review on single sign on enabling technologies and protocols | |
| CN1725687A (en) | Security identification method | |
| US20210377224A1 (en) | Secure and auditable proxy technology using trusted execution environments | |
| CN1889081A (en) | Data base safety access method and system | |
| Singh et al. | OAuth 2.0: Architectural design augmentation for mitigation of common security vulnerabilities | |
| US7565538B2 (en) | Flow token | |
| CN1859149A (en) | Method for realizing stream medium business service | |
| Bhargavan et al. | Formal modeling and verification for domain validation and acme | |
| Syverson et al. | Bake in. onion for tear-free and stronger website authentication | |
| Nagar et al. | A secure authenticate framework for cloud computing environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |