KR102150750B1 - 신뢰받는 로그인 방법 및 장치 - Google Patents

신뢰받는 로그인 방법 및 장치 Download PDF

Info

Publication number
KR102150750B1
KR102150750B1 KR1020177035829A KR20177035829A KR102150750B1 KR 102150750 B1 KR102150750 B1 KR 102150750B1 KR 1020177035829 A KR1020177035829 A KR 1020177035829A KR 20177035829 A KR20177035829 A KR 20177035829A KR 102150750 B1 KR102150750 B1 KR 102150750B1
Authority
KR
South Korea
Prior art keywords
login
application
login state
user
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
KR1020177035829A
Other languages
English (en)
Korean (ko)
Other versions
KR20180008592A (ko
Inventor
지장 조우
Original Assignee
알리바바 그룹 홀딩 리미티드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 알리바바 그룹 홀딩 리미티드 filed Critical 알리바바 그룹 홀딩 리미티드
Publication of KR20180008592A publication Critical patent/KR20180008592A/ko
Application granted granted Critical
Publication of KR102150750B1 publication Critical patent/KR102150750B1/ko
Assigned to 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. reassignment 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. 권리의 전부이전등록 Assignors: 어드밴티지어스 뉴 테크놀로지스 씨오., 엘티디.
Assigned to 어드밴티지어스 뉴 테크놀로지스 씨오., 엘티디. reassignment 어드밴티지어스 뉴 테크놀로지스 씨오., 엘티디. 권리의 전부이전등록 Assignors: 알리바바 그룹 홀딩 리미티드
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
KR1020177035829A 2015-05-12 2016-04-18 신뢰받는 로그인 방법 및 장치 Active KR102150750B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN201510239796.0A CN106302308B (zh) 2015-05-12 2015-05-12 一种信任登录方法和装置
CN201510239796.0 2015-05-12
PCT/CN2016/079555 WO2016180171A1 (zh) 2015-05-12 2016-04-18 一种信任登录方法和装置

Publications (2)

Publication Number Publication Date
KR20180008592A KR20180008592A (ko) 2018-01-24
KR102150750B1 true KR102150750B1 (ko) 2020-09-02

Family

ID=57247737

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020177035829A Active KR102150750B1 (ko) 2015-05-12 2016-04-18 신뢰받는 로그인 방법 및 장치

Country Status (7)

Country Link
US (2) US10673834B2 (https=)
EP (1) EP3297243B1 (https=)
JP (1) JP6756738B2 (https=)
KR (1) KR102150750B1 (https=)
CN (1) CN106302308B (https=)
SG (1) SG11201708989QA (https=)
WO (1) WO2016180171A1 (https=)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106302308B (zh) 2015-05-12 2019-12-24 阿里巴巴集团控股有限公司 一种信任登录方法和装置
US10469497B2 (en) * 2016-05-26 2019-11-05 Dropbox, Inc. Identifying accounts having shared credentials
CN109379324B (zh) * 2018-08-21 2021-12-14 中至数据集团股份有限公司 网站访问方法、装置、可读存储介质及计算机设备
CN109981677B (zh) * 2019-04-08 2021-02-12 北京深思数盾科技股份有限公司 一种授信管理方法及装置
CN110417863B (zh) * 2019-06-27 2021-01-29 华为技术有限公司 生成身份识别码的方法和装置、身份认证的方法和装置
US12026686B2 (en) * 2019-07-10 2024-07-02 Jpmorgan Chase Bank , N.A. Systems and methods for facilitating payment service-based checkout with a merchant
CN110636061B (zh) * 2019-09-20 2022-03-25 深圳市信锐网科技术有限公司 业务服务器接入方法、存储介质、终端设备及登录服务器
CN111368158A (zh) * 2020-03-31 2020-07-03 中国建设银行股份有限公司 基于人工智能平台的服务查找方法及装置
CN111552944A (zh) * 2020-04-28 2020-08-18 成都新潮传媒集团有限公司 一种登录验证方法及装置
CN111598582A (zh) * 2020-04-28 2020-08-28 华润守正招标有限公司 客服方法、系统、电子设备及存储介质
CN112231667B (zh) * 2020-11-09 2022-02-18 腾讯科技(深圳)有限公司 身份核验方法、装置、存储介质、系统及设备
CN112462661B (zh) * 2020-11-27 2021-11-16 星控物联科技(山东)有限公司 工业数据采集控制器及其控制方法
US12238084B2 (en) * 2021-05-19 2025-02-25 Prove Identity, Inc. Single-exchange authentication of a communications device
CN113807836A (zh) * 2021-10-11 2021-12-17 中国银行股份有限公司 手机银行支付方法及装置
CN114926183A (zh) * 2022-06-09 2022-08-19 中国银行股份有限公司 应用登录方法及装置
CN115766117A (zh) * 2022-10-31 2023-03-07 超聚变数字技术有限公司 一种应用登录方法及装置
CN115695012A (zh) * 2022-11-02 2023-02-03 北京自如信息科技有限公司 一种登录请求的处理方法、装置、电子设备及存储介质
CN116257878A (zh) * 2022-12-30 2023-06-13 深圳市国信科技有限公司 信息查看方法、系统、终端设备及计算机可读存储介质
CN118800233A (zh) * 2024-08-02 2024-10-18 北京蜂巢世纪科技有限公司 对话方法、可穿戴设备、终端、服务器及存储介质

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030233329A1 (en) * 2001-12-06 2003-12-18 Access Systems America, Inc. System and method for providing subscription content services to mobile devices
US20140082715A1 (en) * 2012-09-19 2014-03-20 Secureauth Corporation Mobile multifactor single-sign-on authentication

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002335239A (ja) * 2001-05-09 2002-11-22 Nippon Telegr & Teleph Corp <Ntt> シングルサインオン認証方法及びシステム装置
KR20040066394A (ko) * 2003-01-17 2004-07-27 신현수 로그인(Login) 정보처리 시스템
US7437457B1 (en) * 2003-09-08 2008-10-14 Aol Llc, A Delaware Limited Liability Company Regulating concurrent logins associated with a single account
EP1955251A2 (en) * 2005-10-11 2008-08-13 Citrix Systems, Inc. Systems and methods for facilitating distributed authentication
US8176327B2 (en) * 2006-12-27 2012-05-08 Airvana, Corp. Authentication protocol
JP4828402B2 (ja) * 2006-12-28 2011-11-30 ブラザー工業株式会社 情報処理装置および情報処理プログラム
US7818396B2 (en) * 2007-06-21 2010-10-19 Microsoft Corporation Aggregating and searching profile data from multiple services
US7979899B2 (en) * 2008-06-02 2011-07-12 Microsoft Corporation Trusted device-specific authentication
CN102299936B (zh) * 2010-06-25 2015-07-22 腾讯科技(深圳)有限公司 一种应用网站的访问方法和装置
CN102622270B (zh) * 2011-01-26 2016-08-17 腾讯科技(深圳)有限公司 一种应用程序的切换管理方法和终端
US9473485B2 (en) * 2011-03-21 2016-10-18 Blue Cedar Networks, Inc. Secure single sign-on for a group of wrapped applications on a computing device and runtime credential sharing
US8869244B1 (en) * 2011-05-03 2014-10-21 Symantec Corporation Techniques for providing role-based access control using dynamic shared accounts
US9495533B2 (en) * 2011-09-29 2016-11-15 Oracle International Corporation Mobile application, identity relationship management
CN103188207B (zh) * 2011-12-27 2016-07-13 北大方正集团有限公司 一种跨域的单点登录实现方法及系统
CN103188237A (zh) * 2011-12-30 2013-07-03 盛大计算机(上海)有限公司 单点登录系统及方法
JP5988699B2 (ja) * 2012-05-30 2016-09-07 キヤノン株式会社 連携システム、その連携方法、情報処理システム、およびそのプログラム。
JP2013257806A (ja) * 2012-06-14 2013-12-26 Nec Fielding Ltd 認証システム、認証方法、認証処理代行装置、端末装置、認証処理代行方法、端末装置の制御方法、及びプログラム
US8949596B2 (en) * 2012-07-10 2015-02-03 Verizon Patent And Licensing Inc. Encryption-based session establishment
US9203838B2 (en) * 2012-10-31 2015-12-01 Google Inc. Providing network access to a device associated with a user account
US9397989B1 (en) * 2013-07-03 2016-07-19 Amazon Technologies, Inc. Bootstrapping user authentication on devices
CN104348777B (zh) * 2013-07-24 2019-04-09 腾讯科技(深圳)有限公司 一种移动终端对第三方服务器的访问控制方法及系统
CN104580074B (zh) * 2013-10-14 2018-08-24 阿里巴巴集团控股有限公司 客户端应用的登录方法及其相应的服务器
CN105337735B (zh) * 2014-05-26 2019-06-07 阿里巴巴集团控股有限公司 数字证书处理及校验的方法和装置
US10313264B2 (en) * 2014-05-28 2019-06-04 Apple Inc. Sharing account data between different interfaces to a service
CN104268457B (zh) * 2014-09-22 2017-07-25 联想(北京)有限公司 信息处理方法、电子设备和服务器
CN106302308B (zh) 2015-05-12 2019-12-24 阿里巴巴集团控股有限公司 一种信任登录方法和装置

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030233329A1 (en) * 2001-12-06 2003-12-18 Access Systems America, Inc. System and method for providing subscription content services to mobile devices
US20140082715A1 (en) * 2012-09-19 2014-03-20 Secureauth Corporation Mobile multifactor single-sign-on authentication

Also Published As

Publication number Publication date
US10673834B2 (en) 2020-06-02
US20200287886A1 (en) 2020-09-10
JP2018519569A (ja) 2018-07-19
EP3297243A4 (en) 2018-11-07
US10917397B2 (en) 2021-02-09
US20180097801A1 (en) 2018-04-05
JP6756738B2 (ja) 2020-09-16
CN106302308B (zh) 2019-12-24
WO2016180171A1 (zh) 2016-11-17
KR20180008592A (ko) 2018-01-24
EP3297243A1 (en) 2018-03-21
CN106302308A (zh) 2017-01-04
SG11201708989QA (en) 2017-11-29
EP3297243B1 (en) 2021-07-07

Similar Documents

Publication Publication Date Title
KR102150750B1 (ko) 신뢰받는 로그인 방법 및 장치
US20210226987A1 (en) Edge network-based account protection service
EP3073699B1 (en) System and method for controlling mutual access of smart devices
US9356928B2 (en) Mechanisms to use network session identifiers for software-as-a-service authentication
CN114679293A (zh) 基于零信任安全的访问控制方法、设备及存储介质
EP3316544B1 (en) Token generation and authentication method, and authentication server
CN106656911B (zh) 一种Portal认证方法、接入设备和管理服务器
US20180205720A1 (en) Enabling Setting Up A Secure Peer-To-Peer Connection
US20160381001A1 (en) Method and apparatus for identity authentication between systems
CN110690972B (zh) 令牌认证方法、装置、电子设备及存储介质
CN105554098A (zh) 一种设备配置方法、服务器及系统
CN111245791B (zh) 一种通过反向代理实现管理和it服务的单点登录方法
CA2762706A1 (en) Method and system for securing communication sessions
Huang et al. A token-based user authentication mechanism for data exchange in RESTful API
CN114389890A (zh) 一种用户请求的代理方法、服务器及存储介质
Van Delft et al. A security analysis of OpenID
CN112929388A (zh) 网络身份跨设备应用快速认证方法和系统、用户代理设备
CN111786996A (zh) 一种跨域同步登录态的方法、装置及跨域同步登录系统
CN103957189A (zh) 应用程序之间的交互方法和装置
CN111092958A (zh) 一种节点接入方法、装置、系统及存储介质
CN113726807A (zh) 一种网络摄像机访问方法、设备、系统及存储介质
JP2023081604A (ja) 認証システム、認証端末、認証サーバ及び認証プログラム
CN116318811B (zh) 一种基于受信节点的网络请求校验鉴权方法及设备
CN120224187B (zh) 一种基于5g消息的免密登录方法和系统
HK1232697B (zh) 一种信任登录方法和装置

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20171212

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
A201 Request for examination
PA0201 Request for examination

Patent event code: PA02012R01D

Patent event date: 20190802

Comment text: Request for Examination of Application

A302 Request for accelerated examination
PA0302 Request for accelerated examination

Patent event date: 20190920

Patent event code: PA03022R01D

Comment text: Request for Accelerated Examination

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

Comment text: Notification of reason for refusal

Patent event date: 20200109

Patent event code: PE09021S01D

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

Patent event code: PE07011S01D

Comment text: Decision to Grant Registration

Patent event date: 20200713

GRNT Written decision to grant
PR0701 Registration of establishment

Comment text: Registration of Establishment

Patent event date: 20200826

Patent event code: PR07011E01D

PR1002 Payment of registration fee

Payment date: 20200826

End annual number: 3

Start annual number: 1

PG1601 Publication of registration
PR1001 Payment of annual fee

Payment date: 20230810

Start annual number: 4

End annual number: 4

PR1001 Payment of annual fee

Payment date: 20240725

Start annual number: 5

End annual number: 5