TW201818286A - Server login authentication system and method thereof - Google Patents

Server login authentication system and method thereof Download PDF

Info

Publication number
TW201818286A
TW201818286A TW105136917A TW105136917A TW201818286A TW 201818286 A TW201818286 A TW 201818286A TW 105136917 A TW105136917 A TW 105136917A TW 105136917 A TW105136917 A TW 105136917A TW 201818286 A TW201818286 A TW 201818286A
Authority
TW
Taiwan
Prior art keywords
verification
information
server
login
smart device
Prior art date
Application number
TW105136917A
Other languages
Chinese (zh)
Other versions
TWI579729B (en
Inventor
郭錫勳
郭世崇
Original Assignee
南開科技大學
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 南開科技大學 filed Critical 南開科技大學
Priority to TW105136917A priority Critical patent/TWI579729B/en
Application granted granted Critical
Publication of TWI579729B publication Critical patent/TWI579729B/en
Publication of TW201818286A publication Critical patent/TW201818286A/en

Links

Abstract

A server login verification system and a method thereof are provided. Login information is transferred to a server from a client for login. A verification request is generated by the server and the verification request is transferred to a smart device from the server. First verification information is calculated according to unique code of the smart device and system time of the smart device and the first verification information is transferred to the server from the smart device. Second verification information is calculated according to unique code of the smart device and system time of the smart device. The login information is log in to the server when the first verification information and the second verification information are matched by the server. Therefore, the improve efficiency of security of server login verification may be achieved.

Description

伺服器登入驗證系統及其方法Server login verification system and method thereof

一種登入驗證系統及其方法,尤其是指一種當客戶端登入伺服端時藉由智慧型裝置提供驗證資訊以進行登入驗證的伺服器登入驗證系統及其方法。A login verification system and method thereof, in particular, a server login verification system and method thereof for providing login verification by a smart device when a client logs in to a server.

隨著網際網路的快速發展,網路服務已經變成現代人不可或缺的一部分,現有的網路服務大部分是以帳號與密碼的登入驗證機制進行,然而這種以帳號與密碼的登入驗證機制所提供的網路服務對於安全性的考量上仍存在有問題。With the rapid development of the Internet, Internet services have become an indispensable part of modern people. Most of the existing Internet services are based on the login and authentication mechanism of account and password. However, this login verification with account and password. The network services provided by the mechanism still have problems with security considerations.

僅依據帳號與密碼的登入驗證機制存在的問題在於帳號與密碼容易被盜用,在帳號與密碼被盜用時,即可輕易的以使用者的帳號登入以享受到網路服務,因此需要使用者時常更新記憶自己的帳號新的密碼。The problem with the login and authentication mechanism based on account and password is that the account and password are easily stolen. When the account and password are stolen, you can easily log in to the user's account to enjoy the network service. Update the new password for remembering your own account.

綜上所述,可知先前技術中長期以來一直存在現有使用帳號與密碼以進行登入驗證存在安全性不足的問題,因此有必要提出改進的技術手段,來解決此一問題。In summary, it can be seen that there has been a problem in the prior art that the existing use of an account and a password for login verification has insufficient security. Therefore, it is necessary to propose an improved technical means to solve this problem.

有鑒於先前技術存在現有使用帳號與密碼以進行登入驗證存在安全性不足的問題,本發明遂揭露一種伺服器登入驗證系統及其方法,其中:In view of the prior art, there is a problem that the existing account and password are used for login verification, and the present invention discloses a server login verification system and a method thereof, wherein:

本發明所揭露的伺服器登入驗證系統,其包含:客戶端、驗證應用程式以及伺服端,客戶端更包含:客戶端接收模組以及客戶端傳送模組;驗證應用程式被安裝且背景執行於智慧型裝置中,驗證應用程式更包含:應用程式接收模組、應用程式計算模組以及應用程式傳送模組;伺服端更包含:資料庫、伺服端接收模組、生成模組、查詢模組、伺服端傳送模組、伺服端計算模組以及比對模組。The server login verification system disclosed by the present invention comprises: a client, a verification application, and a server. The client further includes: a client receiving module and a client transmitting module; the verification application is installed and the background is executed by In the smart device, the verification application further includes: an application receiving module, an application computing module and an application transmitting module; the server further includes: a database, a server receiving module, a generating module, and a query module. , servo-side transmission module, servo-side calculation module, and comparison module.

客戶端的客戶端接收模組是用以接收登入資訊,登入資訊包含帳號與密碼;及客戶端的客戶端傳送模組是用以傳送登入資訊。The client's client receiving module is used to receive login information, the login information includes an account number and a password; and the client's client delivery module is used to transmit login information.

驗證應用程式的應用程式接收模組是用以接收驗證請求;驗證應用程式的應用程式計算模組是用以當應用程式接收模組接收到驗證請求時,依據智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第一驗證資訊;及驗證應用程式的應用程式傳送模組是用以傳送智慧型裝置的系統時間以及第一驗證資訊。The application receiving module of the verification application is used to receive the verification request; the application computing module of the verification application is used to receive the verification request when the application receiving module receives the verification request, according to the unique code of the smart device and the smart type. The system time of the device calculates the first verification information; and the application transmission module of the verification application is a system time for transmitting the smart device and the first verification information.

伺服端的資料庫是用以預先對應儲存登入資訊、驗證應用程式連線資訊以及智慧型裝置的唯一碼;伺服端的生成模組是用以當伺服端接收模組接收到登入資訊時,生成驗證請求;伺服端的伺服端接收模組是用以自客戶端傳送模組接收登入資訊,以及自應用程式傳送模組接收智慧型裝置的系統時間以及第一驗證資訊;伺服端的查詢模組是用以當伺服端接收模組接收到登入資訊時,依據登入資訊自資料庫中查詢出對應的驗證應用程式連線資訊以及智慧型裝置的唯一碼;伺服端的伺服端傳送模組是用以依據被查詢出的驗證應用程式連線資訊建立與驗證應用程式的連線,並傳送驗證請求至應用程式接收模組;伺服端的伺服端計算模組是用以當伺服端接收模組接收到智慧型裝置的系統時間時,依據被查詢出的智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第二驗證資訊;及伺服端的比對模組是用以比對第一驗證資訊以及第二驗證資訊,當第一驗證資訊與第二驗證資訊比對相符時,則登入資訊完成登入程序。The server database is used to pre-store the login information, verify the application connection information, and the unique code of the smart device. The server generation module is used to generate the verification request when the server receiving module receives the login information. The servo end receiving module of the server is used for receiving login information from the client transmitting module, and receiving the system time and the first verification information of the smart device from the application transmitting module; the query module of the server is used for When the server receiving module receives the login information, the corresponding authentication application connection information and the unique code of the smart device are queried from the database according to the login information; the servo end transmission module of the server is used to be queried according to the query. The verification application connection information establishes a connection with the verification application and transmits the verification request to the application receiving module; the servo end computing module of the server is a system for receiving the smart device when the server receives the module. Time, based on the unique code of the intelligent device being queried and the system time meter of the smart device The second authentication information; and servo modules are aligned end to match the first authentication information and second authentication information, when the first authentication information and second authentication information when the comparison matches, the login procedure is completed sign.

本發明所揭露的伺服器登入驗證方法,其包含下列步驟:The server login verification method disclosed in the present invention comprises the following steps:

首先,提供客戶端;接著,提供預先對應儲存登入資訊、驗證應用程式連線資訊以及智慧型裝置的唯一碼的伺服端,登入資訊包含帳號與密碼;接著,提供安裝且背景執行於智慧型裝置的驗證應用程式;接著,客戶端接收登入資訊,並傳送登入資訊至伺服端;接著,當伺服端接收到登入資訊時,生成驗證請求;接著,伺服端依據登入資訊查詢出對應的驗證應用程式連線資訊以及智慧型裝置的唯一碼;接著,伺服端依據被查詢出的驗證應用程式連線資訊建立與驗證應用程式的連線,並傳送驗證請求至驗證應用程式;接著,驗證應用程式依據智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第一驗證資訊;接著,驗證應用程式傳送智慧型裝置的系統時間以及第一驗證資訊至伺服端;接著,伺服端依據被查詢出的智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第二驗證資訊;最後,伺服端比對第一驗證資訊以及第二驗證資訊,當第一驗證資訊與第二驗證資訊比對相符時,則登入資訊完成登入程序。First, a client is provided; then, a server that provides a unique code for storing the login information, verifying the application connection information, and the smart device in advance, the login information includes the account number and the password; and then providing the installation and the background execution on the smart device The verification application; then, the client receives the login information and transmits the login information to the server; then, when the server receives the login information, generates a verification request; then, the server queries the corresponding verification application according to the login information. The connection information and the unique code of the smart device; then, the server establishes a connection with the verification application according to the verified verification application connection information, and transmits the verification request to the verification application; and then verifies the application basis The unique code of the smart device and the system time of the smart device calculate the first verification information; then, the verification application transmits the system time of the smart device and the first verification information to the server; then, the server is queried according to the query Unique code for smart devices and smart devices The system calculates the time of the second verification information; Finally, the servo end than the first authentication information and the second authentication information, when the first authentication information and second authentication information when the comparison matches, the login procedure is completed sign.

本發明所揭露的系統及方法如上,與先前技術之間的差異在於客戶端發送登入資訊至伺服端進行登入時,伺服端生成驗證請求並發送至驗證應用程式,驗證應用程式依據智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第一驗證資訊並反饋回伺服端,伺服端再依據智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第二驗證資訊,當第一驗證資訊以及第二驗證資訊比對相符時,則登入資訊完成登入程序。The system and method disclosed in the present invention are as above. The difference between the prior art and the prior art is that when the client sends the login information to the server for login, the server generates a verification request and sends the verification request to the verification application, and the verification application is based on the smart device. The unique code and the system time of the smart device calculate the first verification information and feed back to the server, and the server calculates the second verification information according to the unique code of the smart device and the system time of the smart device, when the first verification information And when the second verification information matches, the login information completes the login procedure.

透過上述的技術手段,本發明可以達成提高伺服器登入驗證安全性的技術功效。Through the above technical means, the present invention can achieve the technical effect of improving the security of the server login verification.

以下將配合圖式及實施例來詳細說明本發明的實施方式,藉此對本發明如何應用技術手段來解決技術問題並達成技術功效的實現過程能充分理解並據以實施。The embodiments of the present invention will be described in detail below with reference to the drawings and embodiments, so that the application of the technical means to solve the technical problems and achieve the technical effects can be fully understood and implemented.

以下首先要說明本發明所揭露的伺服器登入驗證系統,並請參考「第1圖」、「第2A圖」、「第2B圖」以及「第3圖」所示,「第1圖」繪示為本發明伺服器登入驗證系統的系統方塊圖;「第2圖」繪示為本發明伺服器登入驗證方法的方法流程圖;「第3圖」繪示為本發明伺服器登入驗證系統的架構示意圖。The following is a description of the server login verification system disclosed in the present invention. Please refer to "1", "2A", "2B" and "3", "1" The system block diagram of the server login verification system of the present invention; FIG. 2 is a flowchart of a method for verifying the login method of the server of the present invention; and FIG. 3 is a schematic diagram of the server login verification system of the present invention. Schematic diagram of the architecture.

本發明所揭露的伺服器登入驗證系統,其包含:客戶端10、驗證應用程式20以及伺服端30,客戶端10更包含:客戶端接收模組11以及客戶端傳送模組12;驗證應用程式20被安裝且背景執行於智慧型裝置40中,驗證應用程式20更包含:應用程式接收模組21、應用程式計算模組22以及應用程式傳送模組23;伺服端30更包含:資料庫31、伺服端接收模組32、生成模組33、查詢模組34、伺服端傳送模組35、伺服端計算模組36以及比對模組37。The server login verification system disclosed in the present invention comprises: a client 10, a verification application 20, and a server 30. The client 10 further includes: a client receiving module 11 and a client transmitting module 12; and a verification application. The server 20 is installed and the background is executed in the smart device 40. The verification application 20 further includes: an application receiving module 21, an application computing module 22, and an application transmitting module 23. The server 30 further includes: a database 31. The server receiving module 32, the generating module 33, the query module 34, the server transmitting module 35, the server computing module 36, and the comparing module 37 are provided.

使用者需要透過客戶端10(步驟101)登入於伺服端30時,使用者可於客戶端10所提供的使用者介面輸入帳號與密碼,帳號與密碼即為登入資訊51,並當使用者於使用者介面輸入登入資訊51完成後,客戶端10的客戶端接收模組11即可自使用者介面接收登入資訊51,上述的客戶端10可以是一般電腦、筆記型電腦、平板電腦、智慧型裝置…等,在此僅為舉例說明之,並不以此侷限本發明的應用範疇。When the user needs to log in to the server 30 through the client 10 (step 101), the user can input the account and password in the user interface provided by the client 10. The account and password are the login information 51, and the user After the user interface input login information 51 is completed, the client receiving module 11 of the client 10 can receive the login information 51 from the user interface. The client 10 can be a general computer, a notebook computer, a tablet computer, or a smart type. The device, etc., is for illustrative purposes only and is not intended to limit the scope of application of the invention.

在客戶端10的客戶端接收模組11自使用者介面接收登入資訊51之後,客戶端10即會與伺服端30建立連線,客戶端10與伺服端30是透過有線傳輸方式(例如:光纖網路、電纜網路…等,在此僅為舉例說明之,並不以此侷限本發明的應用範疇)或是無線傳輸方式(例如:Wi-Fi、第三代行動通訊技術、第四代行動通訊技術…等,在此僅為舉例說明之,並不以此侷限本發明的應用範疇)建立連線,以透過客戶端10的客戶端傳送模組12傳送登入資訊51至伺服端30(步驟104)。After the client receiving module 11 receives the login information 51 from the user interface, the client 10 establishes a connection with the server 30, and the client 10 and the server 30 communicate by wire (for example, optical fiber). Network, cable network, etc., are for illustrative purposes only, and are not intended to limit the scope of application of the present invention or wireless transmission methods (eg, Wi-Fi, third generation mobile communication technology, fourth generation) The mobile communication technology, etc., is merely illustrative here, and is not limited to the application scope of the present invention. The connection is established to transmit the login information 51 to the server 30 through the client transmission module 12 of the client 10. Step 104).

在伺服端30中會預先建立並對應儲存登入資訊、驗證應用程式連線資訊以及智慧型裝置40的唯一碼的資料庫31(步驟102),登入資訊、驗證應用程式連線資訊以及智慧型裝置40的唯一碼即是使用者註冊時提供給伺服端30的資料。In the server 30, a database 31 for storing login information, verifying application connection information, and unique code of the smart device 40 is pre-established (step 102), login information, verification application connection information, and smart device. The unique code of 40 is the data provided to the server 30 when the user registers.

在伺服端30的伺服端接收模組32自客戶端10的客戶端傳送模組12接收登入資訊51後,伺服端30的生成模組33即可生成驗證請求52(步驟105),以及伺服端30的查詢模組34即可依據登入資訊自伺服端30的資料庫31中查詢出對應的驗證應用程式連線資訊以及智慧型裝置40的唯一碼(步驟106),若伺服端30的查詢模組34無法依據登入資訊51自伺服端30的資料庫31中查詢出對應的驗證應用程式連線資訊以及智慧型裝置40的唯一碼時,則終止登入資訊51的登入程序。After the server receiving module 32 of the server 30 receives the login information 51 from the client transmitting module 12 of the client 10, the generating module 33 of the server 30 can generate the verification request 52 (step 105), and the server. The query module 34 of 30 can query the corresponding verification application connection information and the unique code of the smart device 40 from the database 31 of the server 30 according to the login information (step 106), if the query mode of the server 30 When the group 34 cannot query the corresponding verification application connection information and the unique code of the smart device 40 from the database 31 of the server 30 according to the login information 51, the login program of the login information 51 is terminated.

在伺服端30的查詢模組34依據登入資訊51自伺服端30的資料庫31中查詢出對應的驗證應用程式連線資訊以及智慧型裝置40的唯一碼之後,伺服端30即可依據由伺服端30的查詢模組34所查詢出的驗證應用程式連線資訊建立與驗證應用程式20的連線,並由伺服端30的伺服端傳送模組35傳送驗證請求52至驗證應用程式20(步驟107),上述驗證應用程式20是被安裝且背景執行於智慧型裝置40中(步驟103),驗證應用程式20即可透過驗證應用程式20的應用程式接收模組21自伺服端30的伺服端傳送模組34接收驗證請求52。After the query module 34 of the server 30 queries the corresponding verification application connection information and the unique code of the smart device 40 from the database 31 of the server 30 according to the login information 51, the server 30 can be based on the servo. The verification application connection information queried by the query module 34 of the terminal 30 establishes a connection with the verification application 20, and the server end transfer module 52 of the server 30 transmits the verification request 52 to the verification application 20 (step 107), the verification application 20 is installed and the background is executed in the smart device 40 (step 103), and the verification application 20 can receive the module 21 from the server end of the server 30 through the application of the verification application 20. The delivery module 34 receives the verification request 52.

在驗證應用程式20的應用程式接收模組21自伺服端30的伺服端傳送模組35接收驗證請求之後,驗證應用程式20的應用程式計算模組22即可依據智慧型裝置40的唯一碼以及智慧型裝置40的系統時間53計算出第一驗證資訊54(步驟108),驗證應用程式20的應用程式計算模組22是依據雜湊演算法將智慧型裝置40的唯一碼以及智慧型裝置40的系統時間53所計算出的雜湊值作為第一驗證資訊54。After the application receiving module 21 of the verification application 20 receives the verification request from the server transmission module 35 of the server 30, the application computing module 22 of the verification application 20 can be based on the unique code of the smart device 40 and The system time 53 of the smart device 40 calculates the first verification information 54 (step 108), and the application computing module 22 of the verification application 20 is the unique code of the smart device 40 and the smart device 40 according to the hash algorithm. The hash value calculated by the system time 53 is taken as the first verification information 54.

在驗證應用程式20的應用程式計算模組22依據智慧型裝置40的唯一碼以及智慧型裝置40的系統時間53計算出第一驗證資訊54之後,即可再透過驗證應用程式20的應用程式傳送模組23將智慧型裝置40的系統時間53以及第一驗證資訊54至伺服端30(步驟109)。After the application computing module 22 of the verification application 20 calculates the first verification information 54 according to the unique code of the smart device 40 and the system time 53 of the smart device 40, the application can be transmitted through the verification application 20 again. The module 23 sets the system time 53 of the smart device 40 and the first verification information 54 to the server 30 (step 109).

伺服端30的伺服端接收模組32即可自驗證應用程式20的應用程式傳送模組23接收智慧型裝置40的系統時間53以及第一驗證資訊54,接著,伺服端30的伺服端計算模組36會依據由伺服端30的查詢模組34所查詢出的智慧型裝置40的唯一碼以及由伺服端30的伺服端接收模組32所接收到的智慧型裝置40的系統時間53計算出第二驗證資訊(步驟110),伺服端30的伺服端計算模組36是依據與驗證應用程式20的應用程式計算模組22相同的雜湊演算法將由伺服端30的查詢模組34所查詢出的智慧型裝置40的唯一碼以及由伺服端30的伺服端接收模組32所接收到的智慧型裝置40的系統時間53所計算出的雜湊值作為第二驗證資訊。The server receiving module 32 of the server 30 can receive the system time 53 of the smart device 40 and the first verification information 54 from the application transmitting module 23 of the verification application 20, and then the servo computing module of the server 30 The group 36 is calculated based on the unique code of the smart device 40 queried by the query module 34 of the server 30 and the system time 53 of the smart device 40 received by the servo terminal receiving module 32 of the server 30. The second verification information (step 110), the server computing module 36 of the server 30 is queried by the query module 34 of the server 30 according to the same hash algorithm as the application computing module 22 of the verification application 20. The unique code of the smart device 40 and the hash value calculated by the system time 53 of the smart device 40 received by the servo terminal receiving module 32 of the server 30 are used as the second verification information.

接著,伺服端30的比對模組37即可對伺服端30的伺服端接收模組32所接收到的第一驗證資訊52以及伺服端30的伺服端計算模組36所計算出的第二驗證資訊進行比對,當伺服端30的比對模組37比對第一驗證資訊52以及第二驗證資訊相符時,則登入資訊51完成伺服端30的登入程序(步驟111),當伺服端30的比對模組37比對第一驗證資訊52以及第二驗證資訊不相符時,則終止登入資訊51的登入程序。Then, the comparison module 37 of the servo end 30 can obtain the first verification information 52 received by the servo end receiving module 32 of the servo end 30 and the second calculated by the servo end calculating module 36 of the servo end 30. When the verification information is compared, when the comparison module 37 of the server 30 matches the first verification information 52 and the second verification information, the login information 51 completes the login procedure of the server 30 (step 111), when the server When the comparison module 37 of 30 does not match the first verification information 52 and the second verification information, the login procedure of the login information 51 is terminated.

綜上所述,可知本發明與先前技術之間的差異在於客戶端發送登入資訊至伺服端進行登入時,伺服端生成驗證請求並發送至驗證應用程式,驗證應用程式依據智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第一驗證資訊並反饋回伺服端,伺服端再依據智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第二驗證資訊,當第一驗證資訊以及第二驗證資訊比對相符時,則登入資訊完成登入程序。In summary, it can be seen that the difference between the present invention and the prior art is that when the client sends the login information to the server for login, the server generates a verification request and sends it to the verification application to verify the unique code of the application according to the smart device. And the system time of the smart device calculates the first verification information and feeds back to the server, and the server calculates the second verification information according to the unique code of the smart device and the system time of the smart device, when the first verification information and the first When the verification information matches, the login information completes the login process.

藉由此一技術手段可以來解決先前技術所存在現有使用帳號與密碼以進行登入驗證存在安全性不足的問題,進而達成提高伺服器登入驗證安全性的技術功效。The technical problem of improving the security of the server login verification by the existing technology using the existing account and password for login verification is solved by the prior art.

雖然本發明所揭露的實施方式如上,惟所述的內容並非用以直接限定本發明的專利保護範圍。任何本發明所屬技術領域中具有通常知識者,在不脫離本發明所揭露的精神和範圍的前提下,可以在實施的形式上及細節上作些許的更動。本發明的專利保護範圍,仍須以所附的申請專利範圍所界定者為準。While the embodiments of the present invention have been described above, the above description is not intended to limit the scope of the invention. Any changes in the form and details of the embodiments may be made without departing from the spirit and scope of the invention. The scope of the invention is to be determined by the scope of the appended claims.

10‧‧‧客戶端10‧‧‧Client

11‧‧‧客戶端接收模組11‧‧‧Client Receiver Module

12‧‧‧客戶端傳送模組12‧‧‧Client Transmitter Module

20‧‧‧驗證應用程式20‧‧‧Verification application

21‧‧‧應用程式接收模組21‧‧‧Application Receiver Module

22‧‧‧應用程式計算模組22‧‧‧Application Computing Module

23‧‧‧應用程式傳送模組23‧‧‧Application Transfer Module

30‧‧‧伺服端30‧‧‧Server

31‧‧‧資料庫31‧‧‧Database

32‧‧‧伺服端接收模組32‧‧‧Servo Receiver Module

33‧‧‧生成模組33‧‧‧Generation module

34‧‧‧查詢模組34‧‧‧Query Module

35‧‧‧伺服端傳送模組35‧‧‧Servo transmission module

36‧‧‧伺服端計算模組36‧‧‧Server computing module

37‧‧‧比對模組37‧‧‧ comparison module

40‧‧‧智慧型裝置40‧‧‧Smart device

51‧‧‧登入資訊51‧‧‧ Login Information

52‧‧‧驗證請求52‧‧‧Verification request

53‧‧‧系統時間53‧‧‧System time

54‧‧‧第一驗證資訊54‧‧‧First verification information

步驟 101‧‧‧提供客戶端Step 101‧‧‧Providing client

步驟 102‧‧‧提供預先對應儲存登入資訊、驗證應用程式連線資訊以及智慧型裝置的唯一碼的伺服端,登入資訊包含帳號與密碼Step 102‧‧‧ Provide a server that pre-configures the login information, verifies the application connection information, and the unique code of the smart device. The login information includes the account number and password.

步驟 103‧‧‧提供安裝且背景執行於智慧型裝置的驗證應用程式Step 103‧‧‧ Providing a verification application with the background installed on the smart device

步驟 104‧‧‧客戶端接收登入資訊,並傳送登入資訊至伺服端Step 104‧‧‧ The client receives the login information and sends the login information to the server

步驟 105‧‧‧當伺服端接收到登入資訊時,生成驗證請求Step 105‧‧‧ Generate verification request when the server receives the login information

步驟 106‧‧‧伺服端依據登入資訊查詢出對應的驗證應用程式連線資訊以及智慧型裝置的唯一碼Step 106‧‧‧ The server will query the corresponding verification application connection information and the unique code of the smart device based on the login information.

步驟 107‧‧‧伺服端依據被查詢出的驗證應用程式連線資訊建立與驗證應用程式的連線,並傳送驗證請求至驗證應用程式Step 107‧‧‧ The server establishes a connection with the verification application based on the verified verification application connection information, and transmits the verification request to the verification application.

步驟 108‧‧‧驗證應用程式依據智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第一驗證資訊Step 108‧‧‧ The verification application calculates the first verification information based on the unique code of the smart device and the system time of the smart device

步驟 109‧‧‧驗證應用程式傳送智慧型裝置的系統時間以及第一驗證資訊至伺服端Step 109‧‧‧ Verify that the application transmits the system time of the smart device and the first verification information to the server

步驟 110‧‧‧伺服端依據被查詢出的智慧型裝置的唯一碼以及智慧型裝置的系統時間計算出第二驗證資訊Step 110‧‧ The server verifies the second verification information according to the unique code of the intelligent device being queried and the system time of the smart device

步驟 111‧‧‧伺服端比對第一驗證資訊以及第二驗證資訊,當第一驗證資訊與第二驗證資訊比對相符時,則登入資訊完成登入程序Step 111‧‧‧ The server compares the first verification information and the second verification information, and when the first verification information and the second verification information match, the login information completes the login procedure

第1圖繪示為本發明伺服器登入驗證系統的系統方塊圖。 第2A圖以及第2B圖繪示為本發明伺服器登入驗證方法的方法流程圖。 第3圖繪示為本發明伺服器登入驗證系統的架構示意圖。FIG. 1 is a system block diagram of a server login verification system according to the present invention. 2A and 2B are flowcharts showing the method of the server login verification method of the present invention. FIG. 3 is a schematic diagram showing the architecture of the server login verification system of the present invention.

Claims (10)

一種伺服器登入驗證系統,其包含: 一客戶端,所述客戶端更包含: 一客戶端接收模組,用以接收一登入資訊,所述登入資訊包含一帳號與一密碼;及 一客戶端傳送模組,用以傳送所述登入資訊; 一驗證應用程式,所述驗證應用程式被安裝且背景執行於一智慧型裝置中,所述驗證應用程式更包含: 一應用程式接收模組,用以接收一驗證請求; 一應用程式計算模組,用以當所述應用程式接收模組接收到所述驗證請求時,依據所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出一第一驗證資訊;及 一應用程式傳送模組,用以傳送所述智慧型裝置的系統時間以及所述第一驗證資訊;及 一伺服端,所述伺服端更包含: 一資料庫,用以預先對應儲存所述登入資訊、一驗證應用程式連線資訊以及所述智慧型裝置的唯一碼; 一伺服端接收模組,用以自所述客戶端傳送模組接收所述登入資訊,以及自所述應用程式傳送模組接收所述智慧型裝置的系統時間以及所述第一驗證資訊; 一生成模組,用以當所述伺服端接收模組接收到所述登入資訊時,生成所述驗證請求; 一查詢模組,用以當所述伺服端接收模組接收到所述登入資訊時,依據所述登入資訊自所述資料庫中查詢出對應的所述驗證應用程式連線資訊以及所述智慧型裝置的唯一碼; 一伺服端傳送模組,用以依據被查詢出的所述驗證應用程式連線資訊建立與所述驗證應用程式的連線,並傳送所述驗證請求至所述應用程式接收模組; 一伺服端計算模組,用以當所述伺服端接收模組接收到所述智慧型裝置的系統時間時,依據被查詢出的所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出一第二驗證資訊;及 一比對模組,用以比對所述第一驗證資訊以及所述第二驗證資訊,當所述第一驗證資訊與所述第二驗證資訊比對相符時,則所述登入資訊完成登入程序。A server login verification system, comprising: a client, the client further comprising: a client receiving module, configured to receive a login information, the login information includes an account and a password; and a client a transmitting module for transmitting the login information; a verification application, the verification application being installed and the background being executed in a smart device, the verification application further comprising: an application receiving module, Receiving a verification request; an application computing module, configured to calculate, according to the unique code of the smart device and the system time of the smart device, when the application receiving module receives the verification request a first verification information; an application transfer module for transmitting the system time of the smart device and the first verification information; and a server, the server further comprising: a database a pre-corresponding storage of the login information, a verification application connection information, and a unique code of the smart device; a server receiving module, Receiving the login information from the client delivery module, and receiving the system time of the smart device from the application delivery module and the first verification information; a generation module for When the server receiving module receives the login information, the verification request is generated; and an inquiry module is configured to: when the server receiving module receives the login information, according to the login information Querying the corresponding verification application connection information and the unique code of the smart device; the server transmitting module is configured to establish the connection information according to the verified verification application a connection with the verification application, and transmitting the verification request to the application receiving module; a server computing module, configured to receive the smart device when the server receiving module receives Calculating a second verification information according to the unique code of the smart device and the system time of the smart device; and a comparison module for comparing Said first authentication information and the second authentication information, when the first authentication information and the second authentication information when the comparison matches, then the login login process is completed. 如申請專利範圍第1項所述的伺服器登入驗證系統,其中所述應用程式計算模組是依據雜湊演算法將所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出的雜湊值為所述第一驗證資訊。The server login verification system according to claim 1, wherein the application calculation module calculates the unique code of the smart device and the system time of the smart device according to a hash algorithm. The hash value is the first verification information. 如申請專利範圍第1項所述的伺服器登入驗證系統,其中所述伺服端計算模組是依據雜湊演算法將被查詢出的所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出的雜湊值為所述第二驗證資訊。The server login verification system according to claim 1, wherein the server calculation module is a unique code of the smart device to be queried according to a hash algorithm and a system of the smart device. The hash value calculated by the time is the second verification information. 如申請專利範圍第1項所述的伺服器登入驗證系統,其中所述查詢模組無法依據所述登入資訊自所述資料庫中查詢出對應的所述驗證應用程式連線資訊以及所述智慧型裝置的唯一碼時,則所述查詢模組終止所述登入資訊的登入程序。The server login verification system of claim 1, wherein the query module cannot query the corresponding verification application connection information and the wisdom from the database according to the login information. The unique module of the type device, the query module terminates the login procedure of the login information. 如申請專利範圍第1項所述的伺服器登入驗證系統,其中當所述第一驗證資訊與所述第二驗證資訊比對不相符時,則所述比對模組終止所述登入資訊的登入程序。The server login verification system of claim 1, wherein when the first verification information does not match the second verification information, the comparison module terminates the login information. Login program. 一種伺服器登入驗證方法,其包含下列步驟: 提供一客戶端; 提供預先對應儲存一登入資訊、一驗證應用程式連線資訊以及一智慧型裝置的唯一碼的一伺服端,所述登入資訊包含一帳號與一密碼; 提供安裝且背景執行於所述智慧型裝置的一驗證應用程式; 所述客戶端接收一登入資訊,並傳送所述登入資訊至一伺服端; 當所述伺服端接收到所述登入資訊時,生成一驗證請求; 所述伺服端依據所述登入資訊查詢出對應的所述驗證應用程式連線資訊以及所述智慧型裝置的唯一碼; 所述伺服端依據被查詢出的所述驗證應用程式連線資訊建立與所述驗證應用程式的連線,並傳送一驗證請求至所述驗證應用程式; 所述驗證應用程式依據所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出一第一驗證資訊; 所述驗證應用程式傳送所述智慧型裝置的系統時間以及所述第一驗證資訊至所述伺服端; 所述伺服端依據被查詢出的所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出一第二驗證資訊;及 所述伺服端比對所述第一驗證資訊以及所述第二驗證資訊,當所述第一驗證資訊與所述第二驗證資訊比對相符時,則所述登入資訊完成登入程序。A server login verification method includes the following steps: providing a client; providing a server that pre-stores a login information, a verification application connection information, and a unique code of a smart device, the login information includes An account and a password; providing a verification application installed on the smart device; the client receiving a login message and transmitting the login message to a server; when the server receives When the login information is generated, a verification request is generated; the server queries the corresponding verification application connection information and the unique code of the smart device according to the login information; the server is queried according to the query The verification application connection information establishes a connection with the verification application and transmits a verification request to the verification application; the verification application is based on the unique code of the smart device and the wisdom The system time of the type device calculates a first verification information; the verification application transmits the smart device a system time and the first verification information to the server; the server calculates a second verification information according to the unique code of the smart device and the system time of the smart device; and The server compares the first verification information and the second verification information, and when the first verification information matches the second verification information, the login information completes the login procedure. 如申請專利範圍第6項所述的伺服器登入驗證方法,其中所述驗證應用程式是依據雜湊演算法將所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出的雜湊值為所述第一驗證資訊。The server login verification method according to claim 6, wherein the verification application is a hash value calculated by a hash algorithm based on a unique code of the smart device and a system time of the smart device. For the first verification information. 如申請專利範圍第6項所述的伺服器登入驗證方法,其中所述伺服端是依據雜湊演算法將被查詢出的所述智慧型裝置的唯一碼以及所述智慧型裝置的系統時間計算出的雜湊值為所述第二驗證資訊。The server login verification method according to claim 6, wherein the server calculates the unique code of the smart device and the system time of the smart device according to a hash algorithm. The hash value is the second verification information. 如申請專利範圍第6項所述的伺服器登入驗證方法,其中所述伺服器登入驗證方法更包含當所述伺服端依據所述登入資訊無法查詢出對應的所述驗證應用程式連線資訊以及所述智慧型裝置的唯一碼時,則終止所述登入資訊的登入程序的步驟。The server login verification method according to the sixth aspect of the invention, wherein the server login verification method further comprises: when the server is unable to query the corresponding verification application connection information according to the login information, When the unique code of the smart device is used, the step of logging in the login information is terminated. 如申請專利範圍第6項所述的伺服器登入驗證方法,其中所述伺服器登入驗證方法更包含當所述第一驗證資訊與所述第二驗證資訊比對不相符時,則則終止所述登入資訊的登入程序的步驟。The server login verification method according to claim 6, wherein the server login verification method further comprises: when the first verification information does not match the second verification information, terminating The steps to log in to the login information.
TW105136917A 2016-11-11 2016-11-11 Server login authentication system and method thereof TWI579729B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW105136917A TWI579729B (en) 2016-11-11 2016-11-11 Server login authentication system and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW105136917A TWI579729B (en) 2016-11-11 2016-11-11 Server login authentication system and method thereof

Publications (2)

Publication Number Publication Date
TWI579729B TWI579729B (en) 2017-04-21
TW201818286A true TW201818286A (en) 2018-05-16

Family

ID=59241364

Family Applications (1)

Application Number Title Priority Date Filing Date
TW105136917A TWI579729B (en) 2016-11-11 2016-11-11 Server login authentication system and method thereof

Country Status (1)

Country Link
TW (1) TWI579729B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111327573B (en) * 2018-12-14 2022-12-02 英业达科技有限公司 Device and method for maintaining log-in state record to transfer data

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5757271A (en) * 1996-11-12 1998-05-26 International Business Machines Corporation Portable computer and method of providing security for an electronic device
JP2009500742A (en) * 2005-07-08 2009-01-08 キャッチャー インコーポレイティド Portable handheld security device

Also Published As

Publication number Publication date
TWI579729B (en) 2017-04-21

Similar Documents

Publication Publication Date Title
WO2022042301A1 (en) Data processing method and apparatus, smart device and storage medium
CN108235806B (en) Method, device and system for safely accessing block chain, storage medium and electronic equipment
WO2017028593A1 (en) Method for making a network access device access a wireless network access point, network access device, application server, and non-volatile computer readable storage medium
US20190173873A1 (en) Identity verification document request handling utilizing a user certificate system and user identity document repository
US9459604B2 (en) Methods and system for joining a smart energy device to a zigbee network
US20070150744A1 (en) Dual authentications utilizing secure token chains
WO2015196908A1 (en) Service processing method, terminal, server and system
CN102685749B (en) Wireless safety authentication method orienting to mobile terminal
US8695072B2 (en) User identification method applicable to network transaction and system thereof
US11711205B2 (en) Unified secure device provisioning
WO2013075661A1 (en) Login and open platform identifying method, open platform and system
CN101527633A (en) System and method for intelligent key devices to obtain digital certificates
WO2016054990A1 (en) Security check method, device, terminal and server
CN105191293A (en) Advertising download verification
WO2020057314A1 (en) Method, device and system for issuing esim certificate online
WO2023174038A1 (en) Data transmission method and related device
WO2021031741A1 (en) Voip processing method, device, and terminal
CN102970308A (en) User authentication method and server
TW201417551A (en) Symmetric dynamic authentication and key exchange system and the method thereof
CN110910110A (en) Data processing method and device and computer storage medium
TWI579729B (en) Server login authentication system and method thereof
CN111865761B (en) Social chat information evidence storing method based on block chain intelligent contracts
CN102752308A (en) Network-based digital certificate comprehensive service providing system and implementation method thereof
CN102790757A (en) User identification method and system for network transaction
CN202197405U (en) Wireless safe secret key apparatus and electronic business system

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees