WO2016078526A1 - Procédé et dispositif pour stocker et vérifier des informations - Google Patents

Procédé et dispositif pour stocker et vérifier des informations Download PDF

Info

Publication number
WO2016078526A1
WO2016078526A1 PCT/CN2015/094311 CN2015094311W WO2016078526A1 WO 2016078526 A1 WO2016078526 A1 WO 2016078526A1 CN 2015094311 W CN2015094311 W CN 2015094311W WO 2016078526 A1 WO2016078526 A1 WO 2016078526A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
verification
location
standard
node
Prior art date
Application number
PCT/CN2015/094311
Other languages
English (en)
Chinese (zh)
Inventor
肖存
Original Assignee
阿里巴巴集团控股有限公司
肖存
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司, 肖存 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2016078526A1 publication Critical patent/WO2016078526A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present application relates to the field of computer technologies, and in particular, to a method and an apparatus for information storage and verification.
  • the way to input the user name and password through the keyboard is not convenient for the user to input the verification information. Therefore, the form of the verification information is increasingly diversified, and biometric information such as fingerprints and palm prints are verified as verification information. the way.
  • biometric information such as fingerprints and palm prints are verified as verification information. the way.
  • the following takes the verification information as a fingerprint as an example for description.
  • the user When registering an account, the user needs to submit his fingerprint information to the server, and the server establishes a correspondence between the fingerprint information and the account registered by the user, and stores the fingerprint information as standard information.
  • the user can send the fingerprint information to the server, and the server uses the received fingerprint information as the verification information, and matches the verification information with all the standard information saved by the user one by one. And determining the standard information that the matching degree with the verification information is higher than the set threshold, and then logging in the determined account corresponding to the standard information, and providing the service to the user through the login account. In this way, the user does not need to enter their username and password, and can log in to their account by submitting their own fingerprint.
  • the server is also burdened.
  • the embodiment of the present invention provides a method and a device for storing and verifying information, which are used to solve the problem of low verification efficiency and large server burden in the prior art.
  • the verification information is verified according to each standard information corresponding to the position information stored in advance.
  • the standard information corresponding to the account is stored as standard information corresponding to the specified location information.
  • a receiving module configured to receive verification information sent by the terminal
  • a positioning module configured to determine location information of the terminal
  • a verification module configured to perform verification on the verification information according to each standard information corresponding to the location information saved in advance.
  • a monitoring module configured to monitor location information of a terminal that performs operations by using an account
  • a recording module configured to record the number of times the operation is performed on each location information by using the account
  • a determining module configured to determine location information with the highest number of records as the specified location information
  • a storage module configured to store standard information corresponding to the account as the standard information corresponding to the specified location information.
  • An embodiment of the present application provides a method and an apparatus for information checksum storage, where the method server receives The verification information sent by the terminal is determined, and the location information of the terminal is determined, and the verification information is verified according to each standard information corresponding to the location information saved in advance.
  • the server only needs to match the received verification information with each standard information corresponding to the location information of the terminal, and does not need to match the verification information with all the stored standard information, thereby effectively Improve verification efficiency and reduce the burden on the server.
  • FIG. 1 is a process of information verification provided by an embodiment of the present application
  • FIG. 2 is a schematic diagram of a location node tree according to an embodiment of the present application.
  • FIG. 3 is a process of verifying the verification information by the server according to other standard information stored in advance according to an embodiment of the present application;
  • FIG. 4 is a schematic structural diagram of an apparatus for verifying information according to an embodiment of the present application.
  • FIG. 5 is a schematic structural diagram of an apparatus for storing information according to an embodiment of the present application.
  • FIG. 1 is a process of information verification provided by an embodiment of the present application, which specifically includes the following steps:
  • S101 Receive verification information sent by the terminal.
  • the user when logging in an account, the user first sends the server to the server through the terminal. Checking the information, the server allows the user to log in to the account after the verification of the verification information is successful.
  • the verification information includes biometric information, such as fingerprint, palm print, iris, and the like.
  • S102 Determine location information of the terminal.
  • the terminal When the terminal sends the verification information to the server, the terminal usually sends the Internet Protocol (IP) address of the terminal to the server, that is, reports the source IP address to the server, so that the server can receive the location according to the received address.
  • IP Internet Protocol
  • the source IP address carried in the information determines the location information of the terminal.
  • the server may pre-store the correspondence between the IP address and the location information.
  • the server may determine the location information corresponding to the source IP address according to the source IP address carried in the location information. As the determined location information of the terminal.
  • the terminal can also report its own location information to the server by using other methods.
  • the Global Positioning System GPS
  • the terminal can also report its own location information to the server by using other methods.
  • GPS Global Positioning System
  • S103 Verify the verification information according to each standard information corresponding to the location information saved in advance.
  • the server pre-stores the correspondence between the location information and the standard information, where one standard information only corresponds to one location information, and one location information may correspond to multiple standard information.
  • the standard information corresponding to Beijing may be fingerprint A and fingerprint B
  • the standard information corresponding to Shanghai may be fingerprint C, fingerprint D, and fingerprint E.
  • the verification information can be verified only according to the stored standard information corresponding to the location information, that is, only the school is
  • the standard information of the verification information corresponding to the location information of the terminal may be matched one by one, without matching the verification information with the full amount of standard information.
  • the server can only match the verification information with the fingerprint A and the fingerprint B corresponding to Beijing, without matching the verification information with the fingerprints A to E, thereby effectively improving the verification efficiency and reducing the efficiency.
  • the burden on the server is
  • the method for the server to establish and store the correspondence between the location information and the standard information may be: the server monitors, for an account, location information of the terminal that performs operations through the account, and records the location of the account through the account. The number of times the information is performed, and the location information with the highest number of records is determined as the specified location information, and finally the standard information corresponding to the account is stored as the standard information corresponding to the specified location information.
  • the server may monitor the location information of the terminal that performs operations (eg, login operation, payment operation, query operation, etc.) through the account, and records the account through the account.
  • the number of operations performed at each location assuming that the preset location information includes Beijing, Shanghai, and Guangzhou, and the number of times the account is operated in Beijing is monitored 10 times, and the number of operations performed in Shanghai is 7 times, and operations are performed in Guangzhou.
  • the number of times is one, the server can use the most frequently used Beijing as the specified location information, and store the fingerprint of the user as the standard information corresponding to Beijing.
  • the server stores the standard information as the location where the user is registered.
  • the location information corresponding to the standard information may change, that is, in the embodiment of the present application, the correspondence between the location information and the standard information is It is not static, but dynamic.
  • the location information corresponding to the standard information of an account is ultimately the location information of the user of the account.
  • the server monitors that the number of operations performed by the account in Beijing is 10, the number of operations performed in Shanghai is 7 times, and the number of operations performed in Guangzhou is 1 time.
  • the standard information of the account is the standard information corresponding to Beijing. If at another point in time, the server monitors that the account has been operated in Beijing 12 times, performing operations in Shanghai. The number of times is 15 times, and the number of operations performed in Guangzhou is 2 times, the standard information of the account will be changed to the standard information corresponding to Shanghai.
  • the server may configure a unique information base for the location information for each location information that is preset for storing the standard information corresponding to the location information.
  • the server may further preset a location node tree and save each standard information in the actual application scenario, in which the geographical area is generally divided into multiple levels. In the lowest node of each node in the location node tree.
  • the location node tree can be specifically as shown in FIG. 2.
  • FIG. 2 is a schematic diagram of a location node tree according to an embodiment of the present disclosure.
  • the node tree is divided into four layers, namely, full quantity, domestic/external, provincial, and municipal, and the geographic area of each layer node is decreased from top to bottom.
  • the server may configure, for each leaf node (city) of the lowest layer in the node tree of the location, a unique information base for storing the standard information corresponding to the leaf node.
  • the server may determine a location node corresponding to the location information of the terminal according to the pre-stored location node tree, and determine a information base corresponding to all the child nodes under the location node, according to the determined information bases.
  • the saved standard information is verified by the saved information.
  • the location information of the terminal determined by the server may be Zhejiang province, and the location node corresponding to the location information is not the lowest-level city leaf node of the node tree, therefore, the server may determine the The information base corresponding to all the child nodes under the location node, and the verification information is verified according to the standard information stored in the information base corresponding to all the child nodes under the location node.
  • the user may go to another location to travel and use his own account to perform operations.
  • the server may use the account in Beijing.
  • the verification information submitted by the user when using the account is verified successfully, but if the user travels to Shanghai, the use of the verification information in Shanghai
  • the location information of the terminal determined by the server in step S102 is Shanghai. Therefore, when the verification information is verified according to the stored standard information corresponding to Shanghai in step S103, the verification fails.
  • the server when the server fails to verify the verification information according to the standard information corresponding to the location information of the terminal saved in advance, the server may perform the verification information according to other standard information stored in advance. Check it out.
  • the action route is generally from the near-far location starting from the permanent place. Therefore, in the embodiment of the present application, based on the location node tree as shown in FIG.
  • the server fails to verify the verification information according to the standard information corresponding to the location information of the terminal saved in advance
  • the method for verifying the verification information according to other standard information stored in advance may be specifically as shown in the figure. 3 is shown.
  • FIG. 3 is a process of verifying the verification information by the server according to other standard information saved in advance according to an embodiment of the present disclosure, and specifically includes the following steps:
  • S301 Determine a parent node of the location node corresponding to the location information of the terminal, as the current node.
  • S302 Verify the verification information again according to the standard information stored in the information base corresponding to all the child nodes under the current node.
  • S306 Re-determine the parent node of the current node as the current node, and return to step S302.
  • the parent node of the current node is re-determined as the current node, and the verification information is again performed according to the standard information stored in the re-determined information base corresponding to all the child nodes of the current node. Check until the check succeeds or the parent node does not exist on the current node. If the current node does not have a parent node but the verification has not been successful, the server has already verified the information. All the standard information saved has been matched, but none of them match successfully, so the verification failure can be determined at this time.
  • the server uses the parent node A of the location node city A1 as the current node, and again according to the standard information stored in the information base corresponding to all the child nodes (city A1, city A2, etc.) in the province A. The verification information is verified. Since the standard information based on the recalibration includes the standard information corresponding to the city A1, the verification can be successful.
  • the standard information based on the city A2 also includes the standard information corresponding to the city A2, that is, when the verification is performed again, the verification information according to the standard information corresponding to the city A2 is repeated.
  • the server may also mark the standard information or the information base that has been used, and perform the verification again.
  • the verification information is verified according to standard information or a database other than the mark.
  • the standard information is the standard information that has been used; if the verification information is verified, it is based on a If all the standard information in the information base is verified, the information base is the used information base.
  • the embodiment of the present application further provides an information verification device and an information storage device, as shown in FIGS. 4 and 5.
  • FIG. 4 is a schematic structural diagram of an apparatus for verifying information according to an embodiment of the present disclosure, which specifically includes:
  • the receiving module 401 is configured to receive verification information sent by the terminal.
  • a positioning module 402 configured to determine location information of the terminal
  • the verification module 403 is configured to verify the verification information according to each standard information corresponding to the location information saved in advance.
  • the positioning module 402 is specifically configured to determine location information of the terminal according to the source Internet Protocol IP address carried in the verification information.
  • the verification module 403 is specifically configured to: determine, according to a pre-stored location node tree, a location node corresponding to the location information, and determine an information base corresponding to all the sub-nodes under the location node, according to the determined information bases.
  • the saved standard information is verified by the verification information.
  • the verification module 403 is further configured to: when the verification information fails to be verified according to each standard information corresponding to the location information saved in advance, the verification information is compared according to other standard information stored in advance. Check it out.
  • the verification module 403 is specifically configured to: determine a parent node of the location node, as a current node, and perform the verification information again according to standard information stored in an information base corresponding to all the child nodes under the current node. Performing a check, if the verification fails again, the parent node of the current node is re-determined as the current node, and according to the re-determined standard information stored in the information base corresponding to all the child nodes of the current node, the The verification information is verified until the verification is successful or the current node does not have a parent node.
  • the verification information and the standard information specifically include: biometric information.
  • a specific device as shown in FIG. 4 can be located in the server.
  • FIG. 5 is a schematic structural diagram of an apparatus for storing information according to an embodiment of the present disclosure, which specifically includes:
  • the monitoring module 501 is configured to monitor location information of a terminal that performs operations by using an account.
  • the recording module 502 is configured to record the number of times the operation is performed on each location information by using the account;
  • a determining module 503 configured to determine position information with the most times of recording as the specified location information
  • the storage module 504 is configured to store standard information corresponding to the account as the standard information corresponding to the specified location information.
  • a specific device as shown in FIG. 5 can be located in the server.
  • An embodiment of the present application provides a method and an apparatus for information verification and storage, where the server receives the verification information sent by the terminal, and determines the location information of the terminal, according to the standard information corresponding to the location information saved in advance, This verification information is verified.
  • the server only needs to be connected.
  • the received verification information can be matched with each standard information corresponding to the location information of the terminal, and the verification information is not required to be matched with all the stored standard information, thereby effectively improving the verification efficiency and reducing the verification efficiency.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
  • processors CPUs
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • Memory may include non-persistent memory in a computer readable medium, random access memory Forms such as (RAM) and/or non-volatile memory, such as read only memory (ROM) or flash memory.
  • RAM random access memory Forms
  • ROM read only memory
  • Memory is an example of a computer readable medium.
  • Computer readable media includes both permanent and non-persistent, removable and non-removable media.
  • Information storage can be implemented by any method or technology.
  • the information can be computer readable instructions, data structures, modules of programs, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory. (ROM), electrically erasable programmable read only memory (EEPROM), flash memory or other memory technology, compact disk read only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape storage or other magnetic storage devices or any other non-transportable media can be used to store information that can be accessed by a computing device.
  • computer readable media does not include temporary storage of computer readable media, such as modulated data signals and carrier waves.
  • embodiments of the present application can be provided as a method, system, or computer program product.
  • the present application can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment in combination of software and hardware.
  • the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

L'invention concerne un procédé et un dispositif pour stocker et vérifier des informations, lesquels sont utilisés pour résoudre les problèmes dans l'état de la technique selon lesquels l'efficacité de vérification est relativement faible et le poids d'un serveur est relativement lourd. Le procédé consiste : à recevoir, par un serveur, des informations de vérification envoyées par un terminal; à déterminer des informations de position concernant le terminal; et selon chaque élément d'informations standard pré-sauvegardées correspondant aux informations de position, à vérifier les informations de vérification. Au moyen du procédé, le serveur a uniquement besoin de mettre en correspondance les informations de vérification reçues avec chaque élément d'informations standard correspondant aux informations de position concernant le terminal, sans mettre en correspondance les informations de vérification avec toutes les informations standard sauvegardées, de telle sorte que l'efficacité de vérification peut être efficacement améliorée et le poids du serveur peut être réduit.
PCT/CN2015/094311 2014-11-18 2015-11-11 Procédé et dispositif pour stocker et vérifier des informations WO2016078526A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410659764.1 2014-11-18
CN201410659764.1A CN105678155B (zh) 2014-11-18 2014-11-18 一种信息存储和校验的方法及装置

Publications (1)

Publication Number Publication Date
WO2016078526A1 true WO2016078526A1 (fr) 2016-05-26

Family

ID=56013275

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/094311 WO2016078526A1 (fr) 2014-11-18 2015-11-11 Procédé et dispositif pour stocker et vérifier des informations

Country Status (2)

Country Link
CN (1) CN105678155B (fr)
WO (1) WO2016078526A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109947610A (zh) * 2019-03-19 2019-06-28 浪潮商用机器有限公司 服务器硬件系统的配置校验方法、装置、系统及存储介质

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110659019B (zh) * 2019-09-26 2023-07-25 北京金山云网络技术有限公司 参数校验方法、装置和服务器

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103336800A (zh) * 2013-06-19 2013-10-02 武汉世纪金桥安全技术有限公司 基于行为分析的指纹存储比对的方法
CN103345616A (zh) * 2013-06-19 2013-10-09 武汉世纪金桥安全技术有限公司 基于行为分析的指纹存储比对的系统
CN103581108A (zh) * 2012-07-19 2014-02-12 阿里巴巴集团控股有限公司 一种登录验证方法、客户端、服务器及系统

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101853812B1 (ko) * 2011-03-15 2018-05-02 삼성전자주식회사 전자 기기의 식별자를 생성하는 방법과 전자 기기의 식별자를 이용한 정보 관리 방법.

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103581108A (zh) * 2012-07-19 2014-02-12 阿里巴巴集团控股有限公司 一种登录验证方法、客户端、服务器及系统
CN103336800A (zh) * 2013-06-19 2013-10-02 武汉世纪金桥安全技术有限公司 基于行为分析的指纹存储比对的方法
CN103345616A (zh) * 2013-06-19 2013-10-09 武汉世纪金桥安全技术有限公司 基于行为分析的指纹存储比对的系统

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109947610A (zh) * 2019-03-19 2019-06-28 浪潮商用机器有限公司 服务器硬件系统的配置校验方法、装置、系统及存储介质

Also Published As

Publication number Publication date
CN105678155A (zh) 2016-06-15
CN105678155B (zh) 2018-09-18

Similar Documents

Publication Publication Date Title
US8898764B2 (en) Authenticating user through web extension using token based authentication scheme
US10887313B2 (en) Systems and methods for controlling sign-on to web applications
KR102204733B1 (ko) 계정 로그인을 위한 방법, 장치, 및 서버
US20190363885A1 (en) Privacy-preserving Identity Verification
TWI679550B (zh) 帳號登入方法及裝置
JP6435398B2 (ja) 端末識別子を促進する方法及びシステム
US9923906B2 (en) System, method and computer program product for access authentication
WO2017162112A1 (fr) Procédé et dispositif d'enregistrement d'identité
US8561165B2 (en) Centralized authentication for multiple applications
US10135810B2 (en) Selective authentication system
US20210011905A1 (en) Method for providing relational decentralized identifier service and blockchain node using the same
CN115396114A (zh) 基于可验证声明的授权方法、装置、设备及系统
US20130291121A1 (en) Cloud Abstraction
TWI646479B (zh) Business authentication method, system and server
US8763098B2 (en) Mechanism for facilitating dynamic and continuous testing of security assertion markup language credentials in an on-demand services environment
TW201510761A (zh) 下載以及安裝客戶端的方法和設備
US20230385396A1 (en) Methods and systems for verifying applications
US10860703B1 (en) Online authentication and security management using device-based identification
US20220360575A1 (en) Security for diverse computing systems
CN104574101B (zh) 一种用于验证电子券的方法、设备与系统
US20210342841A1 (en) Mobile authentification method via peer mobiles
US20120304263A1 (en) System and method for single sign-on
US10853359B1 (en) Data log stream processing using probabilistic data structures
WO2016078526A1 (fr) Procédé et dispositif pour stocker et vérifier des informations
US20150295918A1 (en) User authentication system in web mash-up circumstance and authenticating method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15862100

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15862100

Country of ref document: EP

Kind code of ref document: A1