WO2016112712A1 - 一种安全访问方法、装置及终端、存储介质 - Google Patents

一种安全访问方法、装置及终端、存储介质 Download PDF

Info

Publication number
WO2016112712A1
WO2016112712A1 PCT/CN2015/090614 CN2015090614W WO2016112712A1 WO 2016112712 A1 WO2016112712 A1 WO 2016112712A1 CN 2015090614 W CN2015090614 W CN 2015090614W WO 2016112712 A1 WO2016112712 A1 WO 2016112712A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
password
access object
identity verification
entry
Prior art date
Application number
PCT/CN2015/090614
Other languages
English (en)
French (fr)
Inventor
艾朝
Original Assignee
努比亚技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 努比亚技术有限公司 filed Critical 努比亚技术有限公司
Publication of WO2016112712A1 publication Critical patent/WO2016112712A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a secure access method, apparatus, terminal, and storage medium.
  • Step 1 Log in to the protection module
  • Step 2 enter the login password
  • Step 3 View the protected file.
  • the technical problem to be solved by the present invention is to provide a secure access method, device, terminal, and storage medium, so as to solve the prior art, the encryption logic for the encryption object has insufficient encryption logic, and there is an encryption vulnerability. A technical flaw that caused the theft of encrypted objects.
  • an embodiment of the present invention provides a secure access method, where the method includes:
  • the access password passes the authentication of the access object, it jumps to the access object and grants access to the access object. If the access password does not pass the authentication of the access object, the access object is denied access.
  • the method before the access password of the required access object is entered through the preset password entry interface, the method includes:
  • the access password of the required access object is entered through the preset password entry interface, and specifically includes:
  • the access character of the access object is entered through the password entry interface, the access character is analyzed in combination with the preset password identifier;
  • the access password of the access object is extracted in the access character.
  • determining whether the access password passes the identity verification of the access object specifically includes:
  • the access object if the access password is authenticated by the access object, the access object is accessed and the access right of the access object is granted, and if the access password does not pass the identity verification of the access object, the access is denied.
  • the object further includes:
  • the application corresponding to the access portal is normally accessed.
  • an embodiment of the present invention further provides a security access device, where the device includes:
  • Accessing the password entry module configured to enter an access password of the required access object through a preset password entry interface
  • Accessing the password verification module configured to determine whether the access password passes the identity verification of the access object
  • the secure access execution module is configured to jump to the access object and grant access rights to the access object if the access password passes the authentication of the access object, and deny access to the access object if the access password does not pass the authentication of the access object.
  • the device further includes a entry interface setting module, and the entry interface setting module includes an access entry setting unit, an application setting unit, an input interface embedding unit, and a password input unit, where
  • Accessing an entry setting unit configured to set an access entry corresponding to the accessed object
  • An application setting unit configured to preset an application corresponding to the access portal
  • the input interface embedding unit is configured to embed a password input interface in the login interface or the interactive interface of the application;
  • the password entry unit is configured to enter an access character of the access object through the password entry interface.
  • the access password entry module includes an access character analysis unit and an access password extraction unit, where
  • the access character analysis unit is configured to input the access character of the access object through the password entry interface, and analyze the access character by using the preset password identifier;
  • the access password extraction unit is configured to extract an access password of the access object in the access character according to the analysis operation.
  • the access password verification module includes an access password transmission unit and an identity verification unit, where
  • the access password transmission unit is configured to transmit the access password of the extracted access object to the access object through the encrypted channel
  • An authentication unit configured to determine whether the access password passes the identity verification of the access object
  • the secure access execution module further includes denying access to the execution unit, denying access to the execution unit, and configuring to access the application corresponding to the access portal after the access password fails to pass the authentication of the access object and denying access to the access object.
  • an embodiment of the present invention further provides a secure access terminal, where the terminal includes the foregoing secure access device.
  • an embodiment of the present invention further provides a secure access terminal, where the terminal includes a processor and a display screen, where
  • the display screen is configured to display a password entry interface
  • the processor is configured to input an access password of the required access object by using a preset password entry interface
  • the access password is authenticated by the access object, jump to the access object and grant access rights to the access object, and if the access password does not pass the identity verification of the access object, reject Access the access object.
  • the embodiment of the present invention further provides a storage medium, where the computer storage medium stores computer executable instructions, where the computer executable instructions are used to perform the following security access method, the method includes:
  • the access password is authenticated by the access object, jump to the access object and grant access rights to the access object, and if the access password does not pass the identity verification of the access object, reject Access the access object.
  • the present invention first, enter an access password of a desired access object through a preset password entry interface, and then determine whether the access password passes the identity verification of the accessed object, and finally, if the visitor When the password is authenticated by the access object, it jumps to the access object and grants access to the access object. If the access password does not pass the authentication of the access object, the access object is denied access. It realizes the protection of multiple layers of input interface selection, and has better protection for encrypted objects under special circumstances. For example, if the user loses the password, the second person even obtains or knows the user's password, but if the password input interface is not known, the encrypted object is not accessed. The security of the encrypted object can be further improved.
  • the encryption logic of the existing encrypted object is also optimized, that is, from the encrypted object, the interface for entering the password, the entry password, and the encrypted encrypted object are accessed. Thereby, the encryption protection measures for the encrypted object are enhanced as a whole.
  • FIG. 2 is a flow chart of a secure access method according to a second preferred embodiment of the present invention.
  • FIG. 3 is a flowchart of a secure access method according to a third preferred embodiment of the present invention.
  • FIG. 4 is a flowchart of a secure access method according to a fourth preferred embodiment of the present invention.
  • FIG. 5 is a flowchart of a secure access method according to a fifth preferred embodiment of the present invention.
  • Figure 6 is a block diagram showing the structure of a secure access device proposed by the present invention.
  • FIG. 1 is a flow chart of a secure access method proposed by the present invention. The method includes:
  • the secure access method proposed in this embodiment is applicable to a smart device having an encryption processing function, such as a smart phone or a tablet computer.
  • a third-party application as a password entry interface, such as a calculator, a text message, an input method, a dialing interface, etc.
  • a dialing interface specifically, for example, when set in a dialing interface, an input string of the dialing interface is captured.
  • the login password is set, wherein the login password is used to verify and match the string captured by the set embed program.
  • S2 Determine whether the access password passes the identity verification of the access object.
  • the capture string is verified and matched by the setting of the above step S1.
  • the embedded program is a password entry interface, and the login password is set to *#110#. Then, when the user inputs the login password in the dialing interface, it is determined whether the login password is the same as *#110#, and if the same, the authentication is passed, otherwise the authentication is rejected.
  • the capture string is verified and matched by the setting of the above step S1.
  • the embedded program is a password entry interface, and the login password is set to *#110#. Then, when the user inputs *#110# in the password entry interface and passes the authentication, the program will automatically jump to the password entry success interface or select to enter the interface for viewing the encrypted object. If the match is unsuccessful, it is still stuck in the dialing interface and the dialer is running normally.
  • the beneficial effect of the embodiment is that, firstly, the access password of the required access object is entered through the preset password entry interface, and then, whether the access password passes the identity verification of the access object is determined, and finally, if the access password passes the identity verification of the access object , then jumps to the access object and grants access to the access object. If the access password does not pass the authentication of the access object, the access object is denied access. It realizes the protection of multiple layers of input interface selection, and has better protection for encrypted objects under special circumstances. For example, if the user loses the password, the second person gets or knows The user's password, but if you don't know the password input interface, you can't access the encrypted object. The security of the encrypted object can be further improved.
  • the encryption logic of the existing encrypted object is also optimized, that is, from the encrypted object, the interface for entering the password, the entry password, and the encrypted encrypted object are accessed. Thereby, the encryption protection measures for the encrypted object are enhanced as a whole.
  • the method before entering the access password of the required access object through the preset password entry interface, the method includes:
  • jump settings are made for events that meet the set conditions. Specifically, when the opened third party application is correct and the entered password is correct, then the access interface of the encrypted object can be jumped.
  • the password entry interface can be embedded in the login interface or interactive interface of the third-party application.
  • the beneficial effect of the embodiment is that an application corresponding to the access entry is preset by setting an access entry corresponding to the access object, and then a password entry interface is embedded in the login interface or the interactive interface of the application, and finally, the password is entered through the password.
  • the interface enters the access characters of the access object.
  • the access password of the required access object is entered through the preset password entry interface, which specifically includes:
  • a password identifier is set in advance, and the entered access character is analyzed by the password identifier.
  • the password identifier can be set to perform reverse analysis on the arbitrarily set and entered access characters.
  • the preset password identifier may be key information such as a secret key allocated by the cloud.
  • the beneficial effect of this embodiment is that after the access character of the access object is entered through the password entry interface, the access character is analyzed in combination with the preset password identifier, and then, according to the analysis operation, the access password of the access object is extracted in the access character. Accurate acquisition of the access password in the access character is implemented, which provides an accurate basis for the authentication operation of the access password in the subsequent access character.
  • determining whether the access password passes the identity verification of the access object specifically includes:
  • the access password of the extracted access object is transmitted to the access object through the encrypted channel.
  • the beneficial effect of this embodiment is that the access password of the extracted access object is transmitted to the access object through the encrypted channel, and then it is determined whether the access password passes the identity verification of the access object. Therefore, the access password is not stolen and stolen during the transmission process, and the security and reliability of the encrypted object by the access password are further enhanced.
  • FIG. 5 is a flowchart of a secure access method according to a fifth preferred embodiment of the present invention. Based on the above-mentioned Embodiments 1 to 4, if the access password passes the authentication of the access object, the access to the access object is granted, and the access right of the access object is granted. If the access password does not pass the authentication of the access object, the access object is denied. Further includes:
  • the beneficial effect of this embodiment is that, by determining that the access password does not pass the identity verification of the access object and denying access to the access object, the application corresponding to the access entry is normally accessed. On the one hand, it protects the access rights of the access object when the access password does not pass the authentication of the access object, and on the other hand, avoids the content leakage of the access object.
  • the secure access method of the present invention first, enter an access password of a required access object through a preset password entry interface, and then determine whether the access password passes the identity verification of the access object, and finally, if the access password passes the identity verification of the access object. , jump to the access object, and Grant access to the access object, and deny access to the access object if the access password does not pass the authentication of the access object. It realizes the protection of multiple layers of input interface selection, and has better protection for encrypted objects under special circumstances. For example, if the user loses the password, the second person even obtains or knows the user's password, but if the password input interface is not known, the encrypted object is not accessed. The security of the encrypted object can be further improved.
  • the encryption logic of the existing encrypted object is also optimized, that is, from the encrypted object, the interface for entering the password, the entry password, and the encrypted encrypted object are accessed. Thereby, the encryption protection measures for the encrypted object are enhanced as a whole.
  • Figure 6 is a block diagram showing the structure of a secure access device proposed by the present invention.
  • the invention also proposes a security access device, the device comprising:
  • the access password entry module 10 is configured to input an access password of the required access object through a preset password entry interface
  • the access password verification module 20 is configured to determine whether the access password passes the identity verification of the access object.
  • the secure access execution module 30 is configured to jump to the access object and grant access rights to the access object if the access password passes the authentication of the access object, and deny access to the access object if the access password does not pass the identity verification of the access object.
  • the device further includes a entry interface setting module 40, and the entry interface setting module 40 includes an access entry setting unit 41, an application setting unit 42, a entry interface embedding unit 43, and a password entry unit 44, where
  • the access entry setting unit 41 is configured to set an access entry corresponding to the access object
  • the application setting unit 42 is configured to preset an application corresponding to the access portal
  • the entry interface embedding unit 43 is configured to embed a password entry interface in the login interface or the interactive interface of the application;
  • the password entry unit 444 is configured to input an access character of the access object through the password entry interface.
  • the access password entry module 10 includes an access character analysis unit 11 and an access password extraction unit 12, wherein
  • the access character analyzing unit 11 is configured to: after the access character of the access object is entered through the password entry interface, analyze the access character by using the preset password identifier;
  • the access password extraction unit 12 is configured to extract an access password of the access object from the access characters according to the analysis operation.
  • the access password verification module 20 includes an access password transmission unit 21 and an identity verification unit 22, where
  • the access password transmission unit 21 is configured to transmit the access password of the extracted access object to the access object through the encrypted channel;
  • the authentication unit 22 is configured to determine whether the access password passes the identity verification of the access object.
  • the secure access execution module 30 further includes a denial access execution unit 31, and the access denied execution unit 31 is configured to normally access an application corresponding to the access portal after the access password does not pass the identity verification of the access object and the access object is denied access.
  • the present invention also proposes a secure access terminal comprising the above secure access device.
  • the secure access device can be used in a mobile phone, or other intelligent communication terminal having a password verification function, such as a smart phone, etc., can be a software unit running in the communication terminal, or can be integrated as an independent pendant to the communication terminal. Medium or running in the application system of these mobile terminals.
  • the security access device and the terminal embodying the present invention firstly enter an access password of a required access object through a preset password entry interface, and then determine whether the access password passes the identity verification of the access object, and finally, if the access password passes through the access object Authentication, then jump to the access object and grant access to the access object, if the access password does not pass the authentication of the access object, the access object is denied access. It realizes the protection of multiple layers of input interface selection, and has better protection for encrypted objects under special circumstances. For example, if the user loses the password, the second person even obtains or knows the user's password, but if the password input interface is not known, the encrypted object is not accessed. The security of the encrypted object can be further improved.
  • the encryption logic of the existing encrypted object is also optimized, that is, from the encrypted object, the interface for entering the password, the entry password, and the encrypted encrypted object are accessed. Thereby, the encryption protection measures for the encrypted object are enhanced as a whole.
  • the access password entry module, the access password verification module, the security access execution module, and the input interface setting module in the security access device provided by the embodiment of the present invention, and each unit included in each module can pass through the processor in the terminal.
  • the processor can be a central processing unit (CPU), a microprocessor (MPU), a digital signal processor (DSP) or field programmable Gate array (FPGA), etc.
  • the above-mentioned secure access method is implemented in the form of a software function module and sold or used as a stand-alone product, it may also be stored in a computer readable storage medium.
  • the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product stored in a storage medium, including a plurality of instructions.
  • a computer device (which may be a personal computer, server, or network device, etc.) is caused to perform all or part of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk.
  • program codes such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk.
  • the embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute the secure access method in the embodiment of the present invention.
  • the access password of the required access object is entered through a preset password entry interface, and then, it is determined whether the access password passes the identity verification of the access object, and finally, if the access password passes the identity verification of the access object, then the jump To access the object and grant access to the access object, if the access password does not pass the authentication of the access object, the access object is denied access; thus, the protection of multiple input interface selection is realized, and for special cases, the encrypted object has Better protection.
  • the encryption logic of the existing encrypted object is also optimized, that is, from the encrypted object, the interface for entering the password, the entry password, and the encrypted encrypted object are accessed. Thereby, the encryption protection measures for the encrypted object are enhanced as a whole.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明实施例公开了一种安全访问方法、装置及终端、存储介质。其中,该方法包括:首先,通过预设的密码录入界面录入所需访问对象的访问密码,然后,判断访问密码是否通过访问对象的身份验证,最后,若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。

Description

一种安全访问方法、装置及终端、存储介质 技术领域
本发明涉及通信技术领域,尤其涉及一种安全访问方法、装置及终端、存储介质。
背景技术
现有技术中,移动设备查看被保护文件的步骤通常是:
步骤1、登陆保护模块;
步骤2、输入登陆密码;
步骤3、查看被保护文件。
上述技术方案所在的缺点在于:1)、对于熟悉用户的周边人来说,在日常借用或者浏览用户的移动设备中,倘若知道用户安全模块登陆密码,则有较高文件失迷风险;2)、移动设备遗失后,由于有直观的保护模块登陆界面接口,对于窥探用户隐私的人会使用其他密码破解方式进行破解,从而被保护文件失窃。因此,现有技术中,对加密对象的加密措施存在加密逻辑不够严谨,存在加密漏洞,易造成加密对象失窃的技术缺陷。
发明内容
有鉴于此,本发明要解决的技术问题是提供一种安全访问方法、装置及终端、存储介质,以解决现有技术中,对加密对象的加密措施存在加密逻辑不够严谨,存在加密漏洞,易造成加密对象失窃的技术缺陷。
本发明实施例解决上述技术问题所采用的技术方案如下:
第一方面,本发明实施例提供一种安全访问方法,该方法包括:
通过预设的密码录入界面录入所需访问对象的访问密码;
判断访问密码是否通过访问对象的身份验证;
若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。
在本发明的一种实施例中,通过预设的密码录入界面录入所需访问对象的访问密码之前包括:
设置与访问对象对应的访问入口;
预设与访问入口对应的应用程序;
在应用程序的登录界面或交互界面内嵌入密码录入界面;
通过密码录入界面录入访问对象的访问字符。
在本发明的一种实施例中,通过预设的密码录入界面录入所需访问对象的访问密码具体包括:
通过密码录入界面录入访问对象的访问字符后,结合预设的密码识别符分析访问字符;
根据分析操作,在访问字符中提取访问对象的访问密码。
在本发明的一种实施例中,判断访问密码是否通过访问对象的身份验证具体包括:
将提取的访问对象的访问密码通过加密通道传输至访问对象;
判断访问密码是否通过访问对象的身份验证。
在本发明的一种实施例中,若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象进一步包括:
若访问密码未通过访问对象的身份验证,并拒绝访问访问对象后,正常访问与访问入口对应的应用程序。
第二方面,本发明实施例还提出了一种安全访问装置,该装置包括:
访问密码录入模块,配置为通过预设的密码录入界面录入所需访问对象的访问密码;
访问密码验证模块,配置为判断访问密码是否通过访问对象的身份验证;
安全访问执行模块,配置为若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。
在本发明的一种实施例中,本装置还包括录入界面设置模块,录入界面设置模块包括访问入口设置单元、应用程序设置单元、录入界面嵌入单元以及密码录入单元,其中,
访问入口设置单元,配置为设置与访问对象对应的访问入口;
应用程序设置单元,配置为预设与访问入口对应的应用程序;
录入界面嵌入单元,配置为在应用程序的登录界面或交互界面内嵌入密码录入界面;
密码录入单元,配置为通过密码录入界面录入访问对象的访问字符。
在本发明的一种实施例中,访问密码录入模块包括访问字符分析单元以及访问密码提取单元,其中,
访问字符分析单元,配置为通过密码录入界面录入访问对象的访问字符后,结合预设的密码识别符分析访问字符;
访问密码提取单元,配置为根据分析操作,在访问字符中提取访问对象的访问密码。
在本发明的一种实施例中,访问密码验证模块包括访问密码传输单元以及身份验证单元,其中,
访问密码传输单元,配置为将提取的访问对象的访问密码通过加密通道传输至访问对象;
身份验证单元,配置为判断访问密码是否通过访问对象的身份验证;
安全访问执行模块还包括拒绝访问执行单元,拒绝访问执行单元,配置为若访问密码未通过访问对象的身份验证,并拒绝访问访问对象后,正常访问与访问入口对应的应用程序。
第三方面,本发明实施例还提出了一种安全访问终端,该终端包括上述安全访问装置。
第四方面,本发明实施例还提出一种安全访问终端,所述终端包括处理器和显示屏,其中
所述显示屏,配置为显示密码录入界面;
所述处理器,配置为通过预设的密码录入界面录入所需访问对象的访问密码;
判断所述访问密码是否通过所述访问对象的身份验证;
若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象。
第五方面,本发明实施例还提出一种存储介质,所述计算机存储介质中存储有计算机可执行指令,该计算机可执行指令用于执行下面的一种安全访问方法,所述方法包括:
通过预设的密码录入界面录入所需访问对象的访问密码;
判断所述访问密码是否通过所述访问对象的身份验证;
若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象。
实施本发明,首先,通过预设的密码录入界面录入所需访问对象的访问密码,然后,判断访问密码是否通过访问对象的身份验证,最后,若访 问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。实现了多了层输入界面选择的保护,对于特殊情况下对加密对象有更好的保护。比如,若用户丢失密码之后,第二人即使得到或者知道用户的密码,但若不知道密码输入界面也是无从访问加密对象。使得加密对象的安全性得以更进一步的提升。同时,也优化了现有的加密对象的加密逻辑,即从加密对象、找到录入密码的界面、录入密码、访问被加密的加密对象。从而从整体上增强了对加密对象的加密防护措施。
附图说明
下面将结合附图及实施例对本发明作进一步说明,附图中:
图1是本发明提出的安全访问方法的流程图;
图2是本发明第二较佳实施例提出的安全访问方法的流程图;
图3是本发明第三较佳实施例提出的安全访问方法的流程图;
图4是本发明第四较佳实施例提出的安全访问方法的流程图;
图5是本发明第五较佳实施例提出的安全访问方法的流程图;
图6是本发明提出的安全访问装置的结构框图。
具体实施方式
为了使本发明所要解决的技术问题、技术方案及有益效果更加清楚、明白,以下结合附图和实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。
实施例一
图1是本发明提出的安全访问方法的流程图。该方法包括:
S1,通过预设的密码录入界面录入所需访问对象的访问密码。
可以理解,本实施例所提出的安全访问方法适用于智能手机、平板电脑等具有加密处理功能的智能设备中。
例如,嵌入第三方应用程序作为密码录入界面,如计算器、短信、输入法、拨号界面等,具体地,例如,设置在拨号界面,则会对拨号界面的输入字符串捕获。同时设置登陆密码,其中,登陆密码是为了对设置的嵌入程序捕获到的字符串进行验证匹配。
S2,判断访问密码是否通过访问对象的身份验证。
如上例所述,通过上述步骤S1的设置,对捕获字符串进行验证匹配。例如,在嵌入程序为密码录入界面,并且设置的登陆密码为*#110#。那么,当用户在拨号界面输入登录密码是,判断此登录密码是否与*#110#相同,若相同,则通过身份验证,否则拒绝通过身份验证。
S3,若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。
如上例所述,通过上述步骤S1的设置,对捕获字符串进行验证匹配。例如,在嵌入程序为密码录入界面,并且设置的登陆密码为*#110#。那么,当用户在密码录入界面输入*#110#并通过身份验证时,程序会自动跳转到密码录入成功界面或者选择进入查看加密对象的界面。如果匹配不成功,则还是滞留在拨号界面,并且拨号程序正常运行。
本实施例的有益效果在于,首先,通过预设的密码录入界面录入所需访问对象的访问密码,然后,判断访问密码是否通过访问对象的身份验证,最后,若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。实现了多了层输入界面选择的保护,对于特殊情况下对加密对象有更好的保护。比如,若用户丢失密码之后,第二人即使得到或者知 道用户的密码,但若不知道密码输入界面也是无从访问加密对象。使得加密对象的安全性得以更进一步的提升。同时,也优化了现有的加密对象的加密逻辑,即从加密对象、找到录入密码的界面、录入密码、访问被加密的加密对象。从而从整体上增强了对加密对象的加密防护措施。
实施例二
图2是本发明第二较佳实施例提出的安全访问方法的流程图。基于上述实施例一,通过预设的密码录入界面录入所需访问对象的访问密码之前包括:
S01,设置与访问对象对应的访问入口。
如上例所述,初始化时,设置需要嵌入监控输入事件的第三方应用。
S02,预设与访问入口对应的应用程序。
例如,对符合设置条件的事件,进行跳转设置。具体地,当打开的第三方应用正确,并且输入的密码正确时,随即可以跳转至加密对象的访问界面。
S03,在应用程序的登录界面或交互界面内嵌入密码录入界面。
如上例所述,可以在第三方应用程序的登录界面或者交互界面内嵌入密码录入界面。
S04,通过密码录入界面录入访问对象的访问字符。
通过密码录入界面捕获输入的字符串。
本实施例的有益效果在于,通过设置与访问对象对应的访问入口,预设与访问入口对应的应用程序,然后,在应用程序的登录界面或交互界面内嵌入密码录入界面,最后,通过密码录入界面录入访问对象的访问字符。实现了对访问对象的访问字符的准确获取,同时,确保了对访问对象的访问字符获取界面的隐私保护,进一步地加强了在访问对象的访问字符录入过程中的安全性保障。
实施例三
图3是本发明第三较佳实施例提出的安全访问方法的流程图。基于上述实施例一和实施例二,通过预设的密码录入界面录入所需访问对象的访问密码具体包括:
S11,通过密码录入界面录入访问对象的访问字符后,结合预设的密码识别符分析访问字符。
进一步地,预先设置密码识别符,通过密码识别符分析录入的访问字符。为了避免录入的访问字符与嵌入程序本身的录入字符发生逻辑冲突,因此,设置密码识别符,则可以对任意设定并录入的访问字符进行反向分析。
S12,根据分析操作,在访问字符中提取访问对象的访问密码。通过上述分析操作,获取访问对象的访问密码。
进一步地,上述预设的密码识别符可以是由云端分配的私密密钥等密钥信息。
本实施例的有益效果在于,通过密码录入界面录入访问对象的访问字符后,结合预设的密码识别符分析访问字符,然后,根据分析操作,在访问字符中提取访问对象的访问密码。实现了对访问字符中的访问密码的准确获取,为后续访问字符中的访问密码的身份验证操作提供了准确的判定基础。
实施例四
图4是本发明第四较佳实施例提出的安全访问方法的流程图。基于上述实施例一至实施例三,判断访问密码是否通过访问对象的身份验证具体包括:
S21,将提取的访问对象的访问密码通过加密通道传输至访问对象。
如上例所述,当完成嵌入第三方应用作为密码录入界面后,建立加密对象与第三方应用之间的加密通道,通过加密通道将访问密码传输至访问对象。
S22,执行判断访问密码是否通过访问对象的身份验证操作。具体地判断过程如上例所述,在此不再赘述。
本实施例的有益效果在于,通过将提取的访问对象的访问密码通过加密通道传输至访问对象,然后判断访问密码是否通过访问对象的身份验证。从而保证了访问密码在传输过程中不会被窃取和盗用,进一步地加强了通过访问密码验证加密对象的安全可靠性。
实施例五
图5是本发明第五较佳实施例提出的安全访问方法的流程图。基于上述实施例一至实施例四,若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象进一步包括:
S31,若访问密码未通过访问对象的身份验证,并拒绝访问访问对象后,正常访问与访问入口对应的应用程序。
如上例所述,如果上述访问密码匹配不成功,为通过访问对象的身份验证,则将滞留在拨号界面,并且拨号程序正常运行。
本实施例的有益效果在于,通过判定若访问密码未通过访问对象的身份验证,并拒绝访问访问对象后,正常访问与访问入口对应的应用程序。一方面,保护了当访问密码未通过访问对象的身份验证时,对访问对象访问权限的保护,另一方面,避免了访问对象的内容泄漏。
实施本发明的安全访问方法,首先,通过预设的密码录入界面录入所需访问对象的访问密码,然后,判断访问密码是否通过访问对象的身份验证,最后,若访问密码通过访问对象的身份验证,则跳转至访问对象,并 授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。实现了多了层输入界面选择的保护,对于特殊情况下对加密对象有更好的保护。比如,若用户丢失密码之后,第二人即使得到或者知道用户的密码,但若不知道密码输入界面也是无从访问加密对象。使得加密对象的安全性得以更进一步的提升。同时,也优化了现有的加密对象的加密逻辑,即从加密对象、找到录入密码的界面、录入密码、访问被加密的加密对象。从而从整体上增强了对加密对象的加密防护措施。
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分步骤是可以通过程序来控制相关的硬件完成,所述的程序可以在存储于一计算机可读取存储介质中,所述的存储介质,如ROM/RAM、磁盘、光盘等。
实施例六
图6是本发明提出的安全访问装置的结构框图。本发明还提出了一种安全访问装置,该装置包括:
访问密码录入模块10,配置为通过预设的密码录入界面录入所需访问对象的访问密码;
访问密码验证模块20,配置为判断访问密码是否通过访问对象的身份验证;
安全访问执行模块30,配置为若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。
进一步地,本装置还包括录入界面设置模块40,录入界面设置模块40包括访问入口设置单元41、应用程序设置单元42、录入界面嵌入单元43以及密码录入单元44,其中,
访问入口设置单元41,配置为设置与访问对象对应的访问入口;
应用程序设置单元42,配置为预设与访问入口对应的应用程序;
录入界面嵌入单元43,配置为在应用程序的登录界面或交互界面内嵌入密码录入界面;
密码录入单元444,配置为通过密码录入界面录入访问对象的访问字符。
进一步地,访问密码录入模块10包括访问字符分析单元11以及访问密码提取单元12,其中,
访问字符分析单元11,配置为通过密码录入界面录入访问对象的访问字符后,结合预设的密码识别符分析访问字符;
访问密码提取单元12,配置为根据分析操作,在访问字符中提取访问对象的访问密码。
进一步地,访问密码验证模块20包括访问密码传输单元21以及身份验证单元22,其中,
访问密码传输单元21,配置为将提取的访问对象的访问密码通过加密通道传输至访问对象;
身份验证单元22,配置为判断访问密码是否通过访问对象的身份验证;
安全访问执行模块30还包括拒绝访问执行单元31,拒绝访问执行单元31,配置为若访问密码未通过访问对象的身份验证,并拒绝访问访问对象后,正常访问与访问入口对应的应用程序。
本发明还提出了一种安全访问终端,该终端包括上述安全访问装置。
该安全访问装置可以用于移动电话,或者具有密码验证功能的其他智能通信终端,例如智能手机等中,可以是运行于这些通信终端内的软件单元,也可以作为独立的挂件集成到这些通信终端中或者运行于这些移动终端的应用系统中。
需要说明的是,上述方法实施例中的技术特征在本装置均对应适用,这里不再重述。
实施本发明的安全访问装置和终端,首先,通过预设的密码录入界面录入所需访问对象的访问密码,然后,判断访问密码是否通过访问对象的身份验证,最后,若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象。实现了多了层输入界面选择的保护,对于特殊情况下对加密对象有更好的保护。比如,若用户丢失密码之后,第二人即使得到或者知道用户的密码,但若不知道密码输入界面也是无从访问加密对象。使得加密对象的安全性得以更进一步的提升。同时,也优化了现有的加密对象的加密逻辑,即从加密对象、找到录入密码的界面、录入密码、访问被加密的加密对象。从而从整体上增强了对加密对象的加密防护措施。
本发明实施例提供的安全访问装置中的访问密码录入模块、访问密码验证模块、安全访问执行模块以及录入界面设置模块等模块,以及各模块所包括的各单元,都可以通过终端中的处理器来实现;当然也可通过具体的逻辑电路实现;在具体实施例的过程中,处理器可以为中央处理器(CPU)、微处理器(MPU)、数字信号处理器(DSP)或现场可编程门阵列(FPGA)等。
需要说明的是,本发明实施例中,如果以软件功能模块的形式实现上述的安全访问方法,并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实施例的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机、服务器、或者网络设备等)执行本发明各个实施例所述方法的全部或部分。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read Only Memory)、磁碟或者光盘等各种可以存储程序代码的介质。这样,本发明实施例不限制于任何特定的硬件和软件 结合。
相应地,本发明实施例再提供一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,该计算机可执行指令用于执行本发明实施例中的安全访问方法。
以上参照附图说明了本发明的优选实施例,并非因此局限本发明的权利范围。本领域技术人员不脱离本发明的范围和实质,可以有多种变型方案实现本发明,比如作为一个实施例的特征可用于另一实施例而得到又一实施例。凡在运用本发明的技术构思之内所作的任何修改、等同替换和改进,均应在本发明的权利范围之内。
工业实用性
本发明实施例中,通过预设的密码录入界面录入所需访问对象的访问密码,然后,判断访问密码是否通过访问对象的身份验证,最后,若访问密码通过访问对象的身份验证,则跳转至访问对象,并授予访问对象的访问权限,若访问密码未通过访问对象的身份验证,则拒绝访问访问对象;如此,实现了多了层输入界面选择的保护,对于特殊情况下对加密对象有更好的保护。同时,也优化了现有的加密对象的加密逻辑,即从加密对象、找到录入密码的界面、录入密码、访问被加密的加密对象。从而从整体上增强了对加密对象的加密防护措施。

Claims (20)

  1. 一种安全访问方法,所述方法包括:
    通过预设的密码录入界面录入所需访问对象的访问密码;
    判断所述访问密码是否通过所述访问对象的身份验证;
    若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象。
  2. 根据权利要求1所述的安全访问方法,其中,所述通过预设的密码录入界面录入所需访问对象的访问密码之前包括:
    设置与所述访问对象对应的访问入口;
    预设与所述访问入口对应的应用程序;
    在所述应用程序的登录界面或交互界面内嵌入所述密码录入界面;
    通过所述密码录入界面录入所述访问对象的访问字符。
  3. 根据权利要求2所述的安全访问方法,其中,所述通过预设的密码录入界面录入所需访问对象的访问密码具体包括:
    通过所述密码录入界面录入所述访问对象的访问字符后,结合预设的密码识别符分析所述访问字符;
    根据所述分析操作,在所述访问字符中提取所述访问对象的访问密码。
  4. 根据权利要求3所述的安全访问方法,其中,所述判断所述访问密码是否通过所述访问对象的身份验证具体包括:
    将所述提取的所述访问对象的访问密码通过加密通道传输至所述访问对象;
    判断所述访问密码是否通过所述访问对象的身份验证。
  5. 根据权利要求4所述的安全访问方法,其中,所述若所述访问密 码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象进一步包括:
    若所述访问密码未通过所述访问对象的身份验证,并拒绝访问所述访问对象后,正常访问与所述访问入口对应的应用程序。
  6. 一种安全访问装置,所述装置包括:
    访问密码录入模块,配置为通过预设的密码录入界面录入所需访问对象的访问密码;
    访问密码验证模块,配置为判断所述访问密码是否通过所述访问对象的身份验证;
    安全访问执行模块,配置为若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象。
  7. 根据权利要求6所述的安全访问装置,其中,还包括录入界面设置模块,所述录入界面设置模块包括访问入口设置单元、应用程序设置单元、录入界面嵌入单元以及密码录入单元,其中,
    所述访问入口设置单元,配置为设置与所述访问对象对应的访问入口;
    所述应用程序设置单元,配置为预设与所述访问入口对应的应用程序;
    所述录入界面嵌入单元,配置为在所述应用程序的登录界面或交互界面内嵌入所述密码录入界面;
    所述密码录入单元,配置为通过所述密码录入界面录入所述访问对象的访问字符。
  8. 根据权利要求7所述的安全访问装置,其中,所述访问密码录入模块包括访问字符分析单元以及访问密码提取单元,其中,
    所述访问字符分析单元,配置为通过所述密码录入界面录入所述访问对象的访问字符后,结合预设的密码识别符分析所述访问字符;
    所述访问密码提取单元,配置为根据所述分析操作,在所述访问字符中提取所述访问对象的访问密码。
  9. 根据权利要求8所述的安全访问装置,其中,所述访问密码验证模块包括访问密码传输单元以及身份验证单元,其中,
    所述访问密码传输单元,配置为将所述提取的所述访问对象的访问密码通过加密通道传输至所述访问对象;
    所述身份验证单元,配置为判断所述访问密码是否通过所述访问对象的身份验证;
    所述安全访问执行模块还包括拒绝访问执行单元,所述拒绝访问执行单元,配置为若所述访问密码未通过所述访问对象的身份验证,并拒绝访问所述访问对象后,正常访问与所述访问入口对应的应用程序。
  10. 一种安全访问终端,所述终端包括所述权利要求6至9所述的安全访问装置。
  11. 一种安全访问终端,所述终端包括处理器和显示屏,其中
    所述显示屏,配置为显示密码录入界面;
    所述处理器,配置为通过预设的密码录入界面录入所需访问对象的访问密码;
    判断所述访问密码是否通过所述访问对象的身份验证;
    若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象。
  12. 根据权利要求11所述的安全访问终端,其中,所述通过预设的密码录入界面录入所需访问对象的访问密码之前包括:
    设置与所述访问对象对应的访问入口;
    预设与所述访问入口对应的应用程序;
    在所述应用程序的登录界面或交互界面内嵌入所述密码录入界面;
    通过所述密码录入界面录入所述访问对象的访问字符。
  13. 根据权利要求12所述的安全访问终端,其中,所述通过预设的密码录入界面录入所需访问对象的访问密码具体包括:
    通过所述密码录入界面录入所述访问对象的访问字符后,结合预设的密码识别符分析所述访问字符;
    根据所述分析操作,在所述访问字符中提取所述访问对象的访问密码。
  14. 根据权利要求13所述的安全访问终端,其中,所述判断所述访问密码是否通过所述访问对象的身份验证具体包括:
    将所述提取的所述访问对象的访问密码通过加密通道传输至所述访问对象;
    判断所述访问密码是否通过所述访问对象的身份验证。
  15. 根据权利要求14所述的安全访问终端,其中,所述若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象进一步包括:
    若所述访问密码未通过所述访问对象的身份验证,并拒绝访问所述访问对象后,正常访问与所述访问入口对应的应用程序。
  16. 一种存储介质,所述计算机存储介质中存储有计算机可执行指令,该计算机可执行指令用于执行下面的一种安全访问方法,所述方法 包括:
    通过预设的密码录入界面录入所需访问对象的访问密码;
    判断所述访问密码是否通过所述访问对象的身份验证;
    若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象。
  17. 根据权利要求16所述的存储介质,其中,所述通过预设的密码录入界面录入所需访问对象的访问密码之前包括:
    设置与所述访问对象对应的访问入口;
    预设与所述访问入口对应的应用程序;
    在所述应用程序的登录界面或交互界面内嵌入所述密码录入界面;
    通过所述密码录入界面录入所述访问对象的访问字符。
  18. 根据权利要求17所述的存储介质,其中,所述通过预设的密码录入界面录入所需访问对象的访问密码具体包括:
    通过所述密码录入界面录入所述访问对象的访问字符后,结合预设的密码识别符分析所述访问字符;
    根据所述分析操作,在所述访问字符中提取所述访问对象的访问密码。
  19. 根据权利要求18所述的存储介质,其中,所述判断所述访问密码是否通过所述访问对象的身份验证具体包括:
    将所述提取的所述访问对象的访问密码通过加密通道传输至所述访问对象;
    判断所述访问密码是否通过所述访问对象的身份验证。
  20. 根据权利要求19所述的存储介质,其中,所述若所述访问密码通过所述访问对象的身份验证,则跳转至所述访问对象,并授予所述访 问对象的访问权限,若所述访问密码未通过所述访问对象的身份验证,则拒绝访问所述访问对象进一步包括:
    若所述访问密码未通过所述访问对象的身份验证,并拒绝访问所述访问对象后,正常访问与所述访问入口对应的应用程序。
PCT/CN2015/090614 2015-01-16 2015-09-24 一种安全访问方法、装置及终端、存储介质 WO2016112712A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510023929.0 2015-01-16
CN201510023929.0A CN104539627B (zh) 2015-01-16 2015-01-16 一种安全访问方法、装置及终端

Publications (1)

Publication Number Publication Date
WO2016112712A1 true WO2016112712A1 (zh) 2016-07-21

Family

ID=52855096

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/090614 WO2016112712A1 (zh) 2015-01-16 2015-09-24 一种安全访问方法、装置及终端、存储介质

Country Status (2)

Country Link
CN (1) CN104539627B (zh)
WO (1) WO2016112712A1 (zh)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104539627B (zh) * 2015-01-16 2017-02-22 努比亚技术有限公司 一种安全访问方法、装置及终端
CN105787335B (zh) * 2016-02-25 2019-06-18 东莞盛世科技电子实业有限公司 密码输入界面切换控制方法及装置
CN105704143A (zh) * 2016-03-17 2016-06-22 珠海格力电器股份有限公司 播放资源的处理方法和装置
CN108932086A (zh) 2017-05-23 2018-12-04 腾讯科技(深圳)有限公司 应用界面的显示方法、装置及存储介质

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101005661A (zh) * 2006-11-15 2007-07-25 深圳凯虹移动通信有限公司 具有数据、菜单隐形功能的移动终端及其加密隐藏方法
CN101350717A (zh) * 2007-07-18 2009-01-21 中国移动通信集团公司 一种通过即时通信软件登录第三方服务器的方法及系统
CN101478595A (zh) * 2008-09-08 2009-07-08 广东南方信息安全产业基地有限公司 移动通信终端数据保护方法
CN101493869A (zh) * 2007-03-30 2009-07-29 数据中心技术公司 用于文件备份的密码保护
CN104252605A (zh) * 2014-09-17 2014-12-31 南京信息工程大学 一种Android平台的文件透明加解密系统及方法
CN104539627A (zh) * 2015-01-16 2015-04-22 深圳市中兴移动通信有限公司 一种安全访问方法、装置及终端

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102045450A (zh) * 2011-01-12 2011-05-04 深圳桑菲消费通信有限公司 一种保护手机信息安全的方法
CN104217172B (zh) * 2013-06-03 2019-05-14 腾讯科技(深圳)有限公司 隐私内容查看方法及装置
CN103313238A (zh) * 2013-06-20 2013-09-18 天翼电信终端有限公司 一种移动终端安全系统及安全保护方法
CN104008348B (zh) * 2014-04-17 2017-03-29 小米科技有限责任公司 应用程序控制方法、装置及终端

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101005661A (zh) * 2006-11-15 2007-07-25 深圳凯虹移动通信有限公司 具有数据、菜单隐形功能的移动终端及其加密隐藏方法
CN101493869A (zh) * 2007-03-30 2009-07-29 数据中心技术公司 用于文件备份的密码保护
CN101350717A (zh) * 2007-07-18 2009-01-21 中国移动通信集团公司 一种通过即时通信软件登录第三方服务器的方法及系统
CN101478595A (zh) * 2008-09-08 2009-07-08 广东南方信息安全产业基地有限公司 移动通信终端数据保护方法
CN104252605A (zh) * 2014-09-17 2014-12-31 南京信息工程大学 一种Android平台的文件透明加解密系统及方法
CN104539627A (zh) * 2015-01-16 2015-04-22 深圳市中兴移动通信有限公司 一种安全访问方法、装置及终端

Also Published As

Publication number Publication date
CN104539627A (zh) 2015-04-22
CN104539627B (zh) 2017-02-22

Similar Documents

Publication Publication Date Title
JP7545419B2 (ja) 統合された隔離されたアプリケーションにおけるランサムウェアの被害の軽減
US20170063827A1 (en) Data obfuscation method and service using unique seeds
EP3256976B1 (en) Toggling biometric authentication
EP2954451B1 (en) Barcode authentication for resource requests
CN110149328B (zh) 接口鉴权方法、装置、设备及计算机可读存储介质
US9906520B2 (en) Multi-user authentication
CA2798071C (en) Methods and systems for increasing the security of network-based transactions
CN112291279B (zh) 路由器内网访问方法、系统、设备以及可读存储介质
US9686269B2 (en) Method and system for distinguishing humans from machines and for controlling access to network services
CN101933051B (zh) 用于使用生物测定数据来访问无线通信设备中的防篡改存储设备的系统和方法
US20190026456A1 (en) Methods and Apparatus for Authentication of Joint Account Login
US9800574B2 (en) Method and apparatus for providing client-side score-based authentication
CN111903104A (zh) 用于执行用户认证的方法及系统
US20140282992A1 (en) Systems and methods for securing the boot process of a device using credentials stored on an authentication token
CN103813334A (zh) 权限控制方法和权限控制装置
US20160182491A1 (en) Methods, systems and apparatus to manage an authentication sequence
WO2016112712A1 (zh) 一种安全访问方法、装置及终端、存储介质
US20170201528A1 (en) Method for providing trusted service based on secure area and apparatus using the same
US10630679B2 (en) Methods providing authentication during a session using image data and related devices and computer program products
CN112434270B (zh) 一种增强计算机系统数据安全的方法及系统
Manjula et al. Pre-authorization and post-authorization techniques for detecting and preventing the session hijacking
CN112464213A (zh) 一种操作系统访问控制方法、装置、设备及存储介质
KR101635278B1 (ko) 동적 상호작용 큐알 코드를 기반으로 한 다중요소 인증 방법 및 시스템
CN104361269A (zh) 终端内访问对象的访问控制方法和装置
Mohialden et al. Enhancing User Authentication with Facial Recognition and Feature-Based Credentials

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15877625

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15877625

Country of ref document: EP

Kind code of ref document: A1

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 07/12/2017)

122 Ep: pct application non-entry in european phase

Ref document number: 15877625

Country of ref document: EP

Kind code of ref document: A1