WO2018014785A1 - System, method, and device for processing sub-account information - Google Patents

System, method, and device for processing sub-account information Download PDF

Info

Publication number
WO2018014785A1
WO2018014785A1 PCT/CN2017/092909 CN2017092909W WO2018014785A1 WO 2018014785 A1 WO2018014785 A1 WO 2018014785A1 CN 2017092909 W CN2017092909 W CN 2017092909W WO 2018014785 A1 WO2018014785 A1 WO 2018014785A1
Authority
WO
WIPO (PCT)
Prior art keywords
sub
account
information
password information
password
Prior art date
Application number
PCT/CN2017/092909
Other languages
French (fr)
Chinese (zh)
Inventor
阳诚海
Original Assignee
口碑控股有限公司
阳诚海
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 口碑控股有限公司, 阳诚海 filed Critical 口碑控股有限公司
Publication of WO2018014785A1 publication Critical patent/WO2018014785A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present application relates to the field of internet technology and particularly to a system, a method, and a device for processing sub-account information to reduce the risk of tampering with sub-account login information or leakage during transmission. The system for processing sub-account information provided by embodiments of the present application comprises: a master device, at least one sub-device, and a server. The master device logs in to an application via a master account, and the master device is configured to transmit a sub-account information acquisition request to the server, receive sub-account information returned by the server, said sub-account information comprising password information of a sub-account, and transmit the password information to the sub-device. The server is configured to generate, according to the sub-account information acquisition request, the sub-account information comprising the password information and transmit the sub-account information to the master device. The sub-device is configured to receive the password information transmitted by the master device.

Description

一种子账号信息处理系统、方法及装置Sub-account information processing system, method and device 技术领域Technical field
本申请涉及互联网技术领域,尤其涉及一种子账号信息处理系统、方法及装置。The present application relates to the field of Internet technologies, and in particular, to a sub-account information processing system, method, and apparatus.
背景技术Background technique
很多连锁店铺通常都有创建子账号的需求。子账号依赖于主账号,且在特定场景下通过主账号的授权可以代表主账号行使部分权限,比如收款、转账等。Many chain stores often have the need to create sub-accounts. The sub-account depends on the main account, and in the specific scenario, the authorization of the main account can exercise some rights on the main account, such as collection, transfer, and the like.
通常情况下,子账号的密码等关键信息只能由子账号持有人所知,否则因子账号触发的操作所导致的风险将无法追溯,无法起到防抵赖作用。现有的子账号创建及传输过程主要是:主账号持有实体基于该主账号登录应用系统,创建一个子账号,设置子账号的一些处理权限及子账号的登录密码,并通过邮件、短信等方式将创建的子账号的登录密码等信息传递给子账号持有实体,子账号持有实体通过该子账号行使相关处理权限。Under normal circumstances, the key information such as the password of the sub-account can only be known by the sub-account holder. Otherwise, the risk caused by the operation triggered by the factor account will not be traced, and it cannot play a non-repudiation role. The existing sub-account creation and transmission process is mainly: the main account holding entity logs in the application system based on the main account, creates a sub-account, sets some processing rights of the sub-account and the login password of the sub-account, and sends the e-mail, short message, etc. The method transmits the login password and the like of the created sub-account to the sub-account holding entity, and the sub-account holding entity exercises the relevant processing authority through the sub-account.
由于子账号持有人通常需要承担因该子账号触发的操作所导致的风险,因此子账号持有人对该子账号的登录密码等信息的保密性有严格的要求,而上述过程无法保证主账号持有人不篡改、泄露子账号的登录密码等子账号信息。Since the sub-account holder usually needs to bear the risk caused by the operation triggered by the sub-account, the sub-account holder has strict requirements on the confidentiality of the login password and the like of the sub-account, and the above process cannot guarantee the main The account holder does not tamper with and divulge sub-account information such as the login password of the sub-account.
可见,如何降低子账号登录信息在传输过程中被篡改、泄露的风险,是目前急需要解决的问题。It can be seen that how to reduce the risk of the sub-account login information being tampered with and leaked during the transmission process is an urgent problem to be solved.
发明内容Summary of the invention
本申请实施例提供一种子账号信息处理系统、方法及装置,用以降低子账号登录信息在传输过程中被篡改、泄露的风险。The embodiment of the present invention provides a sub-account information processing system, method, and device, which are used to reduce the risk that a sub-account login information is tampered with and leaked during transmission.
本申请实施例提供一种子账号信息处理系统,该系统包括主设备、至少一个子设备、以及服务器,所述主设备通过主账号登录应用;其中: The embodiment of the present application provides a sub-account information processing system, where the system includes a main device, at least one sub-device, and a server, where the main device logs in to the application through a primary account;
所述主设备,用于向所述服务器发送子账号信息获取请求,并用于接收服务器返回的子账号信息,所述子账号信息包括子账号的密码信息,并用于将所述密码信息发送给所述子设备;The master device is configured to send a sub-account information acquisition request to the server, and is configured to receive sub-account information returned by the server, where the sub-account information includes password information of the sub-account, and is used to send the password information to the Descriptive device
所述服务器,用于根据所述子账号信息获取请求,生成包括密码信息的所述子账号信息,并传输给所述主设备;The server is configured to generate the sub-account information including the password information according to the sub-account information acquisition request, and transmit the sub-account information to the main device;
所述子设备,用于接收所述主设备发送的密码信息。The sub-device is configured to receive password information sent by the main device.
本申请另一实施例提供一种子账号信息处理方法,包括:Another embodiment of the present application provides a method for processing sub-account information, including:
主设备通过主账号登录应用;The master device logs in to the application through the primary account.
向服务器发送子账号信息获取请求,用于请求获取子账号的密码信息;Sending a sub-account information obtaining request to the server, for requesting to obtain password information of the sub-account;
接收所述服务器返回的子账号信息,所述子账号信息包括所述子账号的密码信息;Receiving sub-account information returned by the server, where the sub-account information includes password information of the sub-account;
将所述密码信息发送给所述子设备。Sending the password information to the child device.
本申请另一实施例提供一种子账号信息处理方法,包括:Another embodiment of the present application provides a method for processing sub-account information, including:
服务器接收登录主账号的主设备发送的子账号信息获取请求;The server receives the sub-account information acquisition request sent by the master device that logs in to the primary account;
根据所述子账号信息获取请求,生成包括子账号的密码信息的子账号信息;Generating sub-account information including password information of the sub-account according to the sub-account information acquisition request;
将所述子账号信息传输给所述主设备。Transmitting the sub-account information to the main device.
本申请另一实施例提供一种子账号信息处理方法,包括:Another embodiment of the present application provides a method for processing sub-account information, including:
接收主设备发送的子账号的密码信息;所述子账号的密码信息为服务器生成的;Receiving password information of the sub-account sent by the primary device; the password information of the sub-account is generated by the server;
基于接收到的子账号的密码信息登录应用。The application is logged in based on the password information of the received sub-account.
本申请实施例提供一种子账号信息处理的终端设备,包括:The embodiment of the present application provides a terminal device for processing sub-account information, including:
登录模块,用于通过主账号登录应用;Login module, used to log in to the application through the primary account;
密码请求模块,用于向服务器发送子账号信息获取请求,用于请求获取子账号的密码信息;a password requesting module, configured to send a sub-account information obtaining request to the server, to request to obtain the password information of the sub-account;
接收模块,用于接收所述服务器返回的子账号信息,所述子账号信息包括 所述子账号的密码信息;a receiving module, configured to receive sub-account information returned by the server, where the sub-account information includes Password information of the sub-account;
密码发送模块,用于将所述密码信息发送给所述子设备。a password sending module, configured to send the password information to the child device.
本申请另一实施例提供一种子账号信息处理的服务器,包括:Another embodiment of the present application provides a server for processing sub-account information, including:
接收模块,用于接收登录主账号的主设备发送的子账号信息获取请求;a receiving module, configured to receive a sub-account information acquisition request sent by a primary device that logs in to the primary account;
生成模块,用于根据所述子账号信息获取请求,生成包括子账号的密码信息的子账号信息;a generating module, configured to generate sub-account information including password information of the sub-account according to the sub-account information obtaining request;
发送模块,用于将所述子账号信息传输给所述主设备。And a sending module, configured to transmit the sub-account information to the main device.
本申请另一实施例提供一种子账号信息处理的终端设备,包括:Another embodiment of the present application provides a terminal device for processing sub-account information, including:
接收模块,用于接收主设备发送的子账号的密码信息;所述子账号的密码信息为服务器生成的;a receiving module, configured to receive password information of a sub-account sent by the main device; the password information of the sub-account is generated by the server;
登录模块,用于基于接收到的子账号的密码信息登录应用。The login module is configured to log in to the application based on the password information of the received sub-account.
本申请实施例中,登录主账号的主设备不具有设置子账号的密码的权限,而是由服务器来生成,服务器将生成的子账号的密码传输给主设备后,主设备可以直接通过后台传输给拥有子账号的子设备。这样,由于子账号的密码不是由主账号的用户设置的,从而可以降低子账号密码被主账号用户泄露的风险。In the embodiment of the present application, the master device that logs in the primary account does not have the permission to set the password of the sub-account, but is generated by the server. After the server transmits the generated password of the sub-account to the master device, the master device can directly transmit through the background. Give a child device with a sub-account. In this way, since the password of the sub-account is not set by the user of the main account, the risk that the sub-account password is leaked by the main account user can be reduced.
另外,在优选的实施方式下,可以通过NFC数据传输通道来传输子账号的密码信息,由于NFC传输需要将两台设备靠近彼此来完成整个传输过程,因此可以保证子账号的密码信息是主账号持有者与子账号受理者当面传输的,进一步保证了密码信息的保密性及完整性。In addition, in a preferred embodiment, the password information of the sub-account can be transmitted through the NFC data transmission channel. Since the NFC transmission needs to bring the two devices close to each other to complete the entire transmission process, the password information of the sub-account can be guaranteed to be the primary account. The holder and the sub-account recipient transmit in person, further ensuring the confidentiality and integrity of the password information.
另外,在优选的实施方式下,服务器可以对传输的子账号的密码信息进行加密,主设备接收到加密状态的密码信息后,将该加密状态的密码信息传输给子设备,这样可以进一步保证密码信息的保密性及传输过程中的安全性。In addition, in a preferred implementation manner, the server may encrypt the password information of the transmitted sub-account, and after receiving the encrypted password information, the main device transmits the encrypted information to the sub-device, so that the password can be further ensured. Confidentiality of information and security during transmission.
附图说明DRAWINGS
图1为本申请实施例提供的子账号信息处理系统结构示意图;FIG. 1 is a schematic structural diagram of a sub-account information processing system according to an embodiment of the present application;
图2为本申请实施例一提供的子账号信息处理方法流程图; 2 is a flowchart of a method for processing sub-account information according to Embodiment 1 of the present application;
图3为本申请实施例二提供的子账号信息处理方法流程图;3 is a flowchart of a method for processing sub-account information according to Embodiment 2 of the present application;
图4为本申请实施例三提供的子账号信息处理的终端设备结构示意图;4 is a schematic structural diagram of a terminal device for processing sub-account information according to Embodiment 3 of the present application;
图5为为本申请实施例四提供的子账号信息处理的服务器结构示意图;5 is a schematic structural diagram of a server for processing sub-account information according to Embodiment 4 of the present application;
图6为本申请实施例五提供的子账号信息处理的终端设备结构示意图。FIG. 6 is a schematic structural diagram of a terminal device for processing sub-account information according to Embodiment 5 of the present application.
具体实施方式detailed description
本申请实施例应用于主账号持有方需要设立多个子账号来代为行使一些授权操作的场景下。比如,连锁店铺的主账号持有方可以设立多个子账号,分布在各个地方的连锁分店分别使用其中一个子账号来执行收款、转账操作。由于子账号相当于代为行使主账号的授权操作,因此子账号的操作结果会记录在主账号名下。The embodiment of the present application is applied to a scenario in which a primary account holder needs to set up multiple sub-accounts to perform some authorization operations. For example, the main account holder of the chain store can set up multiple sub-accounts, and the chain stores distributed in each place use one of the sub-accounts to perform the collection and transfer operations. Since the sub-account is equivalent to performing the authorization operation of the main account, the operation result of the sub-account is recorded under the main account name.
如图1所示,为本申请实施例提供的子账号信息处理系统10,包括主设备11、至少一个子设备12、以及服务器13,主设备11通过主账号登录应用;主设备11,用于向服务器13发送子账号信息获取请求,并用于接收服务器13返回的子账号信息,子账号信息包括子账号的密码信息,并用于将密码信息发送给子设备12;服务器13,用于根据子账号信息获取请求,生成包括密码信息的子账号信息,并传输给主设备11;子设备12,用于接收主设备11发送的密码信息。As shown in FIG. 1 , the sub-account information processing system 10 provided by the embodiment of the present application includes a main device 11 , at least one sub-device 12 , and a server 13 . The main device 11 logs in to the application through a primary account. Sending a sub-account information obtaining request to the server 13, and receiving the sub-account information returned by the server 13, the sub-account information including the sub-account password information, and used to send the password information to the sub-device 12; the server 13 is configured to use the sub-account The information acquisition request generates sub-account information including the password information, and transmits the information to the main device 11; the sub-device 12 is configured to receive the password information sent by the main device 11.
下面结合说明书附图对本申请实施例作进一步详细描述。The embodiments of the present application are further described in detail below with reference to the accompanying drawings.
实施例一Embodiment 1
如图2所示,为本申请实施例一提供的子账号信息处理方法流程图,包括以下步骤:As shown in FIG. 2, a flowchart of a method for processing sub-account information provided in Embodiment 1 of the present application includes the following steps:
S201:主设备通过主账号登录应用,向服务器发送子账号信息获取请求。S201: The master device logs in to the application through the primary account, and sends a sub-account information acquisition request to the server.
这里的应用可以指APP、网站、网页等。用户通过主设备打开APP、网站、或网页的登录页面,在登录页面中输入主账号和主账号登录密码,登录应用。Applications here can refer to APP, websites, web pages, and the like. The user opens the login page of the APP, website, or webpage through the master device, and enters the login password of the primary account and the primary account on the login page to log in to the application.
在具体实施中,主设备用户可以在登录的应用界面中输入子账号的基本 信息,如子账号、子账号的处理权限(可以提供选项供用户选择)、子账号的数量等信息,并将这些信息发送给服务器。这里,子账号除可以是主设备创建的外,也可以由服务器来创建,也即服务器可以为主设备生成各个子账号及其对应的密码信息。In a specific implementation, the main device user can input the basic of the sub-account in the login application interface. Information, such as sub-accounts, sub-account processing rights (can provide options for users to choose), the number of sub-accounts, etc., and send this information to the server. Here, the sub-account can be created by the server in addition to the main device, that is, the server can generate each sub-account and its corresponding password information for the main device.
本申请实施例中的服务器可以指应用的服务端所在的服务器,也可以是专用于提供密码信息的服务器。通常,一个应用包括服务端和客户端,应用的服务端可以部署在本申请实施例中提供密码信息的服务器上,也可以部署在其它服务器上,应用的客户端部署在本申请实施例中的主设备和子设备上。The server in the embodiment of the present application may refer to a server where the server of the application is located, or may be a server dedicated to providing password information. Generally, an application includes a server and a client. The server of the application may be deployed on the server that provides the password information in the embodiment of the present application, or may be deployed on other servers. The client of the application is deployed in the embodiment of the present application. On the master and child devices.
S202:服务器根据子账号信息获取请求,生成包括密码信息的子账号信息,并传输给主设备。S202: The server acquires the sub-account information including the password information according to the sub-account information acquisition request, and transmits the sub-account information to the main device.
在具体实施中,服务器可以为子账号随机生成密码信息,并保存在服务器中,然后,服务器可以将子账号密码创建成功的状态信息、生成的与各个子账号对应的密码信息传输给主设备。In a specific implementation, the server may randomly generate password information for the sub-account and save the information in the server. Then, the server may transmit the status information of the sub-account password creation success and the generated password information corresponding to each sub-account to the main device.
S203:主设备接收服务器返回的子账号信息,所述子账号信息包括子账号的密码信息,将所述密码信息发送给子设备。S203: The master device receives the sub-account information returned by the server, where the sub-account information includes the password information of the sub-account, and sends the password information to the sub-device.
在具体实施中,主设备在接收到服务器返回的子账号信息后,可以在后台自动保存子账号的密码信息,然后在后台将自动保存的密码信息发送给子设备;在此过程中,子账号的密码信息一直处于用户不可见状态。优选地,保存的密码信息可以处于加密状态,这里的加密可以包括下述第一加密,或第一加密及第二加密。In a specific implementation, after receiving the sub-account information returned by the server, the master device may automatically save the password information of the sub-account in the background, and then send the automatically saved password information to the sub-device in the background; in the process, the sub-account The password information is always invisible to the user. Preferably, the saved password information may be in an encrypted state, where the encryption may include the first encryption described below, or the first encryption and the second encryption.
在具体实施中,服务器可以在生成子账号信息后,对子账号信息进行第一加密,并将进行第一加密后的子账号信息传输给主设备;主设备接收服务器返回的第一加密后的子账号信息;将子账号对应的第一加密后的密码信息发送给子设备。这里,服务器进行第一加密后的子账号信息可以包括子账号及其对应的密码信息,主设备可以直接将该第一加密后的子账号及其对应的密码信息发送给子设备。 In a specific implementation, after generating the sub-account information, the server may perform the first encryption on the sub-account information, and transmit the first encrypted sub-account information to the main device; the main device receives the first encrypted Sub-account information; the first encrypted password information corresponding to the sub-account is sent to the sub-device. Here, the sub-account information after the server performs the first encryption may include the sub-account and its corresponding password information, and the master device may directly send the first encrypted sub-account and its corresponding password information to the sub-device.
另外,子设备在接收到主设备发送的第一加密后的密码信息后,可以通过打开的应用对密码信息进行第一解密。在具体实施中,可以在应用中设定客户端只能对来自其它客户端的密码信息进行解密,而不能对来自服务器的密码信息进行解密,这样就可以保证主设备在接收到服务器发送的加密状态的子账号密码信息后,无法对该密码信息进行解密,进一步增强了子账号密码信息的安全性。In addition, after receiving the first encrypted password information sent by the master device, the child device may first decrypt the password information by using the opened application. In a specific implementation, in the application, the client can only decrypt the password information from other clients, but cannot decrypt the password information from the server, so that the master device can receive the encryption status sent by the server. After the sub-account password information, the password information cannot be decrypted, which further enhances the security of the sub-account password information.
优选地,主设备在接收到服务器返回的第一加密后的子账号信息后,还可以对子账号的密码信息进行第二加密,将进行第二加密后的密码信息发送给子设备,以进一步提高密码传输过程中的安全性;子设备在接收到主设备发送的第二加密后的密码信息后,对密码信息进行第二解密及第一解密。Preferably, after receiving the first encrypted sub-account information returned by the server, the master device may further perform second encryption on the password information of the sub-account, and send the second encrypted password information to the sub-device to further The security of the password transmission process is improved; after receiving the second encrypted password information sent by the master device, the child device performs second decryption and first decryption on the password information.
主设备可以通过多种通信方式将子账号的密码信息传输给子设备,比如可以通过蓝牙、无线保真(wifi)、数据连接等等。作为一种优选的实施方式,主设备可以将子账号的密码信息通过近场通信(Near Field Communication,NFC)数据传输通道发送给子设备。The master device can transmit the password information of the sub-account to the sub-device through various communication methods, such as Bluetooth, wireless fidelity (wifi), data connection, and the like. As a preferred implementation manner, the master device may send the password information of the sub-account to the sub-device through a Near Field Communication (NFC) data transmission channel.
由于NFC的通信距离通常为10厘米以内,通过NFC的点对点(Peer to Peer,P2P)模式来传递子账号的密码信息可以保证子账号的密码信息是主账号持有者与子账号受理者当面传输的,保证了密码信息的保密性及完整性;而且,基于NFC传输方式,只需将两台设备靠近彼此即可完成整个传输过程,无需进行繁琐漫长的搜索、连接配对过程,从而简化了用户对移动设备的操作。在具体实施中,主设备可以通过触碰子设备,与子设备建立起NFC数据传输通道。该触碰过程是一种仿握手的新型交互方式,可以看做是一种接受、确认的过程,可以起到防抵赖的作用。Since the communication distance of the NFC is usually less than 10 cm, the password information of the sub-account can be transmitted through the NFC Peer-to-Peer (P2P) mode to ensure that the sub-account password information is transmitted by the primary account holder and the sub-account recipient. The confidentiality and integrity of the password information are ensured; and, based on the NFC transmission method, the entire transmission process can be completed by simply bringing the two devices close to each other, thereby eliminating the cumbersome long search and connection pairing process, thereby simplifying the user. Operation on mobile devices. In a specific implementation, the master device can establish an NFC data transmission channel with the child device by touching the child device. The touch process is a new type of interaction that simulates a handshake. It can be seen as a process of acceptance and confirmation, which can play a role of non-repudiation.
在具体实施中,对处于加密状态的密码信息进行解密的解码方式可以是预设的,另外,也可以在应用中设定与特定的密码传输通道(比如NFC数据传输通道、蓝牙数据传输通道等)对应的解码方式,子设备根据接收密码信息的密码传输通道确定解码方式,基于确定的解码方式对处于加密状态的密码信息 进行解密。比如可以设定与NFC数据传输通道对应的解码方式,主设备在将密码信息通过NFC数据传输通道发送给子设备后,子设备确定该密码信息来自NFC数据传输通道,则根据与NFC数据传输通道对应的解码方式进行解密。另外,可以在应用中限定解码方式的使用权限,比如只有密码信息是来自NFC数据传输通道,才能使用与该NFC数据传输通道对应的解码方式对密码信息进行解密,从而进一步保证密码的安全性。In a specific implementation, the decoding manner of decrypting the encrypted information in the encrypted state may be preset. In addition, the specific password transmission channel (such as an NFC data transmission channel, a Bluetooth data transmission channel, etc.) may also be set in the application. Corresponding decoding mode, the sub-device determines the decoding mode according to the cipher transmission channel that receives the cipher information, and uses the cryptographic information in the encrypted state based on the determined decoding mode. Decrypt. For example, the decoding mode corresponding to the NFC data transmission channel can be set. After the master device sends the password information to the child device through the NFC data transmission channel, the child device determines that the password information is from the NFC data transmission channel, and according to the NFC data transmission channel. The corresponding decoding method is used for decryption. In addition, the use permission of the decoding mode can be defined in the application. For example, only the password information is from the NFC data transmission channel, and the password information can be decrypted using the decoding method corresponding to the NFC data transmission channel, thereby further ensuring the security of the password.
在具体实施中,主设备在接收到来自服务器的密码信息后,在不显示密码的前提下,可以对用户进行提示,比如,通过应用界面亮度的变化进行提示(比如在主设备向服务器发起请求后,应用界面亮度变暗,在接收到服务器反馈的密码信息后,应用界面亮度变亮,表示用户此时可以对应用进行操作),或者直接通过信息提示用户密码获取成功,可以发送给子设备。In a specific implementation, after receiving the password information from the server, the master device may prompt the user without displaying the password, for example, by prompting changes in the brightness of the application interface (for example, when the master device initiates a request to the server) After that, the brightness of the application interface is dimmed. After receiving the password information fed back by the server, the brightness of the application interface is bright, indicating that the user can operate the application at this time, or directly prompting the user that the password is successfully obtained through the information, and can be sent to the child device. .
作为一种优选的实施方式,主设备在向子设备传输子账号的信息(包括密码信息、子账号等)的同时,还可以向子设备发送应用的信息,比如应用的名称或标识符,还可以是用于触发打开应用的字符串等。这样,子设备可以基于主设备发送的应用的信息打开该应用,并在打开的应用中,基于所述密码信息登录子账号,详见关于S204的描述。当然,子设备也可以在用户的触发下主动打开应用,不需要主设备发送的信息来触发。As a preferred implementation manner, the master device may also send the information of the application, such as the name or identifier of the application, to the child device, while transmitting the information of the sub-account (including the password information, the sub-account, and the like) to the sub-device. It can be a string used to trigger an open application, and so on. In this way, the child device can open the application based on the information of the application sent by the master device, and log in the sub-account based on the password information in the opened application, as described in detail with respect to S204. Of course, the child device can also actively open the application under the trigger of the user, and does not need the information sent by the master device to trigger.
S204:子设备接收主设备发送的子账号的密码信息,基于接收到的子账号的密码信息登录应用。S204: The sub-device receives the password information of the sub-account sent by the main device, and logs in the application based on the password information of the received sub-account.
在具体实施中,子设备在接收主设备发送的子账号及对应的密码信息后,基于打开的应用将接收的子账号及对应的密码信息发送到服务器进行鉴权。In a specific implementation, after receiving the sub-account and the corresponding password information sent by the main device, the sub-device sends the received sub-account and the corresponding password information to the server for authentication based on the opened application.
服务器将子设备发送的子账号的密码信息与该服务器之前保存的该子账号的密码信息进行比较,在确定两者一致后,确认鉴权成功,此时,服务器允许子设备成功登录应用。子设备成功登录后,可以设置初始密码,具体可以是修改系统默认的初始密码,或者在没有默认的密码的基础上设置初始密 码。The server compares the password information of the sub-account sent by the sub-device with the password information of the sub-account saved by the server. After determining that the two are consistent, the server confirms that the authentication is successful. At this time, the server allows the sub-device to successfully log in to the application. After the sub-device successfully logs in, you can set the initial password, which can be to modify the system default initial password, or set the initial password based on the default password. code.
实施例二Embodiment 2
实施例二介绍在本申请思想指导下的一种优选的实施方式。The second embodiment introduces a preferred embodiment under the guidance of the idea of the present application.
如图3所示,为本申请实施例二提供的子账号信息处理方法流程图,包括:As shown in FIG. 3, a flowchart of a method for processing sub-account information provided in Embodiment 2 of the present application includes:
S301:主设备登录主账号,向服务器发送子账号信息获取请求,用于请求获取子账号的密码信息。S301: The master device logs in to the primary account, and sends a sub-account information obtaining request to the server, for requesting to obtain the password information of the sub-account.
这里,主设备可以在子账号信息获取请求携带主设备创建的子账号,也可以不携带,由服务器为其同时创建子账号及对应的密码信息。Here, the master device may carry the sub-account created by the master device in the sub-account information acquisition request, or may not carry, and the server creates a sub-account and corresponding password information at the same time.
S302:服务器生成子账号信息,并对子账号信息进行第一加密后传输给主设备。这里的子账号信息中包括子账号的密码信息,或者包括子账号及对应的密码信息。S302: The server generates sub-account information, and performs first encryption on the sub-account information and transmits the information to the main device. The sub-account information here includes the password information of the sub-account, or includes the sub-account and the corresponding password information.
S303:主设备在接收到服务器返回的子账号信息后,对子账号信息进行第二加密,并通过后台自动保存。S303: After receiving the sub-account information returned by the server, the master device performs second encryption on the sub-account information, and automatically saves the background information.
这里,主设备在获取到子账号信息后,对子账号信息进行第二加密后,通过后台自动保存到内存中,并提示用户建立NFC数据传输通道。Here, after obtaining the sub-account information, the master device performs second encryption on the sub-account information, automatically saves it into the memory through the background, and prompts the user to establish an NFC data transmission channel.
S304:主设备通过触碰子设备,向子设备发起建立NFC数据传输通道的请求,子设备响应该请求,与主设备之间建立起NFC数据传输通道。S304: The master device initiates a request for establishing an NFC data transmission channel to the child device by touching the child device, and the child device responds to the request, and establishes an NFC data transmission channel with the master device.
S305:主设备将应用系统的信息和第二加密后的子账号信息通过NFC数据传输通道发送给子设备。S305: The master device sends the information of the application system and the second encrypted sub-account information to the child device through the NFC data transmission channel.
这里,在NFC数据传输通道建立完成后,主设备通过后台将保存的子账号信息发送给子设备,整个过程中不对用户显示密码信息。Here, after the NFC data transmission channel is established, the master device sends the saved sub-account information to the sub-device through the background, and the password information is not displayed to the user in the whole process.
S306:子设备打开应用系统,对第二加密后的子账号信息进行第二解密。S306: The child device opens the application system, and performs second decryption on the second encrypted sub-account information.
S307:子设备将解密后的子账号信息发送到服务器进行鉴权。服务器基于之前保存的所述子账号的密码信息,对子设备发送的子账号的密码信息进 行鉴权。S307: The child device sends the decrypted sub-account information to the server for authentication. The server enters the password information of the sub-account sent by the sub-device based on the password information of the sub-account previously saved. Line authentication.
S308:在鉴权通过后,子设备成功登录所述子账号。S308: After the authentication is passed, the child device successfully logs in to the sub-account.
S309:设置初始密码。另外,子设备用户可以在登录的应用系统中查看自己的处理权限信息等。S309: Set the initial password. In addition, the sub-device user can view his own processing permission information and the like in the logged-in application system.
基于同一发明构思,本申请实施例中还提供了一种与子账号信息处理方法对应的子账号信息传输装置,由于该装置解决问题的原理与本申请实施例的子账号信息处理方法相似,因此该装置的实施可以参见方法的实施,重复之处不再赘述。Based on the same inventive concept, the embodiment of the present application further provides a sub-account information transmission device corresponding to the sub-account information processing method, and the principle of solving the problem is similar to the sub-account information processing method in the embodiment of the present application. The implementation of the device can be referred to the implementation of the method, and the repeated description will not be repeated.
实施例三Embodiment 3
如图4所示,为本申请实施例三提供的子账号信息处理的终端设备结构示意图,该终端设备具体可以指上述实施例所述的主设备,包括:As shown in FIG. 4, it is a schematic structural diagram of a terminal device for processing sub-account information provided in Embodiment 3 of the present application, where the terminal device may specifically refer to the master device described in the foregoing embodiment, and includes:
登录模块41,用于通过主账号登录应用;The login module 41 is configured to log in to the application by using a primary account.
密码请求模块42,用于向服务器发送子账号信息获取请求,以请求获取子账号的密码信息;The password requesting module 42 is configured to send a sub-account information obtaining request to the server to request to obtain the password information of the sub-account;
接收模块43,用于接收所述服务器返回的子账号信息,所述子账号信息包括所述子账号的密码信息;The receiving module 43 is configured to receive sub-account information returned by the server, where the sub-account information includes password information of the sub-account;
密码发送模块44,用于将所述密码信息发送给所述子设备。The password sending module 44 is configured to send the password information to the child device.
可选地,密码发送模块44具体用于:Optionally, the password sending module 44 is specifically configured to:
将所述密码信息通过近场通信NFC数据传输通道发送给所述子设备。The password information is sent to the child device through a near field communication NFC data transmission channel.
可选地,接收模块43具体用于:Optionally, the receiving module 43 is specifically configured to:
接收所述服务器返回的第一加密后的子账号信息;Receiving the first encrypted sub-account information returned by the server;
密码发送模块44具体用于:The password sending module 44 is specifically configured to:
将所述子账号对应的第一加密后的密码信息发送给所述子设备。Sending the first encrypted password information corresponding to the sub-account to the sub-device.
可选地,密码发送模块44具体用于:Optionally, the password sending module 44 is specifically configured to:
对所述密码信息进行第二加密,将进行第二加密后的密码信息发送给所述子设备。 Performing a second encryption on the password information, and transmitting the second encrypted password information to the child device.
可选地,密码发送模块44具体用于:Optionally, the password sending module 44 is specifically configured to:
在接收到所述服务器返回的子账号信息后,在后台自动保存所述子账号的密码信息,并将后台自动保存的密码信息发送给所述子设备;其中,在后台自动保存的密码信息处于加密状态。After receiving the sub-account information returned by the server, the password information of the sub-account is automatically saved in the background, and the password information automatically saved in the background is sent to the sub-device; wherein the password information automatically saved in the background is Encryption status.
可选地,密码发送模块44具体用于:Optionally, the password sending module 44 is specifically configured to:
将所述主设备创建的子账号以及所述子账号的密码信息发送给所述子设备。Sending the sub-account created by the master device and the password information of the sub-account to the sub-device.
实施例四Embodiment 4
如图5所示,为本申请实施例四提供的子账号信息处理的服务器结构示意图,包括:As shown in FIG. 5, a schematic structural diagram of a server for processing sub-account information provided in Embodiment 4 of the present application includes:
接收模块51,用于接收登录主账号的主设备发送的子账号信息获取请求;The receiving module 51 is configured to receive a sub-account information acquisition request sent by the master device that logs in the primary account.
生成模块52,用于根据所述子账号信息获取请求,生成包括子账号的密码信息的子账号信息;The generating module 52 is configured to generate sub-account information including password information of the sub-account according to the sub-account information obtaining request;
发送模块53,用于将所述子账号信息传输给所述主设备。The sending module 53 is configured to transmit the sub-account information to the main device.
可选地,发送模块53具体用于:Optionally, the sending module 53 is specifically configured to:
对生成的所述子账号信息进行第一加密,并将进行第一加密后的子账号信息传输给所述主设备。Performing the first encryption on the generated sub-account information, and transmitting the first encrypted sub-account information to the main device.
实施例五Embodiment 5
如图6所示,为本申请实施例五提供的子账号信息处理的终端设备结构示意图,该终端设备具体可以指上述实施例中的子设备,包括:As shown in FIG. 6 , a schematic diagram of a structure of a terminal device for processing sub-account information provided in Embodiment 5 of the present application, where the terminal device may specifically refer to a sub-device in the foregoing embodiment, including:
接收模块61,用于接收主设备发送的子账号的密码信息;所述子账号的密码信息为服务器生成的;The receiving module 61 is configured to receive password information of a sub-account sent by the main device; the password information of the sub-account is generated by the server;
登录模块62,用于基于接收到的子账号的密码信息登录应用。The login module 62 is configured to log in to the application based on the password information of the received sub-account.
可选地,所述接收模块61具体用于:Optionally, the receiving module 61 is specifically configured to:
通过近场通信NFC数据传输通道接收主设备发送的子账号的密码信息。The password information of the sub-account sent by the master device is received through the near field communication NFC data transmission channel.
可选地,所述接收模块61具体用于: Optionally, the receiving module 61 is specifically configured to:
接收所述主设备发送的第一加密后的密码信息;其中,所述第一加密为由服务器对密码信息进行的加密;Receiving, by the primary device, the first encrypted password information, where the first encryption is encryption performed by the server on the password information;
所述终端设备还包括:The terminal device further includes:
解密模块63,用于通过所述应用对所述第一加密后的密码信息进行第一解密。The decryption module 63 is configured to perform first decryption on the first encrypted password information by using the application.
可选地,接收模块61具体用于:Optionally, the receiving module 61 is specifically configured to:
接收所述主设备发送的第二加密后的密码信息;所述第二加密为由所述主设备对第一加密后的密码信息进行的加密;Receiving, by the primary device, second encrypted password information; the second encryption is encryption performed by the primary device on the first encrypted password information;
解密模块63还用于:The decryption module 63 is also used to:
对第二加密后的密码信息进行第二解密。Performing a second decryption on the second encrypted password information.
可选地,接收模块61具体用于:Optionally, the receiving module 61 is specifically configured to:
接收主设备发送的处于加密状态的密码信息;Receiving password information sent by the master device in an encrypted state;
解密模块63还用于:The decryption module 63 is also used to:
根据接收所述密码信息的密码传输通道确定解码方式,基于确定的解码方式对所述处于加密状态的密码信息进行解密。Determining a decoding mode according to a cryptographic transmission channel that receives the cipher information, and decrypting the cryptographic information in an encrypted state based on the determined decoding manner.
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present application can be provided as a method, system, or computer program product. Thus, the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware. Moreover, the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
本申请是参照根据本申请实施例的方法、装置(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一 个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the present application. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Implemented in flowchart one Means of a process or a plurality of processes and/or block diagrams of a function specified in a block or blocks.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
尽管已描述了本申请的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本申请范围的所有变更和修改。While the preferred embodiment of the present application has been described, it will be apparent that those skilled in the art can make further changes and modifications to the embodiments. Therefore, the appended claims are intended to be interpreted as including the preferred embodiments and the modifications and
显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的精神和范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。 It will be apparent to those skilled in the art that various modifications and changes can be made in the present application without departing from the spirit and scope of the application. Thus, it is intended that the present invention cover the modifications and variations of the present invention.

Claims (29)

  1. 一种子账号信息处理系统,其特征在于,包括主设备、至少一个子设备、以及服务器,所述主设备通过主账号登录应用;其中:A sub-account information processing system, comprising: a main device, at least one sub-device, and a server, wherein the main device logs in to the application by using a primary account; wherein:
    所述主设备,用于向所述服务器发送子账号信息获取请求,并用于接收服务器返回的子账号信息,所述子账号信息包括子账号的密码信息,并用于将所述密码信息发送给所述子设备;The master device is configured to send a sub-account information acquisition request to the server, and is configured to receive sub-account information returned by the server, where the sub-account information includes password information of the sub-account, and is used to send the password information to the Descriptive device
    所述服务器,用于根据所述子账号信息获取请求,生成包括密码信息的所述子账号信息,并传输给所述主设备;The server is configured to generate the sub-account information including the password information according to the sub-account information acquisition request, and transmit the sub-account information to the main device;
    所述子设备,用于接收所述主设备发送的密码信息。The sub-device is configured to receive password information sent by the main device.
  2. 如权利要求1所述的系统,其特征在于,所述主设备,具体用于将所述密码信息通过近场通信NFC数据传输通道发送给所述子设备。The system according to claim 1, wherein the master device is specifically configured to send the password information to the child device through a near field communication NFC data transmission channel.
  3. 如权利要求1所述的系统,其特征在于,所述服务器,具体用于在生成所述子账号信息后,对所述子账号信息进行第一加密,并将进行第一加密后的子账号信息传输给所述主设备;The system according to claim 1, wherein the server is configured to perform the first encryption on the sub-account information after generating the sub-account information, and perform the first encrypted sub-account Information is transmitted to the primary device;
    所述子设备,还用于在接收到所述主设备发送的第一加密后的密码信息后,通过打开的所述应用对所述密码信息进行第一解密。The sub-device is further configured to: after receiving the first encrypted password information sent by the primary device, perform first decryption on the password information by using the opened application.
  4. 如权利要求3所述的系统,其特征在于,所述主设备,具体用于在接收到所述服务器返回的子账号信息后,对所述子账号的密码信息进行第二加密,将进行第二加密后的密码信息发送给所述子设备;The system according to claim 3, wherein the master device is configured to perform second encryption on the password information of the sub-account after receiving the sub-account information returned by the server, The second encrypted password information is sent to the child device;
    所述子设备,还用于在接收到所述主设备发送的第二加密后的密码信息后,对所述密码信息进行第二解密。The sub-device is further configured to perform second decryption on the password information after receiving the second encrypted password information sent by the master device.
  5. 如权利要求1所述的系统,其特征在于,所述主设备,具体用于在接收到所述服务器返回的子账号信息后,在后台自动保存所述子账号的密码信息,并用于将后台自动保存的密码信息发送给所述子设备;其中,在后台自动保存的密码信息处于加密状态。The system according to claim 1, wherein the master device is configured to automatically save the password information of the sub-account in the background after receiving the sub-account information returned by the server, and use the background information to be used in the background. The automatically saved password information is sent to the child device; wherein the password information automatically saved in the background is in an encrypted state.
  6. 一种子账号信息处理方法,其特征在于,该方法包括: A method for processing sub-account information, characterized in that the method comprises:
    主设备通过主账号登录应用;The master device logs in to the application through the primary account.
    向服务器发送子账号信息获取请求,用于请求获取子账号的密码信息;Sending a sub-account information obtaining request to the server, for requesting to obtain password information of the sub-account;
    接收所述服务器返回的子账号信息,所述子账号信息包括所述子账号的密码信息;Receiving sub-account information returned by the server, where the sub-account information includes password information of the sub-account;
    将所述密码信息发送给所述子设备。Sending the password information to the child device.
  7. 如权利要求6所述的方法,其特征在于,所述将所述密码信息发送给所述子设备,包括:The method of claim 6, wherein the transmitting the password information to the child device comprises:
    将所述密码信息通过近场通信NFC数据传输通道发送给所述子设备。The password information is sent to the child device through a near field communication NFC data transmission channel.
  8. 如权利要求6所述的方法,其特征在于,所述接收所述服务器返回的子账号信息,包括:The method of claim 6, wherein the receiving the sub-account information returned by the server comprises:
    接收所述服务器返回的第一加密后的子账号信息;Receiving the first encrypted sub-account information returned by the server;
    所述将所述密码信息发送给所述子设备,包括:The sending the password information to the sub-device includes:
    将所述子账号对应的第一加密后的密码信息发送给所述子设备。Sending the first encrypted password information corresponding to the sub-account to the sub-device.
  9. 如权利要求8所述的方法,其特征在于,所述将所述子账号对应的第一加密后的密码信息发送给所述子设备,包括:The method of claim 8, wherein the transmitting the first encrypted password information corresponding to the sub-account to the sub-device comprises:
    对所述密码信息进行第二加密,将进行第二加密后的密码信息发送给所述子设备。Performing a second encryption on the password information, and transmitting the second encrypted password information to the child device.
  10. 如权利要求6所述的方法,其特征在于,所述将所述密码信息发送给所述子设备,包括:The method of claim 6, wherein the transmitting the password information to the child device comprises:
    在接收到所述服务器返回的子账号信息后,在后台自动保存所述子账号的密码信息,并将后台自动保存的密码信息发送给所述子设备;其中,在后台自动保存的密码信息处于加密状态。After receiving the sub-account information returned by the server, the password information of the sub-account is automatically saved in the background, and the password information automatically saved in the background is sent to the sub-device; wherein the password information automatically saved in the background is Encryption status.
  11. 如权利要求6~10任一所述的方法,其特征在于,所述将所述密码信息发送给所述子设备,包括:The method according to any one of claims 6 to 10, wherein the sending the password information to the child device comprises:
    将所述主设备创建的子账号以及所述子账号的密码信息发送给所述子设备。 Sending the sub-account created by the master device and the password information of the sub-account to the sub-device.
  12. 一种子账号信息处理方法,其特征在于,该方法包括:A method for processing sub-account information, characterized in that the method comprises:
    服务器接收登录主账号的主设备发送的子账号信息获取请求;The server receives the sub-account information acquisition request sent by the master device that logs in to the primary account;
    根据所述子账号信息获取请求,生成包括子账号的密码信息的子账号信息;Generating sub-account information including password information of the sub-account according to the sub-account information acquisition request;
    将所述子账号信息传输给所述主设备。Transmitting the sub-account information to the main device.
  13. 如权利要求12所述的方法,其特征在于,将所述子账号信息传输给所述主设备,包括:The method of claim 12, wherein the transmitting the sub-account information to the main device comprises:
    对生成的所述子账号信息进行第一加密,并将进行第一加密后的子账号信息传输给所述主设备。Performing the first encryption on the generated sub-account information, and transmitting the first encrypted sub-account information to the main device.
  14. 一种子账号信息处理方法,其特征在于,该方法包括:A method for processing sub-account information, characterized in that the method comprises:
    接收主设备发送的子账号的密码信息;所述子账号的密码信息为服务器生成的;Receiving password information of the sub-account sent by the primary device; the password information of the sub-account is generated by the server;
    基于接收到的子账号的密码信息登录应用。The application is logged in based on the password information of the received sub-account.
  15. 如权利要求14所述的方法,其特征在于,接收主设备发送的子账号的密码信息,包括:The method of claim 14, wherein the receiving the password information of the sub-account sent by the master device comprises:
    通过近场通信NFC数据传输通道接收主设备发送的子账号的密码信息。The password information of the sub-account sent by the master device is received through the near field communication NFC data transmission channel.
  16. 如权利要求14所述的方法,其特征在于,所述接收主设备发送的子账号的密码信息,包括:The method of claim 14, wherein the receiving the password information of the sub-account sent by the master device comprises:
    接收所述主设备发送的第一加密后的密码信息;其中,所述第一加密为由服务器对密码信息进行的加密;Receiving, by the primary device, the first encrypted password information, where the first encryption is encryption performed by the server on the password information;
    基于接收到的子账号的密码信息登录应用之前,还包括:Before logging in to the application based on the password information of the received sub-account, it also includes:
    通过所述应用对所述第一加密后的密码信息进行第一解密。The first encrypted password information is first decrypted by the application.
  17. 如权利要求16所述的方法,其特征在于,所述接收主设备发送的子账号的密码信息,包括:The method of claim 16, wherein the receiving the password information of the sub-account sent by the master device comprises:
    接收所述主设备发送的第二加密后的密码信息;所述第二加密为由所述主设备对第一加密后的密码信息进行的加密; Receiving, by the primary device, second encrypted password information; the second encryption is encryption performed by the primary device on the first encrypted password information;
    基于接收到的子账号的密码信息登录应用之前,还包括:Before logging in to the application based on the password information of the received sub-account, it also includes:
    对第二加密后的密码信息进行第二解密。Performing a second decryption on the second encrypted password information.
  18. 如权利要求14所述的方法,其特征在于,接收主设备发送的子账号的密码信息,包括:The method of claim 14, wherein the receiving the password information of the sub-account sent by the master device comprises:
    接收主设备发送的处于加密状态的密码信息;Receiving password information sent by the master device in an encrypted state;
    基于接收到的子账号的密码信息登录应用之前,还包括:Before logging in to the application based on the password information of the received sub-account, it also includes:
    根据接收所述密码信息的密码传输通道确定解码方式,基于确定的解码方式对所述处于加密状态的密码信息进行解密。Determining a decoding mode according to a cryptographic transmission channel that receives the cipher information, and decrypting the cryptographic information in an encrypted state based on the determined decoding manner.
  19. 一种子账号信息处理的终端设备,其特征在于,该终端设备包括:A terminal device for processing sub-account information, characterized in that the terminal device comprises:
    登录模块,用于通过主账号登录应用;Login module, used to log in to the application through the primary account;
    密码请求模块,用于向服务器发送子账号信息获取请求,用于请求获取子账号的密码信息;a password requesting module, configured to send a sub-account information obtaining request to the server, to request to obtain the password information of the sub-account;
    接收模块,用于接收所述服务器返回的子账号信息,所述子账号信息包括所述子账号的密码信息;a receiving module, configured to receive sub-account information returned by the server, where the sub-account information includes password information of the sub-account;
    密码发送模块,用于将所述密码信息发送给所述子设备。a password sending module, configured to send the password information to the child device.
  20. 如权利要求19所述的终端设备,其特征在于,所述密码发送模块具体用于:The terminal device according to claim 19, wherein the password sending module is specifically configured to:
    将所述密码信息通过近场通信NFC数据传输通道发送给所述子设备。The password information is sent to the child device through a near field communication NFC data transmission channel.
  21. 如权利要求19所述的终端设备,其特征在于,所述接收模块具体用于:The terminal device according to claim 19, wherein the receiving module is specifically configured to:
    接收所述服务器返回的第一加密后的子账号信息;Receiving the first encrypted sub-account information returned by the server;
    所述密码发送模块具体用于:The password sending module is specifically configured to:
    将所述子账号对应的第一加密后的密码信息发送给所述子设备。Sending the first encrypted password information corresponding to the sub-account to the sub-device.
  22. 如权利要求21所述的终端设备,其特征在于,所述密码发送模块具体用于:The terminal device according to claim 21, wherein the password sending module is specifically configured to:
    对所述密码信息进行第二加密,将进行第二加密后的密码信息发送给所述 子设备。Performing a second encryption on the password information, and transmitting the second encrypted password information to the Child device.
  23. 如权利要求19所述的终端设备,其特征在于,所述密码发送模块具体用于:The terminal device according to claim 19, wherein the password sending module is specifically configured to:
    在接收到所述服务器返回的子账号信息后,在后台自动保存所述子账号的密码信息,并将后台自动保存的密码信息发送给所述子设备;其中,在后台自动保存的密码信息处于加密状态。After receiving the sub-account information returned by the server, the password information of the sub-account is automatically saved in the background, and the password information automatically saved in the background is sent to the sub-device; wherein the password information automatically saved in the background is Encryption status.
  24. 一种子账号信息处理的服务器,其特征在于,该服务器包括:A server for processing sub-account information, characterized in that the server comprises:
    接收模块,用于接收登录主账号的主设备发送的子账号信息获取请求;a receiving module, configured to receive a sub-account information acquisition request sent by a primary device that logs in to the primary account;
    生成模块,用于根据所述子账号信息获取请求,生成包括子账号的密码信息的子账号信息;a generating module, configured to generate sub-account information including password information of the sub-account according to the sub-account information obtaining request;
    发送模块,用于将所述子账号信息传输给所述主设备。And a sending module, configured to transmit the sub-account information to the main device.
  25. 如权利要求24所述的服务器,其特征在于,所述发送模块具体用于:The server according to claim 24, wherein the sending module is specifically configured to:
    对生成的所述子账号信息进行第一加密,并将进行第一加密后的子账号信息传输给所述主设备。Performing the first encryption on the generated sub-account information, and transmitting the first encrypted sub-account information to the main device.
  26. 一种子账号信息处理的终端设备,其特征在于,该终端设备包括:A terminal device for processing sub-account information, characterized in that the terminal device comprises:
    接收模块,用于接收主设备发送的子账号的密码信息;所述子账号的密码信息为服务器生成的;a receiving module, configured to receive password information of a sub-account sent by the main device; the password information of the sub-account is generated by the server;
    登录模块,用于基于接收到的子账号的密码信息登录应用。The login module is configured to log in to the application based on the password information of the received sub-account.
  27. 如权利要求26所述的终端设备,其特征在于,所述接收模块具体用于:The terminal device according to claim 26, wherein the receiving module is specifically configured to:
    通过近场通信NFC数据传输通道接收主设备发送的子账号的密码信息。The password information of the sub-account sent by the master device is received through the near field communication NFC data transmission channel.
  28. 如权利要求26所述的终端设备,其特征在于,所述接收模块具体用于:The terminal device according to claim 26, wherein the receiving module is specifically configured to:
    接收所述主设备发送的第一加密后的密码信息;其中,所述第一加密为由服务器对密码信息进行的加密;Receiving, by the primary device, the first encrypted password information, where the first encryption is encryption performed by the server on the password information;
    所述终端设备还包括: The terminal device further includes:
    解密模块,用于通过所述应用对所述第一加密后的密码信息进行第一解密。And a decryption module, configured to perform first decryption on the first encrypted password information by using the application.
  29. 如权利要求28所述的终端设备,其特征在于,所述接收模块具体用于:The terminal device according to claim 28, wherein the receiving module is specifically configured to:
    接收所述主设备发送的第二加密后的密码信息;所述第二加密为由所述主设备对第一加密后的密码信息进行的加密;Receiving, by the primary device, second encrypted password information; the second encryption is encryption performed by the primary device on the first encrypted password information;
    所述解密模块还用于:The decryption module is further configured to:
    对第二加密后的密码信息进行第二解密。 Performing a second decryption on the second encrypted password information.
PCT/CN2017/092909 2016-07-21 2017-07-14 System, method, and device for processing sub-account information WO2018014785A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610581320.XA CN106911659B (en) 2016-07-21 2016-07-21 System, method and device for processing information of sub account number
CN201610581320.X 2016-07-21

Publications (1)

Publication Number Publication Date
WO2018014785A1 true WO2018014785A1 (en) 2018-01-25

Family

ID=59206757

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/092909 WO2018014785A1 (en) 2016-07-21 2017-07-14 System, method, and device for processing sub-account information

Country Status (3)

Country Link
CN (1) CN106911659B (en)
TW (1) TW201807614A (en)
WO (1) WO2018014785A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112967012A (en) * 2021-02-18 2021-06-15 江苏通付盾科技有限公司 Design method and system of enterprise cloud platform account
CN113221128A (en) * 2020-01-21 2021-08-06 中国移动通信集团山东有限公司 Account and password storage method and registration management system
CN116723057A (en) * 2023-08-09 2023-09-08 上海凯翔信息科技有限公司 Cloud NAS multi-account storage system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106911659B (en) * 2016-07-21 2020-08-04 口碑控股有限公司 System, method and device for processing information of sub account number

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102932341A (en) * 2012-10-25 2013-02-13 北京小米科技有限责任公司 Method, device and equipment for password processing
CN104283874A (en) * 2014-09-28 2015-01-14 小米科技有限责任公司 Data authority control method and device based on cloud server
CN105337933A (en) * 2014-07-03 2016-02-17 阿里巴巴集团控股有限公司 Method and system for creating sub-account, primary account device and sub-account device
CN106911659A (en) * 2016-07-21 2017-06-30 口碑控股有限公司 One seed account information processing system, method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9667626B2 (en) * 2010-01-27 2017-05-30 Keypasco Ab Network authentication method and device for implementing the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102932341A (en) * 2012-10-25 2013-02-13 北京小米科技有限责任公司 Method, device and equipment for password processing
CN105337933A (en) * 2014-07-03 2016-02-17 阿里巴巴集团控股有限公司 Method and system for creating sub-account, primary account device and sub-account device
CN104283874A (en) * 2014-09-28 2015-01-14 小米科技有限责任公司 Data authority control method and device based on cloud server
CN106911659A (en) * 2016-07-21 2017-06-30 口碑控股有限公司 One seed account information processing system, method and device

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113221128A (en) * 2020-01-21 2021-08-06 中国移动通信集团山东有限公司 Account and password storage method and registration management system
CN112967012A (en) * 2021-02-18 2021-06-15 江苏通付盾科技有限公司 Design method and system of enterprise cloud platform account
CN116723057A (en) * 2023-08-09 2023-09-08 上海凯翔信息科技有限公司 Cloud NAS multi-account storage system
CN116723057B (en) * 2023-08-09 2023-11-10 上海凯翔信息科技有限公司 Cloud NAS multi-account storage system

Also Published As

Publication number Publication date
TW201807614A (en) 2018-03-01
CN106911659A (en) 2017-06-30
CN106911659B (en) 2020-08-04

Similar Documents

Publication Publication Date Title
US10554420B2 (en) Wireless connections to a wireless access point
JP6416402B2 (en) Cloud storage method and system
JP6399382B2 (en) Authentication system
WO2019020051A1 (en) Method and apparatus for security authentication
WO2018014785A1 (en) System, method, and device for processing sub-account information
KR20220086580A (en) Non-custodial tool for building decentralized computer applications
TW201814547A (en) Electronic device, server, communication system and communication method
SE1451209A1 (en) Improved installation of a terminal in a secure system
CN103905204A (en) Data transmission method and transmission system
SE1451210A1 (en) Generating a symmetric encryption key
TW201926943A (en) Data transmission method and system
CN109362074A (en) The method of h5 and server-side safety communication in a kind of mixed mode APP
CN104253801A (en) Method, device and system for realizing login authentication
WO2018113337A1 (en) Method and system for establishing secure communication environment for wearable device
SE540133C2 (en) Improved system for establishing a secure communication channel
SE542460C2 (en) Improved security through authenticaton tokens
CN102404337A (en) Data encryption method and device
WO2015117437A1 (en) File encryption/decryption method and device
CN106161363B (en) SSL connection establishment method and system
WO2017050152A1 (en) Password security system adopted by mobile apparatus and secure password entering method thereof
EP3041188B1 (en) Method, device and system for controlling presentation of application
CN109075966B (en) Communication security system and method
CN108933766B (en) Method and client for improving equipment ID security
US20140185808A1 (en) Apparatus, systems, and methods for encryption key distribution
CN104980266A (en) Data communication method and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17830419

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17830419

Country of ref document: EP

Kind code of ref document: A1