WO2023241060A1 - Data access method and apparatus - Google Patents

Data access method and apparatus Download PDF

Info

Publication number
WO2023241060A1
WO2023241060A1 PCT/CN2023/074316 CN2023074316W WO2023241060A1 WO 2023241060 A1 WO2023241060 A1 WO 2023241060A1 CN 2023074316 W CN2023074316 W CN 2023074316W WO 2023241060 A1 WO2023241060 A1 WO 2023241060A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
verification
identification information
stored
browser fingerprint
Prior art date
Application number
PCT/CN2023/074316
Other languages
French (fr)
Chinese (zh)
Inventor
陈锋
卜广宝
Original Assignee
京东科技信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 京东科技信息技术有限公司 filed Critical 京东科技信息技术有限公司
Publication of WO2023241060A1 publication Critical patent/WO2023241060A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Definitions

  • the mechanism of the single Token solution cannot prevent the risk of data leakage caused by users sharing links, or the REFERER solution verification is usually used in scenarios where the number of user visits is counted. There are certain risks in using REFERER to prevent hotlinking, and some scenarios cannot be verified. Furthermore, using In the scheme of recording visitor IP or physical address, the user's IP address may change when switching networks, and there is a possibility of misjudgment if the method of recording the last user IP is chosen.
  • Some embodiments of the present disclosure provide a data access method, which method includes: receiving an access request for a data page from an integration party, where the access request includes identification information and browser setting information for accessing the data page; based on the browser setting information , generate the browser fingerprint information corresponding to the integrator; based on the pre-stored verification information, perform information verification on the identification information and browser fingerprint information, and generate verification results; based on the verification results, send the corresponding data access results to the integrator .
  • Some embodiments of the present disclosure provide a computer program product, including a computer program that, when executed by a processor, implements the data access method described in any of the above embodiments.
  • Figure 1 is an exemplary system architecture diagram in which an embodiment of the present disclosure may be applied;
  • Figure 2 is a flow chart of one embodiment of a data access method according to the present disclosure
  • Figure 3 is a schematic diagram of an application scenario of the data access method according to the present disclosure.
  • Figure 4 is a flow chart of an embodiment of information verification of identification information and browser fingerprint information according to the present disclosure
  • Figure 5 is a flow chart of another embodiment of a data access method according to the present disclosure.
  • Figure 6 is a flow chart of yet another embodiment of a data access method according to the present disclosure.
  • Figure 7 is a schematic structural diagram of an embodiment of a data access device according to the present disclosure.
  • FIG. 1 shows an exemplary system architecture 100 to which a data access method and a data access apparatus according to embodiments of the present disclosure can be applied.
  • Users can interact with servers 101, 102, 103 belonging to the same server cluster through the network 107 through the terminal devices 104, 105, 106 to receive or send information, etc.
  • Various applications can be installed on the terminal devices 104, 105, and 106, such as item display applications, data analysis applications, search applications, etc.
  • the server can be hardware or software.
  • the server can be various electronic devices that provide various services for terminal devices.
  • the server is software, it can be implemented as multiple software or software modules that provide various services for the terminal device, or it can be implemented as a single software or software module that provides various services for the terminal device. There are no specific limitations here.
  • the data access method provided by the embodiment of the present disclosure can be executed by the terminal devices 104, 105, and 106 and the servers 101, 102, and 103.
  • data access devices are provided in terminal devices 104, 105, 106 and servers 101, 102, 103.
  • the execution subject on which the data access method runs can be used as the collected Chengfang provides data access functions to the integrator so that the integrator can access the locally stored data pages.
  • the user can perform login authentication on the integrator's terminal display interface. After completing the login authentication, enter the data page in the above execution subject. access operations.
  • the integrator can determine the corresponding identification information based on the user's login authentication information. The identification information can be used to identify the user and corresponds to the user's login authentication information one-to-one.
  • the integrator further obtains the browser used when the user enters the access operation, and obtains the browser setting information corresponding to the browser.
  • Step 230 Based on the pre-stored verification information, perform information verification on the identification information and browser fingerprint information, and generate a verification result.
  • the verification information can include identification information and browser fingerprints corresponding to different integrators. information, and each integrator corresponds to an identification information and browser fingerprint information.
  • the above execution subject can perform information verification on the identification information and browser fingerprint information corresponding to the access request and the identification information and browser fingerprint information corresponding to multiple integrators in the verification information, and determine the identification information and browser fingerprint information corresponding to multiple integrators in the verification information. Whether the identification information and the browser fingerprint information include both the identification information and the browser fingerprint information corresponding to the access request, that is, it is determined whether the identification information and the browser fingerprint information corresponding to the access request both exist in the verification information.
  • this step after the above execution subject generates the corresponding verification results through information verification, it can determine the data access results corresponding to the verification results based on different verification results, and send the data access results to the integration party. , so that the integrator can display the data access results to the user through the terminal display interface.
  • the above execution subject generates a successful verification result through information verification, obtains the corresponding data page according to the access request, uses the data page as the corresponding data access result, and sends the data access result to the integration party. , so that the integrator can render the data page and display the data page to the user through the terminal display interface.
  • the above execution subject determines that the access request does not have permission to access, generates prompt information as the corresponding data access result, and sends the prompt information to the integrator so that the integrator can Prompt information is rendered, Prompt information is displayed to the user through the terminal display interface.
  • the prompt information is used to prompt the user that he or she does not have access rights to the data page.
  • the integrated party 302 can perform information verification on the identification information and the new browser fingerprint information based on the locally pre-stored verification information, and can determine that the new browser fingerprint information is different from the browser fingerprint information received last time. Then a verification result of failed verification is generated.
  • the integrated party 302 may also generate prompt information indicating that the user does not have access rights to access the data page, and send the prompt information to the terminal 303 used by user B.
  • the above-mentioned execution subject first receives an access request for the data page from the integration party.
  • the access request includes the identification information and browser setting information of the accessed data page, and then generates the integration based on the browser setting information.
  • Browser fingerprint information corresponding to the party and based on the pre-stored verification information, information verification is performed on the identification information and browser fingerprint information to generate verification results.
  • the integration party Send the corresponding data access results, use the integrator's corresponding identification information and browser fingerprint information to perform information verification at the same time, prevent other users of the integrator from using the links corresponding to the data page to share, causing security issues, and improve the security and safety of data access.
  • Reliability and using the identification information and browser fingerprint information corresponding to the integrator, on the premise that the login status between the integrator and the integrated party is the same, it can be applied to the scenario of page nested output and joint login, and can solve the problem of page data embedding. It covers the issues of secure communication in cross-domain or non-cross-domain situations, improving the accuracy and security of data access in joint login scenarios.
  • Figure 4 shows a flow chart of an embodiment of information verification of identification information and browser fingerprint information, that is, the above-mentioned step 230, based on pre-stored verification information, verification of identification information and browser fingerprint information.
  • Information verification and generating verification results may include the following steps:
  • Step 410 Determine whether at least one prestored identification information in the prestored verification information includes identification information.
  • the above-mentioned execution subject can read the locally stored pre-stored verification information.
  • the verification information can include at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information. Different pre-stored identification information can To identify different users, the pre-stored identification information corresponds to the pre-stored browser fingerprint information one-to-one, and the verification information can be stored in the distributed cache.
  • the execution subject may compare the identification information corresponding to the access request with at least one pre-stored identification information in the verification information, and determine whether the at least one pre-stored identification information in the pre-stored verification information includes identification information.
  • Step 420 In response to determining that at least one prestored identification information in the prestored verification information includes identification information, determine the prestored browser fingerprint information corresponding to the identification information from the prestored verification information.
  • the execution subject determines through judgment that at least one pre-stored identification information in the pre-stored verification information includes identification information, then the pre-stored identification information can be determined from the verification information, and the pre-stored identification information can be determined from the verification information.
  • the pre-stored browser fingerprint information corresponding to the identification information is used as the pre-stored browser fingerprint information corresponding to the identification information.
  • Step 430 Compare the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information.
  • the above execution subject After the above execution subject obtains the pre-stored browser fingerprint information corresponding to the identification information, it can compare the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information, and determine whether the pre-stored browser fingerprint information is the same as the browser fingerprint information. Whether the information is the same.
  • Step 440 In response to determining that the pre-stored browser fingerprint information corresponding to the identification information is the same as the browser fingerprint information, generate a verification result indicating that the verification is successful.
  • the above execution subject determines through comparison that the pre-stored browser fingerprint information corresponding to the identification information is the same as the browser fingerprint information, and then it is determined that the integration party corresponding to the identification information and the browser fingerprint information has the access rights to access the data page. A successful verification result can be generated.
  • step 230 based on the pre-stored verification information, performs information verification on the identification information and the browser fingerprint information, and generates the verification results, may include the following steps: Step 450, in response to determining the pre-stored identification information corresponding to The browser fingerprint information is different from the browser fingerprint information, resulting in a verification result that fails the verification.
  • the execution subject determines through judgment that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information, and then determines that the browser fingerprint information corresponding to the access request is not the pre-stored browser fingerprint stored in the verification information. Information and generate verification results indicating that the verification failed.
  • the identification information and the browser fingerprint information are verified at the same time. If the browser fingerprint information does not meet the verification conditions, a verification result that fails the verification will be generated and the information verification will not pass, which improves the efficiency of the verification. Security and reliability of data access.
  • the above-mentioned step 230 based on the pre-stored verification information, performs information verification on the identification information and browser fingerprint information to generate a verification result, which may include the following steps: Step: Step 460, in response to determining that at least one pre-stored identification information in the pre-stored verification information does not include identification information, correspondingly store the identification information and the browser fingerprint information into the pre-stored verification information, and generate a successful verification result.
  • the above execution subject judges the pre-stored identification information and determines that at least one pre-stored identification information in the pre-stored verification information does not include identification information. Then it is determined that the user corresponding to the identification information initiates data access for the first time, and the identification information can be The information is correspondingly bound to the browser fingerprint information, stored in the corresponding pre-stored verification information, and a verification result of successful verification is generated.
  • the login status between the integrating party and the integrated party can be communicated.
  • identification information and browser fingerprint information can solve the problem of secure communication of page data nested in cross-domain or non-cross-domain situations, and improve the accuracy of data access in joint login scenarios. sex and safety.
  • Figure 5 shows a flow chart of another embodiment of a data access method, which may include the following steps:
  • Step 510 Receive the integration party's access request for the data page.
  • the above-mentioned execution subject parses the received access request and obtains the corresponding identification information.
  • the above execution subject can obtain the expiration time corresponding to the identification information in the local storage based on the identification information.
  • the expiration time can represent the duration of the valid state corresponding to the identification information.
  • the expiration time is set for the identification information when the identification information is generated. , the identification information corresponds to the expiration time one-to-one.
  • Step 540 Based on the current time and the expiration time corresponding to the identification information, determine whether the identification information is in a valid state.
  • the above execution subject can obtain the current time, compare the current time with the expiration time corresponding to the identification information, and determine whether the current time is within the expiration time, that is, determine whether the identification information is in a valid state.
  • Step 560 Based on the verification result, send the corresponding data access result to the integration party.
  • Step 560 in this embodiment can be performed in a manner similar to step 240 in the embodiment shown in FIG. 2, and will not be described again here.
  • the identification information and the browser fingerprint information will be verified, further improving the security of data access. and reliability.
  • the above data access method may also include the following steps: Step 570 , in response to determining that the identification information is in an invalid state, generate prompt information for prompting that the permission has expired.
  • Figure 6 shows a flow chart of yet another embodiment of a data access method, which may include the following steps:
  • Step 610 Receive the integration party's request for obtaining identification information.
  • the integrator can display the user login interface through the terminal display interface.
  • the user can perform login authentication on the integrator's user login interface and enter the corresponding login information.
  • the integrator can generate a request for obtaining identification information based on the user's login information. , and sends the acquisition request to the above-mentioned execution subject.
  • the acquisition request may include the login information received by the integration party.
  • the above execution subject can parse the acquisition request and obtain the login information in the acquisition request.
  • the above execution subject can generate identification information corresponding to the login information based on the login information.
  • the identification information corresponds to the login information one-to-one and is used to identify the user corresponding to the login information.
  • the above execution subject after the above execution subject generates the identification information, it can set the expiration time corresponding to the identification information according to the setting requirements and the generation time.
  • the expiration time indicates that the identification information is in an invalid state within a time after this moment and no longer has access rights.
  • the above execution subject can generate identification information and the expiration time corresponding to the identification information through any method supported by relevant technologies, and this disclosure does not specifically limit this.
  • Step 630 Receive the integration party's access request for the data page.
  • Step 640 Based on the browser setting information, generate browser fingerprint information corresponding to the integrator.
  • Step 640 in this embodiment can be performed in a similar manner to step 220 in the embodiment shown in FIG. 2, and will not be described again here.
  • Step 650 Based on the pre-stored verification information, perform information verification on the identification information and browser fingerprint information, and generate a verification result.
  • Step 660 Based on the verification result, send the corresponding data access result to the integration party.
  • Step 660 in this embodiment can be performed in a similar manner to step 240 in the embodiment shown in FIG. 2, and will not be described again here.
  • the present disclosure provides an embodiment of a data access device.
  • This device embodiment corresponds to the method embodiment shown in Figure 2.
  • the data access device 700 in this embodiment may include: a receiving module 710 , a generating module 720 , a verification module 730 and a sending module 740 .
  • the generation module 720 is configured to generate browser fingerprint information corresponding to the integration party based on the browser setting information;
  • the sending module 740 is configured to send the corresponding data access result to the integrating party based on the verification result.
  • the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and the verification module is further configured to: determine the pre-stored verification Whether at least one pre-stored identification information in the information includes identification information; in response to determining that at least one pre-stored identification information in the pre-stored verification information
  • the stored identification information includes identification information
  • the pre-stored browser fingerprint information corresponding to the identification information is determined from the pre-stored verification information; the pre-stored browser fingerprint information corresponding to the identification information is compared with the browser fingerprint information; in response to determining that the identification information corresponds to
  • the pre-stored browser fingerprint information is the same as the browser fingerprint information, and a successful verification result is generated.
  • the verification module is further configured to: in response to determining that at least one pre-stored identification information in the pre-stored verification information does not include identification information, correspond the identification information to the browser fingerprint information Store the pre-stored verification information and generate a successful verification result.
  • the verification module is further configured to: in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information, generate a verification result indicating that the verification fails.
  • the device further includes: an acquisition module, configured to: in response to obtaining the identification information from the access request, obtain the expiration time corresponding to the identification information; a judgment module, configured to: Based on the current time and the expiration time corresponding to the identification information, determine whether the identification information is in a valid state; and the verification module is further configured to: in response to determining that the identification information is in a valid state, based on the pre-stored verification information, compare the identification information and The browser fingerprint information is used for information verification and verification results are generated.
  • an acquisition module configured to: in response to obtaining the identification information from the access request, obtain the expiration time corresponding to the identification information
  • a judgment module configured to: Based on the current time and the expiration time corresponding to the identification information, determine whether the identification information is in a valid state
  • the verification module is further configured to: in response to determining that the identification information is in a valid state, based on the pre-stored verification information, compare the identification information and The browser fingerprint information is used for information verification and verification results are
  • the generation module is further configured to: in response to determining that the identification information is in an invalid state, generate prompt information for prompting that the permission has expired.
  • the receiving module is further configured to: receive an acquisition request for identification information from the integrator, where the acquisition request includes the login information received by the integrator; the generating module is further configured to: : Based on the login information in the acquisition request, generate the identification information and the expiration time corresponding to the identification information.
  • the above execution subject first receives an access request from the integration party for the data page.
  • the access request includes the identification information and browser setting information of the accessed data page, and then generates based on the browser setting information.
  • the browser fingerprint information corresponding to the integrator and based on the pre-stored verification information, performs information verification on the identification information and browser fingerprint information, generates verification results, and finally sends the corresponding data access results to the integrator based on the verification results.
  • using the identification information and browser corresponding to the integrator Fingerprint information is verified at the same time to prevent other users of the integrator from using the link corresponding to the data page to share, thereby improving the security and reliability of data access.
  • Terminal devices in embodiments of the present disclosure may include, but are not limited to, mobile terminals such as smart screens, laptops, PADs (tablets), PMPs (portable multimedia players), vehicle-mounted terminals (such as vehicle-mounted navigation terminals), etc., and mobile terminals such as Fixed terminals for digital TV, desktop computers, etc.
  • mobile terminals such as smart screens, laptops, PADs (tablets), PMPs (portable multimedia players), vehicle-mounted terminals (such as vehicle-mounted navigation terminals), etc.
  • mobile terminals such as Fixed terminals for digital TV, desktop computers, etc.
  • the terminal device shown in FIG. 8 is only an example and should not impose any restrictions on the functions and scope of use of the embodiments of the present disclosure.
  • the computer-readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, device or device, or any combination thereof. More specific examples of computer readable storage media may include, but are not limited to: an electrical connection having one or more wires, a portable computer disk, a hard drive, random access memory (RAM), read only memory (ROM), removable Programmd read-only memory (EPROM or flash memory), fiber optics, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above.
  • a computer-readable storage medium may be any tangible medium that contains or stores a program for use by or in connection with an instruction execution system, apparatus, or device.
  • each block of the block diagram and/or flowchart illustration, and combinations of blocks in the block diagram and/or flowchart illustration can be implemented by special purpose hardware-based systems that perform the specified functions or operations. , or can be implemented using a combination of specialized hardware and computer instructions.
  • the units involved in the embodiments of the present disclosure can be implemented in software or hardware.
  • the described unit can also be provided in a processor, for example, it can be described as: a processor includes a receiving module, a generating module, a checking module and a sending module, where the names of these modules do not constitute Limitations on the module itself.

Abstract

Provided in the embodiments of the present disclosure are a data access method and apparatus. The data access method comprises: first receiving an access request of an integration party for a data page, wherein the access request comprises identification information of an accessed data page and browser setting information; then, on the basis of the browser setting information, generating browser fingerprint information corresponding to the integration party; performing information verification on the identification information and the browser fingerprint information on the basis of prestored verification information, so as to generate a verification result; and finally sending to the integration party a corresponding data access result on the basis of the verification result.

Description

数据访问方法和装置Data access methods and devices
相关申请的交叉引用Cross-references to related applications
本公开要求于2022年6月16日提交的、申请号为202210684373.X、发明名称为“数据访问方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本公开中。This disclosure claims priority from the Chinese patent application with application number 202210684373.
技术领域Technical field
本公开的实施例涉及计算机技术领域和互联网技术领域,具体涉及通信技术领域和信息安全技术领域,尤其涉及数据访问方法和装置。Embodiments of the present disclosure relate to the field of computer technology and the field of Internet technology, specifically to the field of communication technology and the field of information security technology, and in particular to data access methods and devices.
背景技术Background technique
随着信息通讯不断发展,在对外页面能力嵌套输出的平台中,联合登录及登录安全性保障是很常见的场景,必须要建立在集成方和被集成方之间的登录态打通的前提下,双方确认了登录安全之后才能进行数据访问,并且被集成方页面链接不能被随意的分享。目前,页面链接的常见防盗方式有:Token(令牌,标识信息)分配机制,集成方在访问页面之前通过接口获取token,在访问页面的时候通过访问链接拼接方式访问被集成方输出页面;或者,使用REFERER(参照位址)方案,集成方访问被集成方输出页面时,被集成方验证集成方的REFERER值的正确性,保证页面访问的安全合法性;再者,记录访问者IP或物理地址,记录集成方上次访问的IP或物理地址,如果集成方的用户两次访问的IP或物理地址不同,则可能存在分享链接访问的风险。With the continuous development of information and communication, in platforms with nested output capabilities of external pages, joint login and login security guarantee are very common scenarios, which must be established on the premise of opening up the login status between the integrator and the integrated party. , data access can only be carried out after both parties have confirmed login security, and the link to the integrated party's page cannot be shared at will. Currently, common anti-theft methods for page links include: Token (token, identification information) allocation mechanism. The integrator obtains the token through the interface before accessing the page, and accesses the output page of the integrated party through access link splicing when accessing the page; or , using the REFERER (reference address) scheme, when the integrator accesses the output page of the integrated party, the integrated party verifies the correctness of the REFERER value of the integrator to ensure the security and legality of page access; furthermore, the visitor's IP or physical address is recorded. Address, records the IP or physical address of the integrator's last visit. If the IP or physical address of the integrator's users accessed twice is different, there may be a risk of shared link access.
然而单Token方案的机制无法防止用户分享链接导致数据泄露的风险,或者REFERER方案验证通常是用在统计用户访问数量的场景用,使用REFERER防盗链有一定风险,部分场景验证不到,再者使用记录访问者IP或物理地址方案,用户的IP地址有可能在切换网络的情况下发生变化,选择记录上次用户IP的方式存在误判的可能性。 发明内容However, the mechanism of the single Token solution cannot prevent the risk of data leakage caused by users sharing links, or the REFERER solution verification is usually used in scenarios where the number of user visits is counted. There are certain risks in using REFERER to prevent hotlinking, and some scenarios cannot be verified. Furthermore, using In the scheme of recording visitor IP or physical address, the user's IP address may change when switching networks, and there is a possibility of misjudgment if the method of recording the last user IP is chosen. Contents of the invention
本公开的实施例提出了一种数据访问方法、装置、电子设备和计算机可读介质。Embodiments of the present disclosure provide a data access method, device, electronic device, and computer-readable medium.
本公开的一些实施例提供了一种数据访问方法,该方法包括:接收集成方针对数据页面的访问请求,其中,访问请求包括访问数据页面的标识信息和浏览器设置信息;基于浏览器设置信息,生成集成方对应的浏览器指纹信息;基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果;基于校验结果,向集成方发送对应的数据访问结果。Some embodiments of the present disclosure provide a data access method, which method includes: receiving an access request for a data page from an integration party, where the access request includes identification information and browser setting information for accessing the data page; based on the browser setting information , generate the browser fingerprint information corresponding to the integrator; based on the pre-stored verification information, perform information verification on the identification information and browser fingerprint information, and generate verification results; based on the verification results, send the corresponding data access results to the integrator .
本公开的一些实施例提供了一种数据访问装置,该装置包括:接收模块,被配置成接收集成方针对数据页面的访问请求,其中,访问请求包括访问数据页面的标识信息和浏览器设置信息;生成模块,被配置成基于浏览器设置信息,生成集成方对应的浏览器指纹信息;校验模块,被配置成基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果;发送模块,被配置成基于校验结果,向集成方发送对应的数据访问结果。Some embodiments of the present disclosure provide a data access device, which includes: a receiving module configured to receive an access request from an integration party for a data page, where the access request includes identification information and browser setting information for accessing the data page. ; The generation module is configured to generate the browser fingerprint information corresponding to the integration party based on the browser setting information; the verification module is configured to perform information verification on the identification information and browser fingerprint information based on the pre-stored verification information, Generate verification results; the sending module is configured to send corresponding data access results to the integration party based on the verification results.
本公开的一些实施例提供了一种电子设备,该电子设备包括:一个或多个处理器;存储装置,其上存储有一个或多个程序;当一个或多个程序被一个或多个处理器执行,使得一个或多个处理器实现如上任一实施例描述的数据访问方法。Some embodiments of the present disclosure provide an electronic device, which includes: one or more processors; a storage device on which one or more programs are stored; when one or more programs are processed by one or more The processor executes, causing one or more processors to implement the data access method described in any of the above embodiments.
本公开的一些实施例提供了一种计算机可读介质,其上存储有计算机程序,该计算机程序被处理器执行时实现如上任一实施例描述的数据访问方法。Some embodiments of the present disclosure provide a computer-readable medium on which a computer program is stored. When the computer program is executed by a processor, the data access method described in any of the above embodiments is implemented.
本公开的一些实施例提供了一种计算机程序产品,包括计算机程序,所述计算机程序在被处理器执行时实现如上任一实施例描述的数据访问方法。Some embodiments of the present disclosure provide a computer program product, including a computer program that, when executed by a processor, implements the data access method described in any of the above embodiments.
附图说明Description of the drawings
通过阅读参照以下附图所作的对非限制性实施例所作的详细描 述,本公开的其它特征、目的和优点将会变得更明显:By reading the detailed description of the non-limiting embodiments with reference to the following figures, Other features, objects, and advantages of the present disclosure will become apparent as the description follows:
图1是本公开的一个实施例可以应用于其中的示例性系统架构图;Figure 1 is an exemplary system architecture diagram in which an embodiment of the present disclosure may be applied;
图2是根据本公开的数据访问方法的一个实施例的流程图;Figure 2 is a flow chart of one embodiment of a data access method according to the present disclosure;
图3是根据本公开的数据访问方法的一个应用场景的示意图;Figure 3 is a schematic diagram of an application scenario of the data access method according to the present disclosure;
图4是根据本公开的对标识信息和浏览器指纹信息进行信息校验的一个实施例的流程图;Figure 4 is a flow chart of an embodiment of information verification of identification information and browser fingerprint information according to the present disclosure;
图5是根据本公开的数据访问方法的另一个实施例的流程图;Figure 5 is a flow chart of another embodiment of a data access method according to the present disclosure;
图6是根据本公开的数据访问方法的又一个实施例的流程图;Figure 6 is a flow chart of yet another embodiment of a data access method according to the present disclosure;
图7是根据本公开的数据访问装置的一个实施例的结构示意图;Figure 7 is a schematic structural diagram of an embodiment of a data access device according to the present disclosure;
图8是适于用来实现本公开的实施例的电子设备的结构示意图。FIG. 8 is a schematic structural diagram of an electronic device suitable for implementing embodiments of the present disclosure.
具体实施方式Detailed ways
下面结合附图和实施例对本公开作进一步的详细说明。可以理解的是,此处所描述的具体实施例仅仅用于解释相关公开,而非对该公开的限定。另外还需要说明的是,为了便于描述,附图中仅示出了与有关公开相关的部分。The present disclosure will be further described in detail below in conjunction with the accompanying drawings and examples. It can be understood that the specific embodiments described here are only used to explain the relevant disclosure, but not to limit the disclosure. It should also be noted that, for convenience of description, only parts relevant to the relevant disclosure are shown in the drawings.
需要说明的是,在不冲突的情况下,本公开中的实施例及实施例中的特征可以相互组合。下面将参考附图并结合实施例来详细说明本公开。It should be noted that, as long as there is no conflict, the embodiments and features in the embodiments of the present disclosure can be combined with each other. The present disclosure will be described in detail below in conjunction with embodiments with reference to the accompanying drawings.
图1示出了可以应用本公开的实施例的数据访问方法和数据访问装置的示例性系统架构100。FIG. 1 shows an exemplary system architecture 100 to which a data access method and a data access apparatus according to embodiments of the present disclosure can be applied.
如图1所示,系统架构100可以包括终端设备104、105、106,网络107,服务器101、102、103。网络107用以在终端设备104、105、106与服务器101、102、103之间提供通信链路的介质。网络107可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。As shown in Figure 1, the system architecture 100 may include terminal devices 104, 105, and 106, a network 107, and servers 101, 102, and 103. The network 107 is a medium used to provide communication links between the terminal devices 104, 105, 106 and the servers 101, 102, 103. Network 107 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
用户可以通过终端设备104、105、106通过网络107与属于同一服务器集群的服务器101、102、103交互,以接收或发送信息等。终端设备104、105、106上可以安装有各种应用,例如物品展示应用、数据分析应用、搜索类应用等。 Users can interact with servers 101, 102, 103 belonging to the same server cluster through the network 107 through the terminal devices 104, 105, 106 to receive or send information, etc. Various applications can be installed on the terminal devices 104, 105, and 106, such as item display applications, data analysis applications, search applications, etc.
终端设备104、105、106可以是硬件,也可以是软件。当终端设备为硬件时,可以是具有显示屏并且支持与服务器通信的各种电子设备,包括但不限于智能手机、平板电脑、膝上型便携计算机和台式计算机等等。当终端设备为软件时,可以安装在上述所列举的电子设备中。其可以实现成多个软件或软件模块,也可以实现成单个软件或软件模块。在此不做具体限定。The terminal devices 104, 105, and 106 may be hardware or software. When the terminal device is hardware, it can be various electronic devices that have a display screen and support communication with the server, including but not limited to smartphones, tablet computers, laptop computers, desktop computers, and so on. When the terminal device is software, it can be installed in the electronic devices listed above. It can be implemented as multiple software or software modules, or as a single software or software module. There are no specific limitations here.
终端设备104、105、106和服务器101、102、103可以作为集成方和非集成方,其中,被集成方可以是为集成方提供业务能力的一侧,集成方可以是使用被集成方提供的业务能力的一侧。终端设备104、105、106和服务器101、102、103可以接收集成方针对数据页面的访问请求,该访问请求包括访问数据页面的标识信息和浏览器设置信息,然后基于浏览器设置信息,生成集成方对应的浏览器指纹信息,并基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果,最后基于校验结果,向集成方发送对应的数据访问结果。Terminal devices 104, 105, 106 and servers 101, 102, 103 can serve as integrators and non-integrators. The integrated party can be the side that provides business capabilities to the integrator, and the integrator can use the services provided by the integrated party. business capabilities. Terminal devices 104, 105, 106 and servers 101, 102, 103 can receive an access request for a data page from an integration party. The access request includes identification information and browser setting information for accessing the data page, and then generate an integration based on the browser setting information. The browser fingerprint information corresponding to the party is obtained, and based on the pre-stored verification information, the identification information and browser fingerprint information are verified, and a verification result is generated. Finally, based on the verification result, the corresponding data access result is sent to the integration party.
需要说明的是,服务器可以是硬件,也可以是软件。当服务器为硬件时,可以是为终端设备提供各种服务的各种电子设备。当服务器为软件时,可以实现成为为终端设备提供各种服务的多个软件或软件模块,也可以实现成为为终端设备提供各种服务的单个软件或软件模块。在此不做具体限定。It should be noted that the server can be hardware or software. When the server is hardware, it can be various electronic devices that provide various services for terminal devices. When the server is software, it can be implemented as multiple software or software modules that provide various services for the terminal device, or it can be implemented as a single software or software module that provides various services for the terminal device. There are no specific limitations here.
需要说明的是,本公开的实施例所提供的数据访问方法可以由终端设备104、105、106和服务器101、102、103执行。相应地,数据访问装置设置于终端设备104、105、106和服务器101、102、103中。It should be noted that the data access method provided by the embodiment of the present disclosure can be executed by the terminal devices 104, 105, and 106 and the servers 101, 102, and 103. Correspondingly, data access devices are provided in terminal devices 104, 105, 106 and servers 101, 102, 103.
应该理解,图1中的终端设备、网络和服务器的数目仅仅是示意性的。根据实现需要,可以具有任意数目的终端设备、网络和服务器。It should be understood that the number of terminal devices, networks and servers in Figure 1 is only illustrative. Depending on implementation needs, there can be any number of end devices, networks, and servers.
继续参考图2,示出了根据本公开的数据访问方法的一个实施例的流程200。该数据访问方法包括以下步骤:Continuing to refer to FIG. 2 , a process 200 of one embodiment of a data access method according to the present disclosure is shown. The data access method includes the following steps:
步骤210,接收集成方针对数据页面的访问请求。Step 210: Receive the integration party's access request for the data page.
在本步骤中,数据访问方法运行于其上的执行主体(例如图1中的终端设备104、105、106和服务器101、102、103)可以作为被集 成方,为集成方提供数据访问功能,使得集成方可以对本地存储的数据页面进行数据访问,用户可以在集成方的终端显示界面进行登录认证,完成登录认证后输入对上述执行主体中数据页面的访问操作。集成方可以根据用户的登录认证信息确定出对应的标识信息,该标识信息可以用于标识用户,与用户的登录认证信息一一对应。集成方进一步获取到用户输入访问操作时使用的浏览器,获取到该浏览器对应的浏览器设置信息,该浏览器设置信息可以包括中央处理器(CPU,Central Processing Unit)、使用语言、时区、缓存、平台、字体、分辨率等信息。然后集成方根据对数据页面的访问操作、访问数据页面的标识信息和浏览器设置信息确定出该数据页面对应的访问链接,集成方可以根据访问链接生成对数据页面进行访问的访问请求,并将该访问请求发送至上述执行主体。则上述执行主体可以接收集成方根据用户的访问操作生成的针对数据页面的访问请求,该访问请求中可以包括访问数据页面的标识信息和浏览器设置信息。In this step, the execution subject on which the data access method runs (for example, the terminal devices 104, 105, 106 and servers 101, 102, 103 in Figure 1) can be used as the collected Chengfang provides data access functions to the integrator so that the integrator can access the locally stored data pages. The user can perform login authentication on the integrator's terminal display interface. After completing the login authentication, enter the data page in the above execution subject. access operations. The integrator can determine the corresponding identification information based on the user's login authentication information. The identification information can be used to identify the user and corresponds to the user's login authentication information one-to-one. The integrator further obtains the browser used when the user enters the access operation, and obtains the browser setting information corresponding to the browser. The browser setting information may include the central processing unit (CPU, Central Processing Unit), language used, time zone, Cache, platform, font, resolution and other information. Then the integrator determines the access link corresponding to the data page based on the access operation to the data page, the identification information of the accessed data page, and the browser setting information. The integrator can generate an access request to access the data page based on the access link, and send The access request is sent to the above execution subject. Then the above-mentioned execution subject can receive an access request for the data page generated by the integrator based on the user's access operation. The access request can include the identification information and browser setting information of the accessed data page.
步骤220,基于浏览器设置信息,生成集成方对应的浏览器指纹信息。Step 220: Based on the browser setting information, generate browser fingerprint information corresponding to the integrator.
在本步骤中,上述执行主体接收到针对数据页面的访问请求后,对访问请求进行解析处理,获取到访问请求中包括的标识信息和浏览器设置信息。上述执行主体可以根据获取到的浏览器设置信息生成集成方对应的浏览器指纹信息,该浏览器指纹信息可以是一个能够唯一标识当前浏览器的一串字符串,不同的浏览器可以对应不同的浏览器指纹信息,可以用于标识发送访问请求的浏览器。In this step, after receiving the access request for the data page, the above execution subject parses the access request and obtains the identification information and browser setting information included in the access request. The above execution subject can generate browser fingerprint information corresponding to the integrator based on the obtained browser setting information. The browser fingerprint information can be a string of characters that can uniquely identify the current browser. Different browsers can correspond to different Browser fingerprint information can be used to identify the browser that sent the access request.
上述执行主体可以将浏览器设置信息中的各种信息进行信息拼接,将拼接结果作为浏览器指纹信息;还可以将浏览器设置信息中的各种信息进行信息加密,将加密结果作为浏览器指纹信息。The above execution subject can perform information splicing on various information in the browser setting information, and use the splicing result as the browser fingerprint information; it can also encrypt the information on various information in the browser setting information, and use the encryption result as the browser fingerprint. information.
上述执行主体可以通过任何相关技术所支持的方式基于浏览器设置信息,生成集成方对应的浏览器指纹信息,本公开对此不做具体限定。The above-mentioned execution subject can generate the browser fingerprint information corresponding to the integrator based on the browser setting information through any method supported by relevant technologies, and this disclosure does not specifically limit this.
步骤230,基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果。 Step 230: Based on the pre-stored verification information, perform information verification on the identification information and browser fingerprint information, and generate a verification result.
在本步骤中,上述执行主体获取到集成方对应的浏览器指纹信息后,可以读取本地存储的预存的校验信息,该校验信息可以包括不同的集成方对应的标识信息和浏览器指纹信息,且每个集成方均对应一个标识信息和浏览器指纹信息。In this step, after the above execution subject obtains the browser fingerprint information corresponding to the integrator, it can read the locally stored pre-stored verification information. The verification information can include identification information and browser fingerprints corresponding to different integrators. information, and each integrator corresponds to an identification information and browser fingerprint information.
上述执行主体可以将访问请求对应的标识信息和浏览器指纹信息与校验信息中多个集成方对应的标识信息和浏览器指纹信息进行信息校验,判断校验信息中多个集成方对应的标识信息和浏览器指纹信息是否同时包括访问请求对应的标识信息和浏览器指纹信息,即确定访问请求对应的标识信息和浏览器指纹信息是否同时存在于校验信息中。The above execution subject can perform information verification on the identification information and browser fingerprint information corresponding to the access request and the identification information and browser fingerprint information corresponding to multiple integrators in the verification information, and determine the identification information and browser fingerprint information corresponding to multiple integrators in the verification information. Whether the identification information and the browser fingerprint information include both the identification information and the browser fingerprint information corresponding to the access request, that is, it is determined whether the identification information and the browser fingerprint information corresponding to the access request both exist in the verification information.
上述执行主体可以遍历校验信息中的各个标识信息和浏览器指纹信息,若确定校验信息中同时包括访问请求对应的标识信息和浏览器指纹信息,则确定标识信息与浏览器指纹信息对应的集成方具有对数据页面进行访问的访问权限,可以生成校验成功的校验结果;若确定校验信息中并不是同时包括访问请求对应的标识信息和浏览器指纹信息,即仅包括标识信息或者是仅包括浏览器指纹信息,则确定标识信息与浏览器指纹信息对应的集成方不具有对数据页面进行访问的访问权限,可以生成校验失败的校验结果。The above execution subject can traverse each identification information and browser fingerprint information in the verification information. If it is determined that the verification information includes both the identification information corresponding to the access request and the browser fingerprint information, then it is determined that the identification information corresponds to the browser fingerprint information. The integrator has access rights to the data page and can generate a successful verification result; if it is determined that the verification information does not include both the identification information corresponding to the access request and the browser fingerprint information, that is, it only includes identification information or If it only includes browser fingerprint information, it is determined that the integrator corresponding to the identification information and browser fingerprint information does not have access rights to the data page and can generate a verification result that fails the verification.
步骤240,基于校验结果,向集成方发送对应的数据访问结果。Step 240: Based on the verification result, send the corresponding data access result to the integration party.
在本步骤中,上述执行主体通过信息校验生成对应的校验结果后,可以根据不同的校验结果,确定出于校验结果对应的数据访问结果,并将该数据访问结果发送至集成方,使得集成方可以通过终端显示界面将数据访问结果展示给用户。In this step, after the above execution subject generates the corresponding verification results through information verification, it can determine the data access results corresponding to the verification results based on different verification results, and send the data access results to the integration party. , so that the integrator can display the data access results to the user through the terminal display interface.
具体地,上述执行主体通过信息校验生成校验成功的校验结果,则根据访问请求获取到对应的数据页面,并将数据页面作为对应的数据访问结果,将该数据访问结果发送至集成方,使得集成方可以对数据页面进行渲染,通过终端显示界面将数据页面展示给用户。Specifically, the above execution subject generates a successful verification result through information verification, obtains the corresponding data page according to the access request, uses the data page as the corresponding data access result, and sends the data access result to the integration party. , so that the integrator can render the data page and display the data page to the user through the terminal display interface.
或者,上述执行主体通过信息校验生成校验失败的校验结果,则确定访问请求无权限访问,生成提示信息作为对应的数据访问结果,将该提示信息发送至集成方,使得集成方可以对提示信息进行渲染, 通过终端显示界面将提示信息展示给用户,该提示信息用于提示用户不具备数据页面的访问权限。Alternatively, if the above execution subject generates a verification result that fails the verification through information verification, it determines that the access request does not have permission to access, generates prompt information as the corresponding data access result, and sends the prompt information to the integrator so that the integrator can Prompt information is rendered, Prompt information is displayed to the user through the terminal display interface. The prompt information is used to prompt the user that he or she does not have access rights to the data page.
继续参见图3,图3是根据本实施例的数据访问方法的应用场景的一个示意图。该方法可以应用于图3的应用场景中,用户A在集成方终端301输入数据页面的访问操作,集成方终端301根据访问操作生成针对数据页面的访问请求,并将包括访问数据页面的标识信息和浏览器设置信息的访问请求发送至被集成方302。被集成方302接收到集成方终端301针对数据页面的访问请求后,可以根据访问请求中的浏览器设置信息,生成集成方终端301对应的浏览器指纹信息。之后被集成方302可以根据本地预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,若通过校验,则生成校验成功的校验结果。被集成方302可以获取访问请求对应的数据页面,将数据页面作为数据访问结果发送给集成方终端301。集成方终端301可以将数据访问结果进行渲染展示给用户A。然而,若用户A将访问请求对应的访问链接分享给用户B,或者用户B盗取了用户A的访问请求对应的访问链接,用户B在终端303通过访问链接向被集成方302发起新的访问请求,被集成方302接收到新的访问请求后,可以根据新的访问请求中新的浏览器设置信息,生成新的浏览器指纹信息。之后被集成方302可以根据本地预存的校验信息,对标识信息和新的浏览器指纹信息进行信息校验,可以确定新的浏览器指纹信息与上次收到的浏览器指纹信息不相同,则生成校验失败的校验结果。被集成方302还可以生成提示不具有对数据页面进行访问的访问权限的提示信息,并将该提示信息发送给用户B所使用的终端303。Continuing to refer to Figure 3, Figure 3 is a schematic diagram of an application scenario of the data access method according to this embodiment. This method can be applied to the application scenario in Figure 3. User A inputs the access operation of the data page on the integrator terminal 301. The integrator terminal 301 generates an access request for the data page based on the access operation and will include the identification information of the accessed data page. The access request and browser setting information are sent to the integrated party 302. After receiving the access request for the data page from the integrator terminal 301, the integrated party 302 can generate the browser fingerprint information corresponding to the integrator terminal 301 according to the browser setting information in the access request. Afterwards, the integrated party 302 can perform information verification on the identification information and browser fingerprint information based on the locally pre-stored verification information. If the verification is passed, a verification result indicating successful verification is generated. The integrated party 302 can obtain the data page corresponding to the access request, and send the data page to the integrator terminal 301 as the data access result. The integrator terminal 301 can render and display the data access results to user A. However, if user A shares the access link corresponding to the access request to user B, or user B steals the access link corresponding to user A's access request, user B initiates a new access to the integrated party 302 through the access link on terminal 303 request, after receiving the new access request, the integrated party 302 can generate new browser fingerprint information based on the new browser setting information in the new access request. Afterwards, the integrated party 302 can perform information verification on the identification information and the new browser fingerprint information based on the locally pre-stored verification information, and can determine that the new browser fingerprint information is different from the browser fingerprint information received last time. Then a verification result of failed verification is generated. The integrated party 302 may also generate prompt information indicating that the user does not have access rights to access the data page, and send the prompt information to the terminal 303 used by user B.
本公开的实施例提供的数据访问方法,上述执行主体首先接收集成方针对数据页面的访问请求,该访问请求包括访问数据页面的标识信息和浏览器设置信息,然后基于浏览器设置信息,生成集成方对应的浏览器指纹信息,并基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果,最后基于校验结果,向集成方 发送对应的数据访问结果,利用集成方对应的标识信息和浏览器指纹信息同时进行信息校验,防止集成方其他用户利用数据页面对应的链接分享导致安全性问题,提高了数据访问的安全性和可靠性,以及,利用集成方对应的标识信息和浏览器指纹信息在集成方和被集成方之间的登录状态相通的前提下,能够适用页面嵌套输出联合登录的场景,可以解决页面数据嵌套在跨域或非跨域下安全通信的问题,提高了联合登录场景下数据访问的准确性和安全性。In the data access method provided by the embodiment of the present disclosure, the above-mentioned execution subject first receives an access request for the data page from the integration party. The access request includes the identification information and browser setting information of the accessed data page, and then generates the integration based on the browser setting information. Browser fingerprint information corresponding to the party, and based on the pre-stored verification information, information verification is performed on the identification information and browser fingerprint information to generate verification results. Finally, based on the verification results, the integration party Send the corresponding data access results, use the integrator's corresponding identification information and browser fingerprint information to perform information verification at the same time, prevent other users of the integrator from using the links corresponding to the data page to share, causing security issues, and improve the security and safety of data access. Reliability, and using the identification information and browser fingerprint information corresponding to the integrator, on the premise that the login status between the integrator and the integrated party is the same, it can be applied to the scenario of page nested output and joint login, and can solve the problem of page data embedding. It covers the issues of secure communication in cross-domain or non-cross-domain situations, improving the accuracy and security of data access in joint login scenarios.
参考图4,图4示出了对标识信息和浏览器指纹信息进行信息校验的一个实施例的流程图,即上述步骤230,基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果,可以包括以下步骤:Referring to Figure 4, Figure 4 shows a flow chart of an embodiment of information verification of identification information and browser fingerprint information, that is, the above-mentioned step 230, based on pre-stored verification information, verification of identification information and browser fingerprint information. Information verification and generating verification results may include the following steps:
步骤410,判断预存的校验信息中的至少一个预存标识信息是否包括标识信息。Step 410: Determine whether at least one prestored identification information in the prestored verification information includes identification information.
在本步骤中,上述执行主体可以读取本地存储的预存的校验信息,该校验信息可以包括至少一个预存标识信息和与预存标识信息对应的预存浏览器指纹信息,不同的预存标识信息可以标识不同的用户,预存标识信息与预存浏览器指纹信息一一对应,校验信息可以存储于分布式缓存中。In this step, the above-mentioned execution subject can read the locally stored pre-stored verification information. The verification information can include at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information. Different pre-stored identification information can To identify different users, the pre-stored identification information corresponds to the pre-stored browser fingerprint information one-to-one, and the verification information can be stored in the distributed cache.
上述执行主体可以将访问请求对应的标识信息与校验信息中至少一个预存标识信息进行比较,判断预存的校验信息中的至少一个预存标识信息是否包括标识信息。The execution subject may compare the identification information corresponding to the access request with at least one pre-stored identification information in the verification information, and determine whether the at least one pre-stored identification information in the pre-stored verification information includes identification information.
步骤420,响应于确定预存的校验信息中的至少一个预存标识信息包括标识信息,从预存的校验信息中确定出标识信息对应的预存浏览器指纹信息。Step 420: In response to determining that at least one prestored identification information in the prestored verification information includes identification information, determine the prestored browser fingerprint information corresponding to the identification information from the prestored verification information.
在本步骤中,上述执行主体通过判断确定预存的校验信息中的至少一个预存标识信息包括标识信息,则可以从校验信息中确定出该预存标识信息,并从校验信息中确定出预存标识信息对应的预存浏览器指纹信息,将该预存浏览器指纹信息作为标识信息对应的预存浏览器指纹信息。 In this step, the execution subject determines through judgment that at least one pre-stored identification information in the pre-stored verification information includes identification information, then the pre-stored identification information can be determined from the verification information, and the pre-stored identification information can be determined from the verification information. The pre-stored browser fingerprint information corresponding to the identification information is used as the pre-stored browser fingerprint information corresponding to the identification information.
步骤430,将标识信息对应的预存浏览器指纹信息与浏览器指纹信息进行比较。Step 430: Compare the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information.
在本步骤中,上述执行主体获取到标识信息对应的预存浏览器指纹信息后,可以将标识信息对应的预存浏览器指纹信息与浏览器指纹信息进行比较,判断预存浏览器指纹信息与浏览器指纹信息是否相同。In this step, after the above execution subject obtains the pre-stored browser fingerprint information corresponding to the identification information, it can compare the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information, and determine whether the pre-stored browser fingerprint information is the same as the browser fingerprint information. Whether the information is the same.
步骤440,响应于确定标识信息对应的预存浏览器指纹信息与浏览器指纹信息相同,生成校验成功的校验结果。Step 440: In response to determining that the pre-stored browser fingerprint information corresponding to the identification information is the same as the browser fingerprint information, generate a verification result indicating that the verification is successful.
在本步骤中,上述执行主体通过比较确定标识信息对应的预存浏览器指纹信息与浏览器指纹信息相同,则确定标识信息与浏览器指纹信息对应的集成方具有对数据页面进行访问的访问权限,可以生成校验成功的校验结果。In this step, the above execution subject determines through comparison that the pre-stored browser fingerprint information corresponding to the identification information is the same as the browser fingerprint information, and then it is determined that the integration party corresponding to the identification information and the browser fingerprint information has the access rights to access the data page. A successful verification result can be generated.
在本实现方式中,通过对标识信息和浏览器指纹信息同时进行校验,仅在标识信息和浏览器指纹信息同时通过校验后才会生成校验成功的校验结果,防止集成方其他用户利用数据页面对应的链接分享导致安全性问题,提高了数据访问的安全性和可靠性。In this implementation, by simultaneously verifying the identification information and browser fingerprint information, a successful verification result will be generated only after the identification information and browser fingerprint information pass verification at the same time, preventing other users of the integrator from Sharing links corresponding to data pages leads to security issues and improves the security and reliability of data access.
进一步参考图4,上述步骤230,基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果,可以包括以下步骤:步骤450,响应于确定标识信息对应的预存浏览器指纹信息与浏览器指纹信息不相同,生成校验失败的校验结果。Further referring to Figure 4, the above step 230, based on the pre-stored verification information, performs information verification on the identification information and the browser fingerprint information, and generates the verification results, may include the following steps: Step 450, in response to determining the pre-stored identification information corresponding to The browser fingerprint information is different from the browser fingerprint information, resulting in a verification result that fails the verification.
在本步骤中,上述执行主体通过判断确定标识信息对应的预存浏览器指纹信息与浏览器指纹信息不相同,则确定访问请求对应的浏览器指纹信息并不是校验信息中存储的预存浏览器指纹信息,生成校验失败的校验结果。In this step, the execution subject determines through judgment that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information, and then determines that the browser fingerprint information corresponding to the access request is not the pre-stored browser fingerprint stored in the verification information. Information and generate verification results indicating that the verification failed.
在本实现方式中,通过对标识信息和浏览器指纹信息同时进行校验,若浏览器指纹信息不符合校验条件,则生成校验失败的校验结果,不会通过信息校验,提高了数据访问的安全性和可靠性。In this implementation, the identification information and the browser fingerprint information are verified at the same time. If the browser fingerprint information does not meet the verification conditions, a verification result that fails the verification will be generated and the information verification will not pass, which improves the efficiency of the verification. Security and reliability of data access.
进一步参考图4,上述步骤230,基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果,可以包括以下步 骤:步骤460,响应于确定预存的校验信息中的至少一个预存标识信息不包括标识信息,将标识信息和浏览器指纹信息对应存储至预存的校验信息,并生成校验成功的校验结果。With further reference to Figure 4, the above-mentioned step 230, based on the pre-stored verification information, performs information verification on the identification information and browser fingerprint information to generate a verification result, which may include the following steps: Step: Step 460, in response to determining that at least one pre-stored identification information in the pre-stored verification information does not include identification information, correspondingly store the identification information and the browser fingerprint information into the pre-stored verification information, and generate a successful verification result.
在本步骤中,上述执行主体对预存标识信息进行判断确定预存的校验信息中的至少一个预存标识信息不包括标识信息,则确定标识信息对应的用户是第一次发起数据访问,可以将标识信息和浏览器指纹信息进行对应绑定,并对应存储至预存的校验信息,并生成校验成功的校验结果。In this step, the above execution subject judges the pre-stored identification information and determines that at least one pre-stored identification information in the pre-stored verification information does not include identification information. Then it is determined that the user corresponding to the identification information initiates data access for the first time, and the identification information can be The information is correspondingly bound to the browser fingerprint information, stored in the corresponding pre-stored verification information, and a verification result of successful verification is generated.
在本实现方式中,通过对第一次出现的标识信息和浏览器指纹信息进行绑定存储,并生成校验成功的校验结果,能够在集成方和被集成方之间的登录状态相通的前提下,适用页面嵌套输出联合登录的场景,利用标识信息和浏览器指纹信息可以解决页面数据嵌套在跨域或非跨域下安全通信的问题,提高了联合登录场景下数据访问的准确性和安全性。In this implementation, by binding and storing the identification information and browser fingerprint information that appear for the first time, and generating a successful verification result, the login status between the integrating party and the integrated party can be communicated. Under the premise, it is applicable to the scenario of joint login with page nested output. The use of identification information and browser fingerprint information can solve the problem of secure communication of page data nested in cross-domain or non-cross-domain situations, and improve the accuracy of data access in joint login scenarios. sex and safety.
参考图5,图5示出了数据访问方法的另一个实施例的流程图,可以包括以下步骤:Referring to Figure 5, Figure 5 shows a flow chart of another embodiment of a data access method, which may include the following steps:
步骤510,接收集成方针对数据页面的访问请求。Step 510: Receive the integration party's access request for the data page.
本实施例的步骤510可以按照与图2所示实施例中的步骤210类似的方式执行,此处不赘述。Step 510 in this embodiment can be performed in a manner similar to step 210 in the embodiment shown in FIG. 2, and will not be described again here.
步骤520,基于浏览器设置信息,生成集成方对应的浏览器指纹信息。Step 520: Based on the browser setting information, generate browser fingerprint information corresponding to the integrator.
本实施例的步骤520可以按照与图2所示实施例中的步骤220类似的方式执行,此处不赘述。Step 520 in this embodiment can be performed in a similar manner to step 220 in the embodiment shown in FIG. 2, and will not be described again here.
步骤530,响应于从访问请求中获取到标识信息,获取标识信息对应的失效时间。Step 530: In response to obtaining the identification information from the access request, obtain the expiration time corresponding to the identification information.
在本步骤中,上述执行主体对接收到的访问请求进行解析处理,获取到对应的标识信息。上述执行主体可以根据该标识信息在本地存储中获取标识信息对应的失效时间,该失效时间可以表征标识信息对应的有效状态的时长,失效时间是在生成标识信息时为标识信息设定 的,标识信息与失效时间一一对应。In this step, the above-mentioned execution subject parses the received access request and obtains the corresponding identification information. The above execution subject can obtain the expiration time corresponding to the identification information in the local storage based on the identification information. The expiration time can represent the duration of the valid state corresponding to the identification information. The expiration time is set for the identification information when the identification information is generated. , the identification information corresponds to the expiration time one-to-one.
步骤540,基于当前时间和标识信息对应的失效时间,判断标识信息是否处于有效状态。Step 540: Based on the current time and the expiration time corresponding to the identification information, determine whether the identification information is in a valid state.
在本步骤中,上述执行主体可以获取当前时间,将当前时间和标识信息对应的失效时间进行比较,判断当前时间是否处于失效时间,即判断标识信息是否处于有效状态。In this step, the above execution subject can obtain the current time, compare the current time with the expiration time corresponding to the identification information, and determine whether the current time is within the expiration time, that is, determine whether the identification information is in a valid state.
具体地,上述失效时间是2022年3月6日,则可以确定在2022年3月6日之后的时间内,标识信息处于失效状态,上述执行主体可以将当前时间与失效时间进行比较,确定当前时间是否处在失效时间之后的时间内,从而可以判断标识信息是否处于有效状态。Specifically, if the above-mentioned expiration time is March 6, 2022, it can be determined that the identification information is in an invalid state within the time after March 6, 2022. The above-mentioned execution subject can compare the current time with the expiration time to determine the current time. Whether the time is within the time after the expiration time, so that it can be judged whether the identification information is in a valid state.
步骤550,响应于确定标识信息处于有效状态,基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果。Step 550: In response to determining that the identification information is in a valid state, information verification is performed on the identification information and the browser fingerprint information based on the pre-stored verification information, and a verification result is generated.
在本步骤中,上述执行主体通过判断确定标识信息处于有效状态,则进一步根据预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果。In this step, the execution subject determines that the identification information is in a valid state through judgment, and further performs information verification on the identification information and browser fingerprint information based on the pre-stored verification information to generate a verification result.
步骤560,基于校验结果,向集成方发送对应的数据访问结果。Step 560: Based on the verification result, send the corresponding data access result to the integration party.
本实施例的步骤560可以按照与图2所示实施例中的步骤240类似的方式执行,此处不赘述。Step 560 in this embodiment can be performed in a manner similar to step 240 in the embodiment shown in FIG. 2, and will not be described again here.
在本实施例中,通过对接收到的标识信息进行有效状态判断,仅在标识信息处于有效状态时,才会对标识信息和浏览器指纹信息进行信息校验,进一步提高了数据访问的安全性和可靠性。In this embodiment, by judging the valid status of the received identification information, only when the identification information is in a valid state, the identification information and the browser fingerprint information will be verified, further improving the security of data access. and reliability.
进一步参考图5,上述数据访问方法还可以包括以下步骤:步骤570,响应于确定标识信息处于失效状态,生成用于提示权限失效的提示信息。With further reference to FIG. 5 , the above data access method may also include the following steps: Step 570 , in response to determining that the identification information is in an invalid state, generate prompt information for prompting that the permission has expired.
在本步骤中,上述执行主体通过判断确定标识信息处于失效状态,则可以生成用于提示权限失效的提示信息,并将该提示信息发送至集成方,使得集成方对提示信息进行渲染展示给用户。In this step, if the above-mentioned execution subject determines that the identification information is in an invalid state through judgment, it can generate a prompt information to prompt the permission to expire, and send the prompt information to the integrator, so that the integrator can render the prompt information and display it to the user .
在本实施例中,通过对接收到的标识信息进行有效状态判断,若处于失效状态则生成提示信息,不进行后续步骤,提高了数据访问的 安全性和可靠性。In this embodiment, the validity status of the received identification information is judged. If it is in an invalid status, prompt information is generated without subsequent steps, thereby improving the efficiency of data access. Security and reliability.
参考图6,图6示出了数据访问方法的又一个实施例的流程图,可以包括以下步骤:Referring to Figure 6, Figure 6 shows a flow chart of yet another embodiment of a data access method, which may include the following steps:
步骤610,接收集成方针对标识信息的获取请求。Step 610: Receive the integration party's request for obtaining identification information.
在本步骤中,集成方可以通过终端显示界面展示用户登录界面,用户可以在集成方的用户登录界面进行登录认证,输入对应的登录信息,集成方可以根据用户的登录信息生成标识信息的获取请求,并将该获取请求发送至上述执行主体,该获取请求可以包括集成方接收到的登录信息。In this step, the integrator can display the user login interface through the terminal display interface. The user can perform login authentication on the integrator's user login interface and enter the corresponding login information. The integrator can generate a request for obtaining identification information based on the user's login information. , and sends the acquisition request to the above-mentioned execution subject. The acquisition request may include the login information received by the integration party.
步骤620,基于获取请求中的登录信息,生成标识信息和标识信息对应的失效时间。Step 620: Based on the login information in the acquisition request, generate the identification information and the expiration time corresponding to the identification information.
在本步骤中,上述执行主体接收到获取请求后,可以对获取请求进行解析处理,获取到获取请求中的登录信息。上述执行主体可以根据登录信息,生成与登录信息对应的标识信息,该标识信息与登录信息一一对应,用于标识登录信息对应的用户。然后上述执行主体生成标识信息后,可以根据设置需求和生成时间设置标识信息对应的失效时间,失效时间表征在该时刻之后的时间内标识信息处于失效状态,不再具备访问权限。In this step, after receiving the acquisition request, the above execution subject can parse the acquisition request and obtain the login information in the acquisition request. The above execution subject can generate identification information corresponding to the login information based on the login information. The identification information corresponds to the login information one-to-one and is used to identify the user corresponding to the login information. Then, after the above execution subject generates the identification information, it can set the expiration time corresponding to the identification information according to the setting requirements and the generation time. The expiration time indicates that the identification information is in an invalid state within a time after this moment and no longer has access rights.
上述执行主体可以通过任何相关技术所支持的方式生成标识信息和标识信息对应的失效时间,本公开对此不做具体限定。The above execution subject can generate identification information and the expiration time corresponding to the identification information through any method supported by relevant technologies, and this disclosure does not specifically limit this.
步骤630,接收集成方针对数据页面的访问请求。Step 630: Receive the integration party's access request for the data page.
本实施例的步骤630可以按照与图2所示实施例中的步骤210类似的方式执行,此处不赘述。Step 630 in this embodiment can be performed in a similar manner to step 210 in the embodiment shown in FIG. 2, and will not be described again here.
步骤640,基于浏览器设置信息,生成集成方对应的浏览器指纹信息。Step 640: Based on the browser setting information, generate browser fingerprint information corresponding to the integrator.
本实施例的步骤640可以按照与图2所示实施例中的步骤220类似的方式执行,此处不赘述。Step 640 in this embodiment can be performed in a similar manner to step 220 in the embodiment shown in FIG. 2, and will not be described again here.
步骤650,基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果。 Step 650: Based on the pre-stored verification information, perform information verification on the identification information and browser fingerprint information, and generate a verification result.
本实施例的步骤650可以按照与图2所示实施例中的步骤230类似的方式执行,此处不赘述。Step 650 in this embodiment can be performed in a similar manner to step 230 in the embodiment shown in FIG. 2, and will not be described again here.
步骤660,基于校验结果,向集成方发送对应的数据访问结果。Step 660: Based on the verification result, send the corresponding data access result to the integration party.
本实施例的步骤660可以按照与图2所示实施例中的步骤240类似的方式执行,此处不赘述。Step 660 in this embodiment can be performed in a similar manner to step 240 in the embodiment shown in FIG. 2, and will not be described again here.
在本实施例中,通过首次根据登录信息生成标识信息,并在首次访问时完成标识信息和浏览器指纹信息的绑定存储,能够在集成方和被集成方之间的登录状态相通的前提下,适用页面嵌套输出联合登录的场景,利用标识信息和浏览器指纹信息可以解决页面数据嵌套在跨域或非跨域下安全通信的问题,提高了联合登录场景下数据访问的准确性和安全性。In this embodiment, by generating identification information based on the login information for the first time, and completing the binding storage of the identification information and the browser fingerprint information during the first visit, it is possible to ensure that the login status between the integrating party and the integrated party is connected. , applicable to the scenario of joint login with page nesting output. The use of identification information and browser fingerprint information can solve the problem of secure communication of page data nested in cross-domain or non-cross-domain situations, and improve the accuracy and accuracy of data access in joint login scenarios. safety.
进一步参考图7,作为对上述各图所示方法的实现,本公开提供了一种数据访问装置的一个实施例。该装置实施例与图2所示的方法实施例相对应。With further reference to FIG. 7 , as an implementation of the methods shown in the above figures, the present disclosure provides an embodiment of a data access device. This device embodiment corresponds to the method embodiment shown in Figure 2.
如图7所示,本实施例的数据访问装置700可以包括:接收模块710、生成模块720、校验模块730和发送模块740。As shown in FIG. 7 , the data access device 700 in this embodiment may include: a receiving module 710 , a generating module 720 , a verification module 730 and a sending module 740 .
其中,接收模块710,被配置成接收集成方针对数据页面的访问请求,其中,所述访问请求包括访问所述数据页面的标识信息和浏览器设置信息;Wherein, the receiving module 710 is configured to receive an access request for the data page from the integration party, where the access request includes identification information and browser setting information for accessing the data page;
生成模块720,被配置成基于所述浏览器设置信息,生成所述集成方对应的浏览器指纹信息;The generation module 720 is configured to generate browser fingerprint information corresponding to the integration party based on the browser setting information;
校验模块730,被配置成基于预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果;The verification module 730 is configured to perform information verification on the identification information and the browser fingerprint information based on the pre-stored verification information, and generate a verification result;
发送模块740,被配置成基于所述校验结果,向所述集成方发送对应的数据访问结果。The sending module 740 is configured to send the corresponding data access result to the integrating party based on the verification result.
在本实施的一些可选的实现方式中,校验信息包括至少一个预存标识信息和与预存标识信息对应的预存浏览器指纹信息;以及,校验模块,进一步被配置成:判断预存的校验信息中的至少一个预存标识信息是否包括标识信息;响应于确定预存的校验信息中的至少一个预 存标识信息包括标识信息,从预存的校验信息中确定出标识信息对应的预存浏览器指纹信息;将标识信息对应的预存浏览器指纹信息与浏览器指纹信息进行比较;响应于确定标识信息对应的预存浏览器指纹信息与浏览器指纹信息相同,生成校验成功的校验结果。In some optional implementations of this implementation, the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and the verification module is further configured to: determine the pre-stored verification Whether at least one pre-stored identification information in the information includes identification information; in response to determining that at least one pre-stored identification information in the pre-stored verification information The stored identification information includes identification information, and the pre-stored browser fingerprint information corresponding to the identification information is determined from the pre-stored verification information; the pre-stored browser fingerprint information corresponding to the identification information is compared with the browser fingerprint information; in response to determining that the identification information corresponds to The pre-stored browser fingerprint information is the same as the browser fingerprint information, and a successful verification result is generated.
在本实施的一些可选的实现方式中,校验模块,进一步被配置成:响应于确定预存的校验信息中的至少一个预存标识信息不包括标识信息,将标识信息和浏览器指纹信息对应存储至预存的校验信息,并生成校验成功的校验结果。In some optional implementations of this implementation, the verification module is further configured to: in response to determining that at least one pre-stored identification information in the pre-stored verification information does not include identification information, correspond the identification information to the browser fingerprint information Store the pre-stored verification information and generate a successful verification result.
在本实施的一些可选的实现方式中,校验模块,进一步被配置成:响应于确定标识信息对应的预存浏览器指纹信息与浏览器指纹信息不相同,生成校验失败的校验结果。In some optional implementations of this implementation, the verification module is further configured to: in response to determining that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information, generate a verification result indicating that the verification fails.
在本实施的一些可选的实现方式中,该装置还包括:获取模块,被配置成:响应于从访问请求中获取到标识信息,获取标识信息对应的失效时间;判断模块,被配置成:基于当前时间和标识信息对应的失效时间,判断标识信息是否处于有效状态;以及,校验模块,进一步被配置成:响应于确定标识信息处于有效状态,基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果。In some optional implementations of this implementation, the device further includes: an acquisition module, configured to: in response to obtaining the identification information from the access request, obtain the expiration time corresponding to the identification information; a judgment module, configured to: Based on the current time and the expiration time corresponding to the identification information, determine whether the identification information is in a valid state; and the verification module is further configured to: in response to determining that the identification information is in a valid state, based on the pre-stored verification information, compare the identification information and The browser fingerprint information is used for information verification and verification results are generated.
在本实施的一些可选的实现方式中,生成模块,进一步被配置成:响应于确定标识信息处于失效状态,生成用于提示权限失效的提示信息。In some optional implementations of this implementation, the generation module is further configured to: in response to determining that the identification information is in an invalid state, generate prompt information for prompting that the permission has expired.
在本实施的一些可选的实现方式中,接收模块,进一步被配置成:接收集成方针对标识信息的获取请求,其中,获取请求包括集成方接收到的登录信息;生成模块,进一步被配置成:基于获取请求中的登录信息,生成标识信息和标识信息对应的失效时间。In some optional implementations of this implementation, the receiving module is further configured to: receive an acquisition request for identification information from the integrator, where the acquisition request includes the login information received by the integrator; the generating module is further configured to: : Based on the login information in the acquisition request, generate the identification information and the expiration time corresponding to the identification information.
本公开的上述实施例提供的数据访问装置,上述执行主体首先接收集成方针对数据页面的访问请求,该访问请求包括访问数据页面的标识信息和浏览器设置信息,然后基于浏览器设置信息,生成集成方对应的浏览器指纹信息,并基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果,最后基于校验结果,向集成方发送对应的数据访问结果,利用集成方对应的标识信息和浏览器 指纹信息同时进行信息校验,防止集成方其他用户利用数据页面对应的链接分享导致安全性问题,提高了数据访问的安全性和可靠性,以及,利用集成方对应的标识信息和浏览器指纹信息在集成方和被集成方之间的登录状态相通的前提下,能够适用页面嵌套输出联合登录的场景,可以解决页面数据嵌套在跨域或非跨域下安全通信的问题,提高了联合登录场景下数据访问的准确性和安全性。In the data access device provided by the above embodiments of the present disclosure, the above execution subject first receives an access request from the integration party for the data page. The access request includes the identification information and browser setting information of the accessed data page, and then generates based on the browser setting information. The browser fingerprint information corresponding to the integrator, and based on the pre-stored verification information, performs information verification on the identification information and browser fingerprint information, generates verification results, and finally sends the corresponding data access results to the integrator based on the verification results. , using the identification information and browser corresponding to the integrator Fingerprint information is verified at the same time to prevent other users of the integrator from using the link corresponding to the data page to share, thereby improving the security and reliability of data access. In addition, the identification information and browser fingerprint information corresponding to the integrator are used. On the premise that the login status between the integrator and the integrated party is the same, it can be applied to the scenario of page nested output joint login, which can solve the problem of secure communication of page data nested in cross-domain or non-cross-domain, and improve the joint Accuracy and security of data access in login scenarios.
本公开的方法和装置利用集成方对应的标识信息和浏览器指纹信息同时进行信息校验,防止集成方其他用户利用数据页面对应的链接分享导致安全性问题,提高了数据访问的安全性和可靠性。The method and device of the present disclosure use the identification information corresponding to the integrator and the browser fingerprint information to perform information verification at the same time, preventing other users of the integrator from using the corresponding link sharing of the data page to cause security problems, and improving the security and reliability of data access. sex.
本领域技术人员可以理解,上述装置还包括一些其他公知结构,例如处理器、存储器等,为了不必要地模糊本公开的实施例,这些公知的结构在图7中未示出。Those skilled in the art can understand that the above-mentioned device also includes some other well-known structures, such as a processor, a memory, etc. In order to unnecessarily obscure the embodiments of the present disclosure, these well-known structures are not shown in FIG. 7 .
下面参考图8,其示出了适于用来实现本公开的实施例的电子设备800的结构示意图。本公开的实施例中的终端设备可以包括但不限于诸如智能屏、笔记本电脑、PAD(平板电脑)、PMP(便携式多媒体播放器)、车载终端(例如车载导航终端)等等的移动终端以及诸如数字TV、台式计算机等等的固定终端。图8示出的终端设备仅仅是一个示例,不应对本公开的实施例的功能和使用范围带来任何限制。Referring now to FIG. 8 , a schematic structural diagram of an electronic device 800 suitable for implementing embodiments of the present disclosure is shown. Terminal devices in embodiments of the present disclosure may include, but are not limited to, mobile terminals such as smart screens, laptops, PADs (tablets), PMPs (portable multimedia players), vehicle-mounted terminals (such as vehicle-mounted navigation terminals), etc., and mobile terminals such as Fixed terminals for digital TV, desktop computers, etc. The terminal device shown in FIG. 8 is only an example and should not impose any restrictions on the functions and scope of use of the embodiments of the present disclosure.
如图8所示,电子设备800可以包括处理装置(例如中央处理器、图形处理器等)801,其可以根据存储在只读存储器(ROM)802中的程序或者从存储装置808加载到随机访问存储器(RAM)803中的程序而执行各种适当的动作和处理。在RAM 803中,还存储有电子设备800操作所需的各种程序和数据。处理装置801、ROM 802以及RAM803通过总线804彼此相连。输入/输出(I/O)接口805也连接至总线804。As shown in FIG. 8, the electronic device 800 may include a processing device (eg, central processing unit, graphics processor, etc.) 801, which may be loaded into a random access device according to a program stored in a read-only memory (ROM) 802 or from a storage device 808. The program in the memory (RAM) 803 executes various appropriate actions and processes. In the RAM 803, various programs and data required for the operation of the electronic device 800 are also stored. The processing device 801, ROM 802 and RAM 803 are connected to each other via a bus 804. An input/output (I/O) interface 805 is also connected to bus 804.
通常,以下装置可以连接至I/O接口805:包括例如触摸屏、触摸板、键盘、鼠标、摄像头、麦克风、加速度计、陀螺仪等的输入装置806;包括例如液晶显示器(LCD)、扬声器、振动器等的输出装置807;包括例如磁带、硬盘等的存储装置808;以及通信装置809。通 信装置809可以允许电子设备800与其他设备进行无线或有线通信以交换数据。虽然图8示出了具有各种装置的电子设备800,但是应理解的是,并不要求实施或具备所有示出的装置。可以替代地实施或具备更多或更少的装置。图8中示出的每个方框可以代表一个装置,也可以根据需要代表多个装置。Generally, the following devices may be connected to the I/O interface 805: input devices 806 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; including, for example, a liquid crystal display (LCD), speakers, vibration An output device 807 such as a computer; a storage device 808 including a magnetic tape, a hard disk, etc.; and a communication device 809. Pass The messaging device 809 may allow the electronic device 800 to communicate wirelessly or wiredly with other devices to exchange data. Although FIG. 8 illustrates an electronic device 800 having various means, it should be understood that implementation or availability of all illustrated means is not required. More or fewer means may alternatively be implemented or provided. Each block shown in Figure 8 may represent one device, or may represent multiple devices as needed.
特别地,根据本公开的实施例,上文参考流程图描述的过程可以被实现为计算机软件程序。例如,本公开的实施例包括一种计算机程序产品,其包括承载在计算机可读介质上的计算机程序,该计算机程序包含用于执行流程图所示的方法的程序代码。在这样的实施例中,该计算机程序可以通过通信装置809从网络上被下载和安装,或者从存储装置808被安装,或者从ROM 802被安装。在该计算机程序被处理装置801执行时,执行本公开的实施例的方法中限定的上述功能。需要说明的是,本公开的实施例的计算机可读介质可以是计算机可读信号介质或者计算机可读存储介质或者是上述两者的任意组合。计算机可读存储介质例如可以是但不限于电、磁、光、电磁、红外线、或半导体的系统、装置或器件,或者任意以上的组合。计算机可读存储介质的更具体的例子可以包括但不限于:具有一个或多个导线的电连接、便携式计算机磁盘、硬盘、随机访问存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑磁盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。在本公开的实施例中,计算机可读存储介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。而在本公开的实施例中,计算机可读信号介质可以包括在基带中或者作为载波一部分传播的数据信号,其中承载了计算机可读的程序代码。这种传播的数据信号可以采用多种形式,包括但不限于电磁信号、光信号或上述的任意合适的组合。计算机可读信号介质还可以是计算机可读存储介质以外的任何计算机可读介质,该计算机可读信号介质可以发送、传播或者传输用于由指令执行系统、装置或者器件使用或者与其结合使用的程序。计算机可读介质上包含的程序代码可以用任何适当的介质传输,包括 但不限于:电线、光缆、RF(射频)等等,或者上述的任意合适的组合。In particular, according to embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product including a computer program carried on a computer-readable medium, the computer program containing program code for performing the method illustrated in the flowchart. In such embodiments, the computer program may be downloaded and installed from the network via communication device 809, or from storage device 808, or from ROM 802. When the computer program is executed by the processing device 801, the above-described functions defined in the method of the embodiment of the present disclosure are performed. It should be noted that the computer-readable medium in the embodiments of the present disclosure may be a computer-readable signal medium or a computer-readable storage medium, or any combination of the above two. The computer-readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, device or device, or any combination thereof. More specific examples of computer readable storage media may include, but are not limited to: an electrical connection having one or more wires, a portable computer disk, a hard drive, random access memory (RAM), read only memory (ROM), removable Programmed read-only memory (EPROM or flash memory), fiber optics, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above. In embodiments of the present disclosure, a computer-readable storage medium may be any tangible medium that contains or stores a program for use by or in connection with an instruction execution system, apparatus, or device. In embodiments of the present disclosure, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, in which computer-readable program code is carried. Such propagated data signals may take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the above. A computer-readable signal medium may also be any computer-readable medium other than a computer-readable storage medium that can send, propagate, or transmit a program for use by or in connection with an instruction execution system, apparatus, or device . Program code contained on a computer-readable medium may be transmitted using any suitable medium, including But not limited to: wires, optical cables, RF (radio frequency), etc., or any suitable combination of the above.
可以以一种或多种程序设计语言或其组合来编写用于执行本公开的实施例的操作的计算机程序代码,程序设计语言包括面向对象的程序设计语言诸如Java、Smalltalk、C++,还包括常规的过程式程序设计语言诸如“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算机上执行、部分地在用户计算机上执行、作为一个独立的软件包执行、部分在用户计算机上部分在远程计算机上执行、或者完全在远程计算机或服务器上执行。在涉及远程计算机的情形中,远程计算机可以通过任意种类的网络包括局域网(LAN)或广域网(WAN)连接到用户计算机,或者,可以连接到外部计算机(例如利用因特网服务提供商来通过因特网连接)。Computer program code for performing operations of embodiments of the present disclosure may be written in one or more programming languages, including object-oriented programming languages such as Java, Smalltalk, C++, and conventional programming languages, or a combination thereof. A procedural programming language such as "C" or a similar programming language. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In situations involving remote computers, the remote computer can be connected to the user's computer through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computer (such as through the Internet using an Internet service provider) .
附图中的流程图和框图,图示了按照本公开各种实施例的系统、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段、或代码的一部分,该模块、程序段、或代码的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个接连地表示的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行规定的功能或操作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operations of possible implementations of systems, methods, and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagram may represent a module, segment, or portion of code that contains one or more logic functions that implement the specified executable instructions. It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown one after another may actually execute substantially in parallel, or they may sometimes execute in the reverse order, depending on the functionality involved. It will also be noted that each block of the block diagram and/or flowchart illustration, and combinations of blocks in the block diagram and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or operations. , or can be implemented using a combination of specialized hardware and computer instructions.
描述于本公开实施例中所涉及到的单元可以通过软件的方式实现,也可以通过硬件的方式来实现。所描述的单元也可以设置在处理器中,例如,可以描述为:一种处理器包括接收模块、生成模块、校验模块和发送模块,其中,这些模块的名称在某种情况下并不构成对该模块本身的限定。The units involved in the embodiments of the present disclosure can be implemented in software or hardware. The described unit can also be provided in a processor, for example, it can be described as: a processor includes a receiving module, a generating module, a checking module and a sending module, where the names of these modules do not constitute Limitations on the module itself.
作为另一方面,本公开还提供了一种计算机可读介质,上述计算机可读介质可以是上述电子设备中所包含的;也可以是单独存在,而 未装配入该电子设备中。上述计算机可读介质承载有一个或者多个程序,当上述一个或者多个程序被该电子设备执行时,使得该电子设备:接收集成方针对数据页面的访问请求,其中,访问请求包括访问数据页面的标识信息和浏览器设置信息;基于浏览器设置信息,生成集成方对应的浏览器指纹信息;基于预存的校验信息,对标识信息和浏览器指纹信息进行信息校验,生成校验结果;基于校验结果,向集成方发送对应的数据访问结果。As another aspect, the present disclosure also provides a computer-readable medium. The computer-readable medium may be included in the above-mentioned electronic device; it may also exist alone. Not assembled into this electronic device. The computer-readable medium carries one or more programs. When the one or more programs are executed by the electronic device, the electronic device: receives an access request for a data page from the integrator, where the access request includes access to the data page. identification information and browser setting information; based on the browser setting information, generate the browser fingerprint information corresponding to the integrator; based on the pre-stored verification information, perform information verification on the identification information and browser fingerprint information, and generate verification results; Based on the verification results, the corresponding data access results are sent to the integration party.
以上描述仅为本公开的较佳实施例以及对所运用技术原理的说明。本领域技术人员应当理解,本公开的实施例中所涉及的发明范围,并不限于上述技术特征的特定组合而成的技术方案,同时也应涵盖在不脱离上述发明构思的情况下,由上述技术特征或其等同特征进行任意组合而形成的其它技术方案。例如上述特征与本公开的实施例中公开的(但不限于)具有类似功能的技术特征进行互相替换而形成的技术方案。 The above description is only a description of the preferred embodiments of the present disclosure and the technical principles applied. Persons skilled in the art should understand that the scope of the invention involved in the embodiments of the present disclosure is not limited to technical solutions composed of specific combinations of the above technical features, and should also cover the above-mentioned technical solutions without departing from the above-mentioned inventive concept. Other technical solutions formed by any combination of technical features or their equivalent features. For example, a technical solution is formed by replacing the above features with technical features with similar functions disclosed in the embodiments of the present disclosure (but not limited to).

Claims (17)

  1. 一种数据访问方法,所述方法包括:A data access method, the method includes:
    接收集成方针对数据页面的访问请求,其中,所述访问请求包括访问所述数据页面的标识信息和浏览器设置信息;Receive an access request from the integrator for the data page, where the access request includes identification information and browser setting information for accessing the data page;
    基于所述浏览器设置信息,生成所述集成方对应的浏览器指纹信息;Based on the browser setting information, generate browser fingerprint information corresponding to the integrator;
    基于预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果;Based on the pre-stored verification information, perform information verification on the identification information and the browser fingerprint information, and generate a verification result;
    基于所述校验结果,向所述集成方发送对应的数据访问结果。Based on the verification result, the corresponding data access result is sent to the integration party.
  2. 根据权利要求1所述的方法,其中,所述校验信息包括至少一个预存标识信息和与所述预存标识信息对应的预存浏览器指纹信息;以及,所述基于预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果,包括:The method according to claim 1, wherein the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and, based on the pre-stored verification information, the The identification information and the browser fingerprint information are used for information verification to generate verification results, including:
    判断所述预存的校验信息中的至少一个预存标识信息是否包括所述标识信息;Determine whether at least one pre-stored identification information in the pre-stored verification information includes the identification information;
    响应于确定所述预存的校验信息中的至少一个预存标识信息包括所述标识信息,从所述预存的校验信息中确定出所述标识信息对应的预存浏览器指纹信息;In response to determining that at least one pre-stored identification information in the pre-stored verification information includes the identification information, determine the pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information;
    将所述标识信息对应的预存浏览器指纹信息与所述浏览器指纹信息进行比较;Compare the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information;
    响应于确定所述标识信息对应的预存浏览器指纹信息与所述浏览器指纹信息相同,生成校验成功的校验结果。In response to determining that the pre-stored browser fingerprint information corresponding to the identification information is the same as the browser fingerprint information, a verification result indicating successful verification is generated.
  3. 根据权利要求1-2任一项所述的方法,其中,所述基于预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果,还包括:The method according to any one of claims 1-2, wherein the step of performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information and generating a verification result further includes:
    响应于确定所述预存的校验信息中的至少一个预存标识信息不包括所述标识信息,将所述标识信息和所述浏览器指纹信息对应存储至 所述预存的校验信息,并生成校验成功的校验结果。In response to determining that at least one prestored identification information in the prestored verification information does not include the identification information, the identification information and the browser fingerprint information are correspondingly stored in The pre-stored verification information is generated, and a verification result indicating successful verification is generated.
  4. 根据权利要求1-2任一项所述的方法,其中,所述基于预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果,还包括:The method according to any one of claims 1-2, wherein the step of performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information and generating a verification result further includes:
    响应于确定所述标识信息对应的预存浏览器指纹信息与所述浏览器指纹信息不相同,生成校验失败的校验结果。In response to determining that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information, a verification result indicating that verification fails is generated.
  5. 根据权利要求1-4任一项所述的方法,所述方法还包括:The method according to any one of claims 1-4, further comprising:
    响应于从所述访问请求中获取到所述标识信息,获取所述标识信息对应的失效时间;In response to obtaining the identification information from the access request, obtain the expiration time corresponding to the identification information;
    基于当前时间和所述标识信息对应的失效时间,判断所述标识信息是否处于有效状态;以及,Based on the current time and the expiration time corresponding to the identification information, determine whether the identification information is in a valid state; and,
    所述基于预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果,包括:The step of performing information verification on the identification information and the browser fingerprint information based on the pre-stored verification information and generating a verification result includes:
    响应于确定所述标识信息处于有效状态,基于所述预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果。In response to determining that the identification information is in a valid state, information verification is performed on the identification information and the browser fingerprint information based on the pre-stored verification information, and a verification result is generated.
  6. 根据权利要求1-5任一项所述的方法,所述方法还包括:The method according to any one of claims 1-5, further comprising:
    响应于确定所述标识信息处于失效状态,生成用于提示权限失效的提示信息。In response to determining that the identification information is in an invalid state, prompt information for prompting permission invalidation is generated.
  7. 根据权利要求1-6任一项所述的方法,所述方法还包括:The method according to any one of claims 1-6, further comprising:
    接收所述集成方针对标识信息的获取请求,其中,所述获取请求包括所述集成方接收到的登录信息;Receive an acquisition request for identification information from the integrator, wherein the acquisition request includes the login information received by the integrator;
    基于所述获取请求中的登录信息,生成所述标识信息和所述标识信息对应的失效时间。Based on the login information in the acquisition request, the identification information and the expiration time corresponding to the identification information are generated.
  8. 一种数据访问装置,所述装置包括: A data access device, the device includes:
    接收模块,被配置成接收集成方针对数据页面的访问请求,其中,所述访问请求包括访问所述数据页面的标识信息和浏览器设置信息;A receiving module configured to receive an access request from the integrator for the data page, where the access request includes identification information and browser setting information for accessing the data page;
    生成模块,被配置成基于所述浏览器设置信息,生成所述集成方对应的浏览器指纹信息;A generation module configured to generate browser fingerprint information corresponding to the integrator based on the browser setting information;
    校验模块,被配置成基于预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果;A verification module configured to perform information verification on the identification information and the browser fingerprint information based on the pre-stored verification information, and generate a verification result;
    发送模块,被配置成基于所述校验结果,向所述集成方发送对应的数据访问结果。The sending module is configured to send the corresponding data access result to the integrating party based on the verification result.
  9. 根据权利要求8所述的装置,其中,所述校验信息包括至少一个预存标识信息和与所述预存标识信息对应的预存浏览器指纹信息;以及,所述校验模块,进一步被配置成:The device according to claim 8, wherein the verification information includes at least one pre-stored identification information and pre-stored browser fingerprint information corresponding to the pre-stored identification information; and the verification module is further configured to:
    判断所述预存的校验信息中的至少一个预存标识信息是否包括所述标识信息;Determine whether at least one pre-stored identification information in the pre-stored verification information includes the identification information;
    响应于确定所述预存的校验信息中的至少一个预存标识信息包括所述标识信息,从所述预存的校验信息中确定出所述标识信息对应的预存浏览器指纹信息;In response to determining that at least one pre-stored identification information in the pre-stored verification information includes the identification information, determine the pre-stored browser fingerprint information corresponding to the identification information from the pre-stored verification information;
    将所述标识信息对应的预存浏览器指纹信息与所述浏览器指纹信息进行比较;Compare the pre-stored browser fingerprint information corresponding to the identification information with the browser fingerprint information;
    响应于确定所述标识信息对应的预存浏览器指纹信息与所述浏览器指纹信息相同,生成校验成功的校验结果。In response to determining that the pre-stored browser fingerprint information corresponding to the identification information is the same as the browser fingerprint information, a verification result indicating successful verification is generated.
  10. 根据权利要求8-9任一项所述的装置,其中,所述校验模块,进一步被配置成:The device according to any one of claims 8-9, wherein the verification module is further configured to:
    响应于确定所述预存的校验信息中的至少一个预存标识信息不包括所述标识信息,将所述标识信息和所述浏览器指纹信息对应存储至所述预存的校验信息,并生成校验成功的校验结果。In response to determining that at least one pre-stored identification information in the pre-stored verification information does not include the identification information, the identification information and the browser fingerprint information are correspondingly stored in the pre-stored verification information, and a verification is generated. Verification result of successful verification.
  11. 根据权利要求8-9任一项所述的装置,其中,所述校验模块,进一步被配置成: The device according to any one of claims 8-9, wherein the verification module is further configured to:
    响应于确定所述标识信息对应的预存浏览器指纹信息与所述浏览器指纹信息不相同,生成校验失败的校验结果。In response to determining that the pre-stored browser fingerprint information corresponding to the identification information is different from the browser fingerprint information, a verification result indicating that verification fails is generated.
  12. 根据权利要求8-11任一项所述的装置,所述装置还包括:获取模块,被配置成:响应于从所述访问请求中获取到所述标识信息,获取所述标识信息对应的失效时间;The device according to any one of claims 8-11, the device further comprising: an acquisition module configured to: in response to acquiring the identification information from the access request, acquire an invalidity corresponding to the identification information. time;
    判断模块,被配置成:基于当前时间和所述标识信息对应的失效时间,判断所述标识信息是否处于有效状态;以及a judgment module configured to: judge whether the identification information is in a valid state based on the current time and the expiration time corresponding to the identification information; and
    所述校验模块,进一步被配置成:响应于确定所述标识信息处于有效状态,基于所述预存的校验信息,对所述标识信息和所述浏览器指纹信息进行信息校验,生成校验结果。The verification module is further configured to: in response to determining that the identification information is in a valid state, perform information verification on the identification information and the browser fingerprint information based on the pre-stored verification information, and generate a verification module. test results.
  13. 根据权利要求8-12任一项所述的装置,其中,所述生成模块,进一步被配置成:响应于确定所述标识信息处于失效状态,生成用于提示权限失效的提示信息。The device according to any one of claims 8-12, wherein the generating module is further configured to: in response to determining that the identification information is in an invalid state, generate prompt information for prompting permission invalidation.
  14. 根据权利要求8-13任一项所述的装置,其中,所述接收模块,进一步被配置成:接收所述集成方针对标识信息的获取请求,其中,所述获取请求包括所述集成方接收到的登录信息;The device according to any one of claims 8-13, wherein the receiving module is further configured to: receive an acquisition request for identification information from the integrator, wherein the acquisition request includes the integrator receiving login information;
    所述生成模块,进一步被配置成:基于所述获取请求中的登录信息,生成所述标识信息和所述标识信息对应的失效时间。The generating module is further configured to: generate the identification information and the expiration time corresponding to the identification information based on the login information in the acquisition request.
  15. 一种电子设备,包括:An electronic device including:
    一个或多个处理器;one or more processors;
    存储装置,用于存储一个或多个程序,a storage device for storing one or more programs,
    当所述一个或多个程序被所述一个或多个处理器执行时,使得所述一个或多个处理器实现如权利要求1-7中任一项所述的方法。When the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the method according to any one of claims 1-7.
  16. 一种计算机可读介质,其上存储计算机程序,其特征在于,该计算机程序被处理器执行时实现如权利要求1-7中任一项所述的方 法。A computer-readable medium on which a computer program is stored, characterized in that when the computer program is executed by a processor, the method of any one of claims 1-7 is implemented. Law.
  17. 一种计算机程序产品,包括计算机程序,所述计算机程序在被处理器执行时实现如权利要求1-7中任一项所述的方法。 A computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of claims 1-7.
PCT/CN2023/074316 2022-06-16 2023-02-03 Data access method and apparatus WO2023241060A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210684373.XA CN115102744A (en) 2022-06-16 2022-06-16 Data access method and device
CN202210684373.X 2022-06-16

Publications (1)

Publication Number Publication Date
WO2023241060A1 true WO2023241060A1 (en) 2023-12-21

Family

ID=83290266

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/074316 WO2023241060A1 (en) 2022-06-16 2023-02-03 Data access method and apparatus

Country Status (2)

Country Link
CN (1) CN115102744A (en)
WO (1) WO2023241060A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117544322A (en) * 2024-01-10 2024-02-09 北京雪诺科技有限公司 Browser identification method, device, equipment and storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115102744A (en) * 2022-06-16 2022-09-23 京东科技信息技术有限公司 Data access method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109587133A (en) * 2018-11-30 2019-04-05 武汉烽火众智智慧之星科技有限公司 A kind of single-node login system and method
CN112100603A (en) * 2020-09-15 2020-12-18 福建天晴在线互动科技有限公司 Website combined graph verification code defense method and system
CN112491776A (en) * 2019-09-11 2021-03-12 华为技术有限公司 Security authentication method and related equipment
US11240255B1 (en) * 2018-01-31 2022-02-01 Intuit Inc. System and method to recognize unauthenticated visitors
CN115102744A (en) * 2022-06-16 2022-09-23 京东科技信息技术有限公司 Data access method and device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6253325B1 (en) * 1998-04-15 2001-06-26 Hewlett-Packard Company Apparatus and method for securing documents posted from a web resource
CN107426181B (en) * 2017-06-20 2019-09-17 竞技世界(北京)网络技术有限公司 The hold-up interception method and device of malice web access request
US11288398B2 (en) * 2019-06-03 2022-03-29 Jpmorgan Chase Bank, N.A. Systems, methods, and devices for obfuscation of browser fingerprint data on the world wide web
US10628576B1 (en) * 2019-08-20 2020-04-21 Capital One Services, Llc Computer-based platforms or systems, computing devices or components and/or computing methods for technological applications involving provision of a portal for managing user accounts having a login portal configured to defend against credential replay attacks
US11539746B2 (en) * 2020-02-18 2022-12-27 Td Ameritrade Ip Company, Inc. Methods and systems for browser spoofing mitigation
CN113239308B (en) * 2021-05-26 2023-07-18 杭州安恒信息技术股份有限公司 Page access method, device, equipment and storage medium
CN113556343B (en) * 2021-07-21 2022-01-11 江南信安(北京)科技有限公司 DDoS attack defense method and device based on browser fingerprint identification
CN114257430A (en) * 2021-12-13 2022-03-29 以萨技术股份有限公司 Single sign-on system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11240255B1 (en) * 2018-01-31 2022-02-01 Intuit Inc. System and method to recognize unauthenticated visitors
CN109587133A (en) * 2018-11-30 2019-04-05 武汉烽火众智智慧之星科技有限公司 A kind of single-node login system and method
CN112491776A (en) * 2019-09-11 2021-03-12 华为技术有限公司 Security authentication method and related equipment
CN112100603A (en) * 2020-09-15 2020-12-18 福建天晴在线互动科技有限公司 Website combined graph verification code defense method and system
CN115102744A (en) * 2022-06-16 2022-09-23 京东科技信息技术有限公司 Data access method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117544322A (en) * 2024-01-10 2024-02-09 北京雪诺科技有限公司 Browser identification method, device, equipment and storage medium
CN117544322B (en) * 2024-01-10 2024-03-22 北京雪诺科技有限公司 Browser identification method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN115102744A (en) 2022-09-23

Similar Documents

Publication Publication Date Title
CN108810006B (en) Resource access method, device, equipment and storage medium
CN111639319B (en) User resource authorization method, device and computer readable storage medium
US10681028B2 (en) Controlling access to resources on a network
CN108923908B (en) Authorization processing method, device, equipment and storage medium
US9769266B2 (en) Controlling access to resources on a network
CN112333198B (en) Secure cross-domain login method, system and server
WO2023241060A1 (en) Data access method and apparatus
TWI617166B (en) Hardware resource access systems and techniques
US9125059B2 (en) Password-free, token-based wireless access
CN108965250B (en) Digital certificate installation method and system
CN112131021B (en) Access request processing method and device
CN105229987A (en) The initiatively mobile authentication of associating
CN109408250A (en) Call application programming interface API approach, device, electronic equipment
CN113542201B (en) Access control method and equipment for Internet service
CN112866385B (en) Interface calling method and device, electronic equipment and storage medium
WO2023193572A1 (en) Data management method and apparatus, server and storage medium
JP7269486B2 (en) Information processing device, information processing method and information processing program
CN109951487A (en) A kind of portal authentication method and device
CN110855655B (en) Information verification method, device, equipment and storage medium
JP6622900B2 (en) Providing multi-factor authentication credentials via device notification
CN112543194B (en) Mobile terminal login method and device, computer equipment and storage medium
CN113536365A (en) File access method, device, equipment and medium
CN110659476A (en) Method and apparatus for resetting password
CN109462604A (en) A kind of data transmission method, device, equipment and storage medium
CN112261659B (en) Control method and device for terminal and server, terminal and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23822632

Country of ref document: EP

Kind code of ref document: A1