CN109815659A - WEB project-based security authentication method, device, electronic device and storage medium - Google Patents
WEB project-based security authentication method, device, electronic device and storage medium Download PDFInfo
- Publication number
- CN109815659A CN109815659A CN201811537709.XA CN201811537709A CN109815659A CN 109815659 A CN109815659 A CN 109815659A CN 201811537709 A CN201811537709 A CN 201811537709A CN 109815659 A CN109815659 A CN 109815659A
- Authority
- CN
- China
- Prior art keywords
- client
- verification
- request
- transaction
- transaction request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
一种基于WEB项目的安全认证方法,包括:接收到客户端的登录请求时,根据公钥验证客户端的身份是否有效;在确定客户端的身份有效且检测到客户端有提交交易请求时,根据预设权限规则获取交易请求对应的校验权限;当确定交易请求对应第一校验权限时,将所述交易请求发送给第一校验人员进行校验;当确定交易请求对应第二校验权限时,将交易请求发送给第二校验人员进行校验;在接收到第一或第二校验人员对交易请求的确认后,根据交易请求完成相应的交易。本发明还提供一种基于WEB项目的安全认证装置、电子设备及存储介质。本发明能够确保客户端登录到交易的每一个环节的安全认证,保证客户端的安全性的同时提升了WEB服务器系统本身的安全性。
A security authentication method based on a WEB project, comprising: when receiving a login request from a client, verifying whether the identity of the client is valid according to a public key; when determining that the identity of the client is valid and detecting that the client has submitted a transaction request, according to preset The authority rule obtains the verification authority corresponding to the transaction request; when it is determined that the transaction request corresponds to the first verification authority, the transaction request is sent to the first verification personnel for verification; when it is determined that the transaction request corresponds to the second verification authority , send the transaction request to the second verifier for verification; after receiving the confirmation of the transaction request by the first or second verifier, complete the corresponding transaction according to the transaction request. The invention also provides a WEB project-based security authentication device, electronic equipment and storage medium. The present invention can ensure the security authentication of the client logging in to each link of the transaction, and improve the security of the WEB server system itself while ensuring the security of the client.
Description
Technical field
The present invention relates to technical field of network security, and in particular to a kind of safety certifying method based on WEB project, dress
It sets, electronic equipment and storage medium.
Background technique
In increasingly information-based society, the application of information technology has penetrated into the every aspect of production and life.People
Will use electronic device terminal various information systems accessed by network, these information systems are possible to be related to enterprise
The production and operation of industry or the transaction debt of individual, in order to ensure that the safety of these information systems, common means are for system
Each client privately owned client name and password are set.But the client name of system client and password are uploaded in network
When defeated, there is the possibility intercepted and captured by third party, and all exist in the server-side of system and client electronic device access terminal
The possibility for collecting the trojan horse program of client password is implanted by third party, so common client name and Cryptographic Assurance About system visitor
There is also sizable risks for the technological means of family end safety.
Summary of the invention
In view of the foregoing, it is necessary to propose a kind of safety certifying method based on WEB project, device, electronic equipment and
Storage medium, it can be ensured that client logs on to the safety certification of each link of transaction, guarantees the safety of client
The safety of web server system itself is improved simultaneously.
The first aspect of the present invention provides a kind of safety certifying method based on WEB project, is applied to WEB server, institute
The method of stating includes:
When receiving the logging request of client, whether the identity of the client according to public key verifications is effective;
When the identity for determining the client is effective, detect whether the client has submission transaction request;
When detecting that the client has submission transaction request, according to transaction request pair described in default access Rule
The verification permission answered;
When determining the corresponding verification permission of the transaction request is the first verification permission, the transaction request is sent to
First verification personnel verify;
When determining the corresponding verification permission of the transaction request is the second verification permission, the transaction request is sent to
Second verification personnel verify;
After receiving the first verification personnel or the second verification personnel to the confirmation of the transaction request, according to
The transaction request completes corresponding transaction.
Preferably, it is described receive the logging request of client before, the method also includes:
Receive the registration request of client;
Obtain the first public key that client is generated previously according to rivest, shamir, adelman in the client and corresponding storage
The registration information of first public key and the client, wherein first public key and be stored in the first of the client
Private key pair;
The WEB server is sent to the client previously according to the second public key that the rivest, shamir, adelman generates
End is stored, wherein second public key and the second private key pair for being stored in the WEB server.
Preferably, the login account, login password and short message verification code of the client are carried in the logging request,
Wherein, the login account and the login password are to carry out first time encryption by first private key by the client
The first CIPHERING REQUEST obtained afterwards;First CIPHERING REQUEST and the short message verification code be pass through by the client it is described
Second public key carries out the second CIPHERING REQUEST obtained after encrypting second.
Preferably, when the logging request for receiving client, whether the identity of the client according to public key verifications
Effectively include:
Judge whether that second private key for being able to use the WEB server solves second CIPHERING REQUEST
It is close;
If can use second private key of the WEB server that second CIPHERING REQUEST is decrypted, obtain
First decoding request;
The client of the corresponding short message verification code and right is obtained according to the short message verification code in first decoding request
Answer first public key of the client;
Judge whether that first decoding request is decrypted in first public key for being able to use the client;
If can use first public key of the client that first decoding request is decrypted, second is obtained
Decoding request;
According in second decoding request the login account and the login password authentication described in client body
Whether part is effective.
Preferably, described in the login account according in second decoding request and the login password authentication
The identity of client whether effectively include:
Whether just the login account in second decoding request and the record password are verified according to regular expressions
Really;
If it is determined that the login account and the login password are filled according to regulation format, then the client is confirmed
Identity is effective;
If it is determined that the login account and the login password are filled in not in accordance with prescribed form, then the client is confirmed
Hold identity invalid.
Preferably, the default access rule includes:
Transaction request is preset according to the transaction code in transaction request and verifies the corresponding relationship between permission, comprising:
The first transaction code list and the second transaction code list are preset, the transaction code in the transaction request is first transaction code
Corresponding first verification permission when transaction code in list, the transaction code in the transaction request is in the second transaction code list
Transaction code when corresponding second verification permission;
Transaction request is preset according to the turnover in transaction request and verifies the corresponding relationship between permission, comprising:
It presets the turnover in transaction request and is lower than corresponding first verification permission when default turnover, the turnover in transaction request
Corresponding second verification permission when greater than or equal to the default turnover.
Preferably, described when determining the corresponding verification permission of the transaction request is the second verification permission, by the friendship
Easily request, which is sent to the second verification personnel and verify, includes:
The transaction request is first sent to the first verification personnel and verifies and then be sent to second school
The personnel of testing verify.
The second aspect of the present invention provides a kind of safety certification device based on WEB project, the system comprises:
Authentication module, when for receiving the logging request of client, the identity of the client according to public key verifications is
It is no effective;
Detection module detects the client when identity for determining the client in the authentication module is effective
Whether submission transaction request is had;
Obtain module, for when the detection module detect the client have submit transaction request when, according to default
The rules of competence obtain the corresponding verification permission of the transaction request;
The authentication module, also when determining the corresponding verification permission of the transaction request is the first verification permission, by institute
It states transaction request and is sent to the first verification personnel and verify;And works as and determine that the corresponding verification permission of the transaction request is second
When verifying permission, the transaction request is sent to the second verification personnel and is verified;
Transaction modules, for receiving the first verification personnel or the second verification personnel to the transaction request
Confirmation after, corresponding transaction is completed according to the transaction request.
The third aspect of the present invention provides a kind of electronic equipment, and the electronic equipment includes processor and memory, described
The safety certification side based on WEB project is realized when processor is for executing the computer program stored in the memory
Method.
The fourth aspect of the present invention provides a kind of computer readable storage medium, deposits on the computer readable storage medium
Computer program is contained, the safety certifying method based on WEB project is realized when the computer program is executed by processor.
Safety certifying method based on WEB project, device, electronic equipment and storage medium of the present invention, Neng Gou
When client request logs in, decrypt twice by the public key of both sides confirm client be in request WEB server and
Whether the identity for further verifying client is effective;It, can be according to transaction request, by different rights in client request transaction
Verification, by verification personnel complete verification confirmation after traded just now according to transaction request.So that client is by logging in
To the safety certification of each link of transaction, it ensure that the safety of client, also improve web server system itself
Safety.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the flow chart for the safety certifying method based on WEB project that the embodiment of the present invention one provides.
Fig. 2 is the functional block diagram of the safety certification device provided by Embodiment 2 of the present invention based on WEB project.
Fig. 3 is the schematic diagram for the electronic equipment that the embodiment of the present invention three provides.
The present invention that the following detailed description will be further explained with reference to the above drawings.
Specific embodiment
To better understand the objects, features and advantages of the present invention, with reference to the accompanying drawing and specific real
Applying example, the present invention will be described in detail.It should be noted that in the absence of conflict, the embodiment of the present invention and embodiment
In feature can be combined with each other.
In the following description, numerous specific details are set forth in order to facilitate a full understanding of the present invention, described embodiment is only
It is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill
Personnel's every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Unless otherwise defined, all technical and scientific terms used herein and belong to technical field of the invention
The normally understood meaning of technical staff is identical.Term as used herein in the specification of the present invention is intended merely to description tool
The purpose of the embodiment of body, it is not intended that in the limitation present invention.
The safety certifying method based on WEB project of the embodiment of the present invention is applied in one or more electronic equipment.
The safety certifying method based on WEB project also can be applied to by electronic equipment and by network and the electronic equipment into
In the hardware environment that the WEB server of row connection is constituted.Network includes but is not limited to: wide area network, Metropolitan Area Network (MAN) or local area network.This
Inventive embodiments can be executed based on the safety certifying method of WEB project by WEB server, can also by electronic equipment Lai
It executes;It can also be and executed jointly by WEB server and electronic equipment.
The electronic equipment that needs are carried out with the safety certifying method based on WEB project, can directly on an electronic device
The safety certification function based on WEB project provided by method of the invention, or installation are integrated for realizing side of the invention
The client of method.For another example, method provided by the present invention can also be with Software Development Kit (Software Development
Kit, SDK) form operate in the equipment such as WEB server, in the form of SDK provide the safety certification function based on WEB project
Method of the present invention can be realized by the interface provided in the interface of energy, electronic equipment or other equipment.
Embodiment one
Fig. 1 is the flow chart for the safety certifying method based on WEB project that the embodiment of the present invention one provides.According to different
Demand, the execution sequence in the flow chart can change, and certain steps can be omitted.
S11: when receiving the logging request of client, whether the identity of the client according to public key verifications is effective.
Client user can input log-in instruction to WEB server by the browser of client and ask to send login
It asks.Uniform resource locator (Uniform Resource is particularly inputted in the address field of client browser
Locator, URL), the input of client end response user sends hypertext transfer protocol to WEB server by browser
(HyperText Transfer Protocol, HTTP) request or hypertext transfer protocol secure socket layer (Hypertext
Transfer Protocol over Secure Socket Layer, HTTPS) request.That is, the logging request of the client
For HTTP request or HTTPS request.
It preferably, include: the IP address or domain name of WEB server, WEB in the HTTP request or HTTPS request
The port of server accesses the path of resource, is sent to the parameter of WEB server.The parameter includes: the login account of client
Number, login password and short message verification code.
Be provided with user's login interface in the client, user's login interface be equipped with login account input field,
Login password input field, obtains verifying code key and login button at short message verification code input field.The login account input field is to connect
Receive the login account of user's input, login password of the login password input field to receive user's input, short message verification code
Short message verification code of the input field to receive user's input, the short message verification code are to be verified by clicking or touching the acquisition
The short message verification code sent after code key by WEB server.Client will carry user after clicking or touching the login button
The login account and login password of input and the logging request of short message verification code submit to WEB server.
Further, it is described receive the logging request of client before, the method also includes
Receive the registration request of client;
Obtain the first public key that client is generated previously according to rivest, shamir, adelman in the client and corresponding storage
The registration information of first public key and the client, wherein first public key and be stored in the first of the client
Private key pair;
The WEB server is sent to the client previously according to the second public key that the rivest, shamir, adelman generates
End is stored, wherein second public key and the second private key pair for being stored in the WEB server.
User's registration interface is additionally provided in client, the user's registration interface is inputted equipped with user's registration account
Column, log-in password input field, short message verification code input field and acquisition verifying code key.User completes in client and submits registration
Afterwards, WEB server will check short message verification code, if short message verification code correctly if add in the client list of WEB server
The registration information of client.After client succeeds in registration, register account number is subsequent login account, and log-in password is subsequent
Login password.
User generates a pair of first public key and the first private key in the client previously according to rivest, shamir, adelman, simultaneously
First public key is sent to the WEB server to store.The WEB server is previously according to the asymmetric encryption
Algorithm generates a pair of second public key and the second private key, while second public key is sent to the client and is stored.WEB
When server receives the registration request of client, by the corresponding registration information of the registration request of client and first public key
Carry out corresponding storage.
During client registers, two public keys and private key pair, one pair of them are generated according to rivest, shamir, adelman
Public key and private key are stored in client, and another pair public key and private key are stored in WEB server.After client registers success, WEB
Server stores the first public key of the registration information of client and the client of the corresponding registration information.
Due to a pair of of the public-key cryptography (public key) and private cipher key (private key) for using rivest, shamir, adelman to generate, public affairs are used
It opens data key to be encrypted, could only be decrypted with corresponding private cipher key;If added with private cipher key pair data
It is close, it could only be decrypted with corresponding public-key cryptography.Thus the first public key is issued WEB server in registration by client, WEB
Server can only eliminate client needs using the first public key decryptions of client by the information after the private key encryption of client
To the needs of WEB server exchange key, thus confidentiality is more preferable, and then can effectively guarantee the peace in message transmitting procedure
Entirely.
Preferably, the login account, login password and short message verification code of the client are carried in the logging request,
Wherein, the login account and the login password are to carry out first time encryption by first private key by the client
The first CIPHERING REQUEST obtained afterwards;First CIPHERING REQUEST and the short message verification code be pass through by the client it is described
Second public key carries out the second CIPHERING REQUEST obtained after encrypting second.
It is stepped on using first private key of the client by what is carried in the HTTP request or the HTTPS request
Account, login password progress first time encryption are recorded, the first CIPHERING REQUEST is obtained;It is public using described the second of the WEB server
The short message verification code of first CIPHERING REQUEST and the corresponding login account is carried out second and encrypted by key, obtains the second encryption
Request;Second CIPHERING REQUEST is sent to the WEB server finally by the client.Due to using client
First private key carries out first time encryption, and the second public key for reusing WEB server carries out second and encrypts, and can not only exclude it
A possibility that his client spurious information, moreover it is possible to which the WEB server for ensuring that only client request logs in can solve confidential information, and see
To the information of unencryption, even if other third party's WEB servers or application are truncated to after the logging request of client transmission,
Also simultaneously altered data can not be decrypted.
Preferably, when the logging request for receiving client, whether the identity of the client according to public key verifications
Effectively include:
Judge whether that second private key for being able to use the WEB server solves second CIPHERING REQUEST
It is close;
If can use second private key of the WEB server that second CIPHERING REQUEST is decrypted, obtain
First decoding request;
The client of the corresponding short message verification code and right is obtained according to the short message verification code in first decoding request
Answer first public key of the client;
Judge whether that first decoding request is decrypted in first public key for being able to use the client;
If can use first public key of the client that first decoding request is decrypted, second is obtained
Decoding request;
According in second decoding request the login account and the login password authentication described in client body
Whether part is effective.
Carry out first time decryption by the second private key of WEB server, it is ensured that logging request be sent by client, then
Second is carried out using the first public key of client to decrypt, and further confirms that whether the identity of client is effective.Otherwise, can not make
Second is carried out with the first public key of client to decrypt.
Further, described in the login account according in second decoding request and the login password authentication
Whether the identity of client is effective further include:
Whether just the login account in second decoding request and the record password are verified according to regular expressions
Really;
If it is determined that the login account and the login password are filled according to regulation format, then the client is confirmed
Identity is effective;
If it is determined that the login account and the login password are filled in not in accordance with prescribed form, then the client is confirmed
Hold identity invalid.
If it is determined that the login password of the login account and the corresponding login account is filled according to regulation format, then
It can be with the message that the login and return at customer in response end login successfully to the client;If it is determined that the login account and right
It answers the login password of the login account to fill in not in accordance with prescribed form, then can be not responding to the login of client and return is stepped on
Failure news is recorded to the client.
The regular expression is the prior art, is repeated no more herein.
The prescribed form is pre-set format, for example, the format of client name is such as initial caps, and is
The combination etc. of letter and numbers and symbols.
S12: when the identity for determining the client is effective, detect whether the client has submission transaction request.
In the present embodiment, when WEB server determines that client identity is effective, client can succeed login system, and root
It trades according to the service that system provides.Client submits transaction to ask when being traded, through client to WEB server
It asks.
The transaction request may include: that the transaction code of requests transaction, the turnover of the corresponding transaction code and transaction are bright
Carefully.The transaction code refers to the type of the service of offer, the corresponding different transaction code of different services, for example, providing charge filling clothes
The transaction code of business is 1, and the transaction code for providing transfer services is 2, and the transaction code for providing purchase daily necessities service is 3, is mentioned
Transaction code for buying the service of household household electrical appliances is 4.
S13: it when detecting that the client has submission transaction request, trades and asks according to default access Rule
Seek corresponding verification permission.
WEB server can preset the rules of competence, allow to through different verification permissions to different transaction
Request, which carries out verification, ensures the safety verification of transaction request.
In the present embodiment, the default access rule are as follows: transaction request is preset according to the transaction code in transaction request
With the corresponding relationship between verification permission, comprising: preset the first transaction code list and the second transaction code list, the transaction
Corresponding first verification permission when transaction code in request is the transaction code in the first transaction code list, in the transaction request
Transaction code corresponding second verification permission when being the transaction code in the second transaction code list.
Illustratively, the transaction code in the first transaction code list can be 1 and 3, the transaction code in the second transaction code list
It can be 2 and 4, then when receiving transaction request, obtaining the transaction code in transaction request is 2, thus the corresponding transaction code 2
The corresponding first verification permission of transaction request.
The two selects one, the default access rule are as follows: preset transaction according to the turnover in transaction request and ask
Seek and verify the corresponding relationship between permission, comprising: preset when turnover in transaction request is lower than default turnover pair
The first verification permission is answered, the turnover in transaction request is greater than or equal to corresponding second verification permission when the default turnover.
Illustratively, the default turnover is 1000, if obtaining the friendship in transaction request when receiving transaction request
When easy volume is 800, thus the corresponding first verification permission of transaction request of the corresponding turnover 800;If when receiving transaction request
When, when the turnover for obtaining in transaction request is 1200, thus corresponding second verification of transaction request of the corresponding turnover 1200
Permission.
In the present embodiment, the corresponding first verification permission of the first transaction request, the corresponding first verification personnel of the first verification permission,
The corresponding second verification permission of second transaction request, the corresponding second verification personnel of the second verification permission.First, which verifies permission, to be
Low verification permission, the second verification permission can test permission for colleges and universities, i.e., the verification permission of the first verification personnel is lower, the second verification
The verification permission of personnel is higher.The low corresponding transaction request of permission that verifies need to be weighed by the verification of the first verification personnel, height verification
Limiting corresponding transaction request need to be by the verification of the second verification personnel.
In some embodiments, the first verification permission can be the transaction code and transaction read in the transaction request
Volume is submitted or retracts the transaction request etc..Second verification permission can be reading, modification, edit in the transaction request
Transaction code and turnover, submit or retract the transaction request etc..
S14: when determining the corresponding verification permission of the transaction request is the first verification permission, the transaction request is sent out
The first verification personnel are given to verify;It, will when determining the corresponding verification permission of the transaction request is the second verification permission
The transaction request is sent to the second verification personnel and verifies.
According to default access Rule to the corresponding verification permission of the transaction request be low verification permission when, will trade
The verification personnel that request is sent to corresponding low verification permission verify.According to default access Rule to the transaction request
When corresponding verification permission is high verification permission, the verification personnel that transaction request is sent to corresponding high verification permission are subjected to school
It tests.
In other embodiments, when determining the corresponding verification permission of the transaction request is the first verification permission, by institute
It states transaction request and is sent to the first verification personnel and verify;And works as and determine that the corresponding verification permission of the transaction request is second
When verifying permission, the transaction request is first sent to the first verification personnel and verifies and then be sent to the second verification people
Member is verified.By verifying the verification of personnel twice, the safety of the transaction request of corresponding second verification permission more can ensure that.
Verification permission is judged according to transaction request, when the verification permission of transaction request is low, by the verification of low verification permission
Personnel verify, and when the verification permission of transaction request is high, is verified, can be directed to by the verification personnel of high verification permission
Transaction request carries out different authorization checks, so as not to all transaction requests by same parity personnel verify, checking time compared with
It is long, to extend the waiting time of the client of client.
S15: after receiving the first verification personnel or the second verification personnel to the confirmation of the transaction request,
Corresponding transaction is completed according to the transaction request.
In the present embodiment, when the verification permission of transaction request is low, verified simultaneously by the verification personnel of low verification permission
Confirm it is errorless after, complete the transaction request of client.When the verification permission of transaction request is high, by high verification permission
Verification personnel verify and confirm it is errorless after, complete the transaction request of client.
In conclusion the safety certifying method based on WEB project described in the embodiment of the present invention, receives stepping on for client
When record request, whether the identity of the client according to public key verifications is effective;When the identity for determining the client is effective, inspection
Survey whether the client has submission transaction request;When detecting that the client has submission transaction request, according to default power
Limit the corresponding verification permission of transaction request described in Rule;When determine the corresponding verification permission of the transaction request be the first school
When testing permission, the transaction request is sent to the first verification personnel and is verified;When determining the corresponding school of the transaction request
Test permission be second verification permission when, the transaction request is sent to the second verification personnel and is verified;It is described receiving
After first verifies personnel or the second verification personnel to the confirmation of the transaction request, completed according to the transaction request corresponding
Transaction.By the public key of both sides can decrypt twice to confirm that client is to request when client request is logged in
Whether the identity of WEB server and further verifying client is effective;In client request transaction, can be asked according to transaction
It asks, by the verification of different rights, is traded just now according to transaction request after completing verification confirmation by verification personnel.To make
Client by logging on to the safety certification of each link of transaction, ensure that the safety of client, also improve WEB clothes
The safety for device system of being engaged in itself.
The above is only a specific embodiment of the invention, but scope of protection of the present invention is not limited thereto, for
For those skilled in the art, without departing from the concept of the premise of the invention, improvement, but these can also be made
It all belongs to the scope of protection of the present invention.
Below with reference to the 2nd to 3 figure, respectively to the electronic equipment for realizing the above-mentioned safety certifying method based on WEB project
Functional module and hardware configuration are introduced.
Embodiment two
Fig. 2 is that the present invention is based on the functional block diagrams in the safety certification device preferred embodiment of WEB project.
In some embodiments, the safety certification device 20 based on WEB project is run in electronic equipment.The base
In the safety certification device 20 of WEB project may include multiple functional modules as composed by program code segments.It is described to be based on WEB
The program code of each program segment in the safety certification device 20 of project can store in memory, and by least one
It manages performed by device, with the safety certifying method of execution (being detailed in Fig. 1 and its associated description) based on WEB project.
In the present embodiment, the function based on the safety certification device 20 of WEB project according to performed by it can be drawn
It is divided into multiple functional modules.The functional module may include: authentication module 201, receiving module 202, obtain module 203, hair
Send module 204, detection module 205 and transaction modules 206.The so-called module of the present invention refers to that one kind can be handled by least one
Device is performed and can complete the series of computation machine program segment of fixed function, and storage is in memory.In some implementations
In example, the function about each module will be described in detail in subsequent embodiment.
Authentication module 201, when for receiving the logging request of client, the identity of the client according to public key verifications
Whether effectively.
Client user can input log-in instruction to WEB server by the browser of client and ask to send login
It asks.Uniform resource locator (Uniform Resource is particularly inputted in the address field of client browser
Locator, URL), the input of client end response user sends hypertext transfer protocol to WEB server by browser
(HyperText Transfer Protocol, HTTP) request or hypertext transfer protocol secure socket layer (Hypertext
Transfer Protocol over Secure Socket Layer, HTTPS) request.That is, the logging request of the client
For HTTP request or HTTPS request.
It preferably, include: the IP address or domain name of WEB server, WEB in the HTTP request or HTTPS request
The port of server accesses the path of resource, is sent to the parameter of WEB server.The parameter includes: the login account of client
Number, login password and short message verification code.
Be provided with user's login interface in the client, user's login interface be equipped with login account input field,
Login password input field, obtains verifying code key and login button at short message verification code input field.The login account input field is to connect
Receive the login account of user's input, login password of the login password input field to receive user's input, short message verification code
Short message verification code of the input field to receive user's input, the short message verification code are to be verified by clicking or touching the acquisition
The short message verification code sent after code key by WEB server.Client will carry user after clicking or touching the login button
The login account and login password of input and the logging request of short message verification code submit to WEB server.
Receiving module 202, for receiving the registration request of client.
Module 203 is obtained, the generated previously according to rivest, shamir, adelman in the client for obtaining client
The one public key simultaneously corresponding registration information for storing first public key and the client, wherein first public key be stored in
First private key pair of the client;
Sending module 204, the second public affairs for generating the WEB server previously according to the rivest, shamir, adelman
Key is sent to the client and is stored, wherein second public key be stored in the second private key of the WEB server at
It is right.
User's registration interface is additionally provided in client, the user's registration interface is inputted equipped with user's registration account
Column, log-in password input field, short message verification code input field and acquisition verifying code key.User completes in client and submits registration
Afterwards, WEB server will check short message verification code, if short message verification code correctly if add in the client list of WEB server
The registration information of client.After client succeeds in registration, register account number is subsequent login account, and log-in password is subsequent
Login password.
User generates a pair of first public key and the first private key in the client previously according to rivest, shamir, adelman, simultaneously
First public key is sent to the WEB server to store.The WEB server is previously according to the asymmetric encryption
Algorithm generates a pair of second public key and the second private key, while second public key is sent to the client and is stored.WEB
When server receives the registration request of client, by the corresponding registration information of the registration request of client and first public key
Carry out corresponding storage.
During client registers, two public keys and private key pair, one pair of them are generated according to rivest, shamir, adelman
Public key and private key are stored in client, and another pair public key and private key are stored in WEB server.After client registers success, WEB
Server stores the first public key of the registration information of client and the client of the corresponding registration information.
Due to a pair of of the public-key cryptography (public key) and private cipher key (private key) for using rivest, shamir, adelman to generate, public affairs are used
It opens data key to be encrypted, could only be decrypted with corresponding private cipher key;If added with private cipher key pair data
It is close, it could only be decrypted with corresponding public-key cryptography.Thus the first public key is issued WEB server in registration by client, WEB
Server can only eliminate client needs using the first public key decryptions of client by the information after the private key encryption of client
To the needs of WEB server exchange key, thus confidentiality is more preferable, and then can effectively guarantee the peace in message transmitting procedure
Entirely.
Preferably, the login account, login password and short message verification code of the client are carried in the logging request,
Wherein, the login account and the login password are to carry out first time encryption by first private key by the client
The first CIPHERING REQUEST obtained afterwards;First CIPHERING REQUEST and the short message verification code be pass through by the client it is described
Second public key carries out the second CIPHERING REQUEST obtained after encrypting second.
It is stepped on using first private key of the client by what is carried in the HTTP request or the HTTPS request
Account, login password progress first time encryption are recorded, the first CIPHERING REQUEST is obtained;It is public using described the second of the WEB server
The short message verification code of first CIPHERING REQUEST and the corresponding login account is carried out second and encrypted by key, obtains the second encryption
Request;Second CIPHERING REQUEST is sent to the WEB server finally by the client.Due to using client
First private key carries out first time encryption, and the second public key for reusing WEB server carries out second and encrypts, and can not only exclude it
A possibility that his client spurious information, moreover it is possible to which the WEB server for ensuring that only client request logs in can solve confidential information, and see
To the information of unencryption, even if other third party's WEB servers or application are truncated to after the logging request of client transmission,
Also simultaneously altered data can not be decrypted.
Preferably, when the logging request for receiving client, whether the identity of the client according to public key verifications
Effectively include:
Judge whether that second private key for being able to use the WEB server solves second CIPHERING REQUEST
It is close;
If can use second private key of the WEB server that second CIPHERING REQUEST is decrypted, obtain
First decoding request;
The client of the corresponding short message verification code and right is obtained according to the short message verification code in first decoding request
Answer first public key of the client;
Judge whether that first decoding request is decrypted in first public key for being able to use the client;
If can use first public key of the client that first decoding request is decrypted, second is obtained
Decoding request;
According in second decoding request the login account and the login password authentication described in client body
Whether part is effective.
Carry out first time decryption by the second private key of WEB server, it is ensured that logging request be sent by client, then
Second is carried out using the first public key of client to decrypt, and further confirms that whether the identity of client is effective.Otherwise, can not make
Second is carried out with the first public key of client to decrypt.
Further, described in the login account according in second decoding request and the login password authentication
Whether the identity of client is effective further include:
Whether just the login account in second decoding request and the record password are verified according to regular expressions
Really;
If it is determined that the login account and the login password are filled according to regulation format, then the client is confirmed
Identity is effective;
If it is determined that the login account and the login password are filled in not in accordance with prescribed form, then the client is confirmed
Hold identity invalid.
If it is determined that the login password of the login account and the corresponding login account is filled according to regulation format, then
It can be with the message that the login and return at customer in response end login successfully to the client;If it is determined that the login account and right
It answers the login password of the login account to fill in not in accordance with prescribed form, then can be not responding to the login of client and return is stepped on
Failure news is recorded to the client.
The regular expression is the prior art, is repeated no more herein.
The prescribed form is pre-set format, for example, the format of client name is such as initial caps, and is
The combination etc. of letter and numbers and symbols.
Detection module 205, for detecting whether the client has submission when the identity for determining the client is effective
Transaction request.
In the present embodiment, when WEB server determines that client identity is effective, client can succeed login system, and root
It trades according to the service that system provides.Client submits transaction to ask when being traded, through client to WEB server
It asks.
The transaction request may include: that the transaction code of requests transaction, the turnover of the corresponding transaction code and transaction are bright
Carefully.The transaction code refers to the type of the service of offer, the corresponding different transaction code of different services, for example, providing charge filling clothes
The transaction code of business is 1, and the transaction code for providing transfer services is 2, and the transaction code for providing purchase daily necessities service is 3, is mentioned
Transaction code for buying the service of household household electrical appliances is 4.
The acquisition module 203 is also used to when detecting that the client has submission transaction request, according to default access
The corresponding verification permission of transaction request described in Rule.
WEB server can preset the rules of competence, allow to through different verification permissions to different transaction
Request, which carries out verification, ensures the safety verification of transaction request.
In the present embodiment, the default access rule are as follows: transaction request is preset according to the transaction code in transaction request
With the corresponding relationship between verification permission, comprising: preset the first transaction code list and the second transaction code list, the transaction
Corresponding first verification permission when transaction code in request is the transaction code in the first transaction code list, in the transaction request
Transaction code corresponding second verification permission when being the transaction code in the second transaction code list.
Illustratively, the transaction code in the first transaction code list can be 1 and 3, the transaction code in the second transaction code list
It can be 2 and 4, then when receiving transaction request, obtaining the transaction code in transaction request is 2, thus the corresponding transaction code 2
The corresponding first verification permission of transaction request.
The two selects one, the default access rule are as follows: preset transaction according to the turnover in transaction request and ask
Seek and verify the corresponding relationship between permission, comprising: preset when turnover in transaction request is lower than default turnover pair
The first verification permission is answered, the turnover in transaction request is greater than or equal to corresponding second verification permission when the default turnover.
Illustratively, the default turnover is 1000, if obtaining the friendship in transaction request when receiving transaction request
When easy volume is 800, thus the corresponding first verification permission of transaction request of the corresponding turnover 800;If when receiving transaction request
When, when the turnover for obtaining in transaction request is 1200, thus corresponding second verification of transaction request of the corresponding turnover 1200
Permission.
In the present embodiment, the corresponding first verification permission of the first transaction request, the corresponding first verification personnel of the first verification permission,
The corresponding second verification permission of second transaction request, the corresponding second verification personnel of the second verification permission.First, which verifies permission, to be
Low verification permission, the second verification permission can test permission for colleges and universities, i.e., the verification permission of the first verification personnel is lower, the second verification
The verification permission of personnel is higher.The low corresponding transaction request of permission that verifies need to be weighed by the verification of the first verification personnel, height verification
Limiting corresponding transaction request need to be by the verification of the second verification personnel.
In some embodiments, the first verification permission can be the transaction code and transaction read in the transaction request
Volume is submitted or retracts the transaction request etc..Second verification permission can be reading, modification, edit in the transaction request
Transaction code and turnover, submit or retract the transaction request etc..
The authentication module 201, being also used to work as the corresponding verification permission of the determining transaction request is the first verification permission
When, the transaction request is sent to the first verification personnel and is verified;When determining the corresponding verification permission of the transaction request
When verifying permission for second, the transaction request is sent to the second verification personnel and is verified.
According to default access Rule to the corresponding verification permission of the transaction request be low verification permission when, will trade
The verification personnel that request is sent to corresponding low verification permission verify.According to default access Rule to the transaction request
When corresponding verification permission is high verification permission, the verification personnel that transaction request is sent to corresponding high verification permission are subjected to school
It tests.
In other embodiments, when determining the corresponding verification permission of the transaction request is the first verification permission, by institute
It states transaction request and is sent to the first verification personnel and verify;And works as and determine that the corresponding verification permission of the transaction request is second
When verifying permission, the transaction request is first sent to the first verification personnel and verifies and then be sent to the second verification people
Member is verified.By verifying the verification of personnel twice, the safety of the transaction request of corresponding second verification permission more can ensure that.
Verification permission is judged according to transaction request, when the verification permission of transaction request is low, by the verification of low verification permission
Personnel verify, and when the verification permission of transaction request is high, is verified, can be directed to by the verification personnel of high verification permission
Transaction request carries out different authorization checks, so as not to all transaction requests by same parity personnel verify, checking time compared with
It is long, to extend the waiting time of the client of client.
Transaction modules 206, for receiving the first verification personnel or the second verification personnel to the transaction
After the confirmation of request, corresponding transaction is completed according to the transaction request.
In the present embodiment, when the verification permission of transaction request is low, verified simultaneously by the verification personnel of low verification permission
Confirm it is errorless after, complete the transaction request of client.When the verification permission of transaction request is high, by high verification permission
Verification personnel verify and confirm it is errorless after, complete transaction corresponding to the transaction request of client.
In conclusion the safety certification device based on WEB project described in the embodiment of the present invention, receives stepping on for client
When record request, whether the identity of the client according to public key verifications is effective;When the identity for determining the client is effective, inspection
Survey whether the client has submission transaction request;When detecting that the client has submission transaction request, according to default power
Limit the corresponding verification permission of transaction request described in Rule;When determine the corresponding verification permission of the transaction request be the first school
When testing permission, the transaction request is sent to the first verification personnel and is verified;When determining the corresponding school of the transaction request
Test permission be second verification permission when, the transaction request is sent to the second verification personnel and is verified;It is described receiving
After first verifies personnel or the second verification personnel to the confirmation of the transaction request, completed according to the transaction request corresponding
Transaction.By the public key of both sides can decrypt twice to confirm that client is to request when client request is logged in
Whether the identity of WEB server and further verifying client is effective;In client request transaction, can be asked according to transaction
It asks, by the verification of different rights, is traded just now according to transaction request after completing verification confirmation by verification personnel.To make
Client by logging on to the safety certification of each link of transaction, ensure that the safety of client, also improve WEB clothes
The safety for device system of being engaged in itself.
The above-mentioned integrated unit realized in the form of software function module, can store and computer-readable deposit at one
In storage media.Above-mentioned software function module is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, double screen equipment or the network equipment etc.) or processor (processor) execute the present invention
The part of a embodiment the method.
Embodiment three
Fig. 3 is the schematic diagram for the electronic equipment that the embodiment of the present invention three provides.
The electronic equipment 3 includes: memory 31, at least one processor 32, is stored in the memory 31 and can
The computer program 33 and at least one communication bus 34 run at least one described processor 32.
At least one described processor 32 realizes the step in above method embodiment when executing the computer program 33.
Illustratively, the computer program 33 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 31, and are executed by least one described processor 32, to complete the present invention
Step in above method embodiment.One or more of module/units, which can be, can complete a series of of specific function
Computer program instructions section, the instruction segment is for describing implementation procedure of the computer program 33 in the electronic equipment 3.
The electronic equipment 3 can be the calculating such as desktop PC, notebook, palm PC and cloud WEB server
Equipment.It will be understood by those skilled in the art that the signal is only the example of electronic equipment 3, do not constitute to electronic equipment 3
Restriction, may include perhaps combining certain components or different components, such as institute than illustrating more or fewer components
Stating electronic equipment 3 can also include input-output equipment, network access equipment, bus etc..
At least one described processor 32 can be central processing unit (Central Processing Unit, CPU),
It can also be other general processors, digital signal processor (Digital Signal Processor, DSP), dedicated integrated
Circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..The processor 32 can be microprocessor or the processor 32 is also possible to any conventional processor
Deng the processor 32 is the control centre of the electronic equipment 3, utilizes various interfaces and the entire electronic equipment 3 of connection
Various pieces.
The memory 31 can be used for storing the computer program 33 and/or module/unit, and the processor 32 passes through
Operation executes the computer program and/or module/unit being stored in the memory 31, and calls and be stored in memory
Data in 31 realize the various functions of the electronic equipment 3.The memory 31 can mainly include storing program area and storage
Data field, wherein storing program area can application program needed for storage program area, at least one function (for example sound plays
Function, image player function etc.) etc.;Storage data area, which can be stored, uses created data (such as sound according to electronic equipment 3
Frequency evidence, phone directory etc.) etc..In addition, memory 31 may include high-speed random access memory, it can also include non-volatile
Memory, such as hard disk, memory, plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital
(Secure Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other
Volatile solid-state part.
If the integrated module/unit of the electronic equipment 3 is realized in the form of SFU software functional unit and as independent
Product when selling or using, can store in a computer readable storage medium.Based on this understanding, the present invention is real
All or part of the process in existing above-described embodiment method, can also instruct relevant hardware come complete by computer program
At the computer program can be stored in a computer readable storage medium, which is being executed by processor
When, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the computer program includes computer program code, described
Computer program code can be source code form, object identification code form, executable file or certain intermediate forms etc..The meter
Calculation machine readable medium may include: can carry the computer program code any entity or device, recording medium, USB flash disk,
Mobile hard disk, magnetic disk, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory
Device (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It needs to illustrate
It is that the content that the computer-readable medium includes can be fitted according to the requirement made laws in jurisdiction with patent practice
When increase and decrease, such as in certain jurisdictions, according to legislation and patent practice, computer-readable medium does not include electric carrier wave letter
Number and telecommunication signal.
In several embodiments provided by the present invention, it should be understood that disclosed electronic equipment and method, Ke Yitong
Other modes are crossed to realize.For example, electronic equipment embodiment described above is only schematical, for example, the unit
Division, only a kind of logical function partition, there may be another division manner in actual implementation.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in same treatment unit
It is that each unit physically exists alone, can also be integrated in same unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds software function module.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie
In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power
Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims
Variation is included in the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.This
Outside, it is clear that one word of " comprising " is not excluded for other units or, odd number is not excluded for plural number.The multiple units stated in system claims
Or device can also be implemented through software or hardware by a unit or device.The first, the second equal words are used to indicate name
Claim, and does not indicate any particular order.
Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference
Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention
Technical solution is modified or equivalent replacement, without departing from the spirit of the technical scheme of the invention range.
Claims (10)
1. a kind of safety certifying method based on WEB project is applied to WEB server, which is characterized in that the described method includes:
When receiving the logging request of client, whether the identity of the client according to public key verifications is effective;
When the identity for determining the client is effective, detect whether the client has submission transaction request;
It is corresponding according to transaction request described in default access Rule when detecting that the client has submission transaction request
Verify permission;
When determining the corresponding verification permission of the transaction request is the first verification permission, the transaction request is sent to first
Verification personnel verify;
When determining the corresponding verification permission of the transaction request is the second verification permission, the transaction request is sent to second
Verification personnel verify;
After receiving the first verification personnel or the second verification personnel to the confirmation of the transaction request, according to described
Transaction request completes corresponding transaction.
2. the method as described in claim 1, which is characterized in that it is described receive the logging request of client before, it is described
Method further include:
Receive the registration request of client;
Obtain the first public key that client is generated previously according to rivest, shamir, adelman in the client and it is corresponding store described in
The registration information of first public key and the client, wherein first public key and the first private key for being stored in the client
In pairs;
By the WEB server previously according to the second public key that the rivest, shamir, adelman generates be sent to the client into
Row storage, wherein second public key and the second private key pair for being stored in the WEB server.
3. method according to claim 2, which is characterized in that carry the login account of the client in the logging request
Number, login password and short message verification code, wherein the login account and the login password are to pass through institute by the client
It states the first private key and carries out the first CIPHERING REQUEST obtained after first time encryption;First CIPHERING REQUEST and the short message verification code
It is the second CIPHERING REQUEST obtained after the client carries out second encrypting by second public key.
4. method as claimed in claim 3, which is characterized in that when the logging request for receiving client, according to public key
Verify the client identity whether effectively include:
Judge whether that second CIPHERING REQUEST is decrypted in second private key for being able to use the WEB server;
If can use second private key of the WEB server that second CIPHERING REQUEST is decrypted, first is obtained
Decoding request;
The client of the corresponding short message verification code is obtained according to the short message verification code in first decoding request and corresponds to institute
State first public key of client;
Judge whether that first decoding request is decrypted in first public key for being able to use the client;
If can use first public key of the client that first decoding request is decrypted, the second decryption is obtained
Request;
According in second decoding request the login account and the login password authentication described in the identity of client be
It is no effective.
5. method as claimed in claim 4, which is characterized in that the login account according in second decoding request
Number and the login password authentication described in client identity it is whether effective further include:
The login account in second decoding request is verified according to regular expressions and whether the record password is correct;
If it is determined that the login account and the login password are filled according to regulation format, then the client identity is confirmed
Effectively;
If it is determined that the login account and the login password are filled in not in accordance with prescribed form, then the client body is confirmed
Part is invalid.
6. the method as described in claim 1, which is characterized in that the default access rule includes:
Transaction request is preset according to the transaction code in transaction request and verifies the corresponding relationship between permission, comprising: in advance
First transaction code list and the second transaction code list are set, and the transaction code in the transaction request is the first transaction code list
In transaction code when corresponding first verification permission, the transaction code in the transaction request is the friendship in the second transaction code list
Corresponding second verification permission when easy code;
Transaction request is preset according to the turnover in transaction request and verifies the corresponding relationship between permission, comprising: in advance
The turnover being arranged in transaction request is lower than corresponding first verification permission when default turnover, and the turnover in transaction request is higher than
Or it is equal to corresponding second verification permission when the default turnover.
7. the method as described in claim 1, which is characterized in that described to determine that the corresponding verification permission of the transaction request is
Second verification permission when, by the transaction request be sent to the second verification personnel carry out verification include:
The transaction request is first sent to the first verification personnel and verifies and then be sent to the second verification people
Member is verified.
8. a kind of safety certification device based on WEB project, which is characterized in that the system comprises:
Authentication module, when for receiving the logging request of client, whether the identity of the client according to public key verifications has
Effect;
Whether detection module detects the client when identity for determining the client in the authentication module is effective
There is submission transaction request;
Obtain module, for when the detection module detect the client have submit transaction request when, according to default access
The corresponding verification permission of transaction request described in Rule;
The authentication module is also used to when determining the corresponding verification permission of the transaction request is the first verification permission, by institute
It states transaction request and is sent to the first verification personnel and verify;And works as and determine that the corresponding verification permission of the transaction request is second
When verifying permission, the transaction request is sent to the second verification personnel and is verified;
Transaction modules, for receiving the first verification personnel or the second verification personnel to the transaction request really
After recognizing, corresponding transaction is completed according to the transaction request.
9. a kind of electronic equipment, which is characterized in that the electronic equipment includes processor and memory, and the processor is for holding
It is realized when the computer program stored in the row memory as claimed in any of claims 1 to 7 in one of claims based on WEB project
Safety certifying method.
10. a kind of computer readable storage medium, computer program, feature are stored on the computer readable storage medium
It is, is realized when the computer program is executed by processor and be based on WEB as claimed in any of claims 1 to 7 in one of claims
Purpose safety certifying method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811537709.XA CN109815659A (en) | 2018-12-15 | 2018-12-15 | WEB project-based security authentication method, device, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811537709.XA CN109815659A (en) | 2018-12-15 | 2018-12-15 | WEB project-based security authentication method, device, electronic device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109815659A true CN109815659A (en) | 2019-05-28 |
Family
ID=66601729
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811537709.XA Pending CN109815659A (en) | 2018-12-15 | 2018-12-15 | WEB project-based security authentication method, device, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109815659A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110445768A (en) * | 2019-07-18 | 2019-11-12 | 阿里巴巴集团控股有限公司 | A kind of login method, device and electronic equipment |
| CN110753044A (en) * | 2019-10-12 | 2020-02-04 | 山东英信计算机技术有限公司 | An identity authentication method, system, electronic device and storage medium |
| CN111159000A (en) * | 2019-12-30 | 2020-05-15 | 北京明朝万达科技股份有限公司 | Server performance test method, device, equipment and storage medium |
| CN115578189A (en) * | 2022-12-09 | 2023-01-06 | 豆沙包科技(深圳)有限公司 | Cross-border e-commerce double-lock data encryption method, system, equipment and storage medium |
| CN115879429A (en) * | 2023-02-01 | 2023-03-31 | 天津联想协同科技有限公司 | Spreadsheet verification method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104580264A (en) * | 2015-02-13 | 2015-04-29 | 人民网股份有限公司 | Login method, registration method and login device as well as login and refrigeration system |
| CN105809446A (en) * | 2016-03-22 | 2016-07-27 | 上海斐讯数据通信技术有限公司 | Safety payment method and system |
| US20170041312A1 (en) * | 2015-08-07 | 2017-02-09 | Alibaba Group Holding Limited | Transaction processing method and client based on trusted execution environment |
| KR101816652B1 (en) * | 2017-02-14 | 2018-01-09 | 주식회사 코인플러그 | Method for providing login flow via authentication based on public key infrastructure in response to user’s login request for using service provided by service provider server in use of merkle tree structure on the basis of unspent transaction output protocol and server using the same |
| CN107944853A (en) * | 2016-10-12 | 2018-04-20 | 阿里巴巴集团控股有限公司 | Method of payment, IoT equipment, IoT server-sides and the intelligent terminal of IoT equipment |
-
2018
- 2018-12-15 CN CN201811537709.XA patent/CN109815659A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104580264A (en) * | 2015-02-13 | 2015-04-29 | 人民网股份有限公司 | Login method, registration method and login device as well as login and refrigeration system |
| US20170041312A1 (en) * | 2015-08-07 | 2017-02-09 | Alibaba Group Holding Limited | Transaction processing method and client based on trusted execution environment |
| CN105809446A (en) * | 2016-03-22 | 2016-07-27 | 上海斐讯数据通信技术有限公司 | Safety payment method and system |
| CN107944853A (en) * | 2016-10-12 | 2018-04-20 | 阿里巴巴集团控股有限公司 | Method of payment, IoT equipment, IoT server-sides and the intelligent terminal of IoT equipment |
| KR101816652B1 (en) * | 2017-02-14 | 2018-01-09 | 주식회사 코인플러그 | Method for providing login flow via authentication based on public key infrastructure in response to user’s login request for using service provided by service provider server in use of merkle tree structure on the basis of unspent transaction output protocol and server using the same |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110445768A (en) * | 2019-07-18 | 2019-11-12 | 阿里巴巴集团控股有限公司 | A kind of login method, device and electronic equipment |
| CN110445768B (en) * | 2019-07-18 | 2021-11-09 | 创新先进技术有限公司 | Login method and device and electronic equipment |
| CN110753044A (en) * | 2019-10-12 | 2020-02-04 | 山东英信计算机技术有限公司 | An identity authentication method, system, electronic device and storage medium |
| CN111159000A (en) * | 2019-12-30 | 2020-05-15 | 北京明朝万达科技股份有限公司 | Server performance test method, device, equipment and storage medium |
| CN115578189A (en) * | 2022-12-09 | 2023-01-06 | 豆沙包科技(深圳)有限公司 | Cross-border e-commerce double-lock data encryption method, system, equipment and storage medium |
| CN115879429A (en) * | 2023-02-01 | 2023-03-31 | 天津联想协同科技有限公司 | Spreadsheet verification method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12021992B2 (en) | System and method for authenticating user identity | |
| US9838205B2 (en) | Network authentication method for secure electronic transactions | |
| CN106850699B (en) | A kind of mobile terminal login authentication method and system | |
| US9231925B1 (en) | Network authentication method for secure electronic transactions | |
| TWI497336B (en) | Data security devices and computer program | |
| CN109462472A (en) | The methods, devices and systems of data encryption and decryption | |
| CN110535648A (en) | Electronic certificate is generated and verified and key controlling method, device, system and medium | |
| CN109815659A (en) | WEB project-based security authentication method, device, electronic device and storage medium | |
| JP2018532301A (en) | User authentication method and apparatus | |
| CN110189184B (en) | Electronic invoice storage method and device | |
| CN109067539A (en) | Alliance's chain method of commerce, equipment and computer readable storage medium | |
| CN101479987A (en) | Biometric credential verification framework | |
| CN113515756B (en) | High-credibility digital identity management method and system based on block chain | |
| US20030135734A1 (en) | Secure mutual authentication system | |
| CN113706261A (en) | Block chain-based power transaction method, device and system | |
| CN109361508A (en) | Data transmission method, electronic equipment and computer readable storage medium | |
| CN112115205A (en) | Cross-chain trust method, device, equipment and medium based on digital certificate authentication | |
| MD3883204T2 (en) | System and method for secure generation, exchange and management of a user identity data using a blockchain | |
| CN115150071B (en) | Identity authentication method, device, equipment and storage medium | |
| CN109660534A (en) | Safety certifying method, device, electronic equipment and storage medium based on more trade companies | |
| CN119072898A (en) | Blockchain data processing method, platform, system, device and electronic device | |
| CN115134144A (en) | Enterprise-level business system authentication method, device and system | |
| US12316630B2 (en) | Systems and methods for identity verification and authentication | |
| CN114549206A (en) | Transaction anti-repudiation method, system, electronic equipment and readable storage medium | |
| KR20220134751A (en) | Methods and systems for managing data exchange in the context of medical examination |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190528 |