CN101047504B - Network log-in authorization method and authorization system - Google Patents
Network log-in authorization method and authorization system Download PDFInfo
- Publication number
- CN101047504B CN101047504B CN2006100674616A CN200610067461A CN101047504B CN 101047504 B CN101047504 B CN 101047504B CN 2006100674616 A CN2006100674616 A CN 2006100674616A CN 200610067461 A CN200610067461 A CN 200610067461A CN 101047504 B CN101047504 B CN 101047504B
- Authority
- CN
- China
- Prior art keywords
- terminal device
- client terminal
- module
- authentication
- website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Computer And Data Communications (AREA)
Abstract
A authentication method of network login includes issuing login request to network station (NS) by client device to obtain NS identification information returned back from NS, providing user account number and cipher as well as NS identification information to AGS for carrying out right-certification, generating service note for logging in NS and conversation cipher key by AGS according unique enciphering key appointed with NS, using said service note and said conversation cipher key to log in NS by client end. The authentication system used for realizing said method is also disclosed.
Description
Technical field
The present invention relates to communication system, relate in particular to a kind of website log authentication method and corresponding authentication and bill issue server (Authority And Grant Service, AGS) and Verification System.
Background technology
In the prior art, Microsoft provides a kind of website of realizing not have the Passport authentication system of password login, the user can be implemented in the no password login on all Passport of Microsoft network (MicrosoftPassport Network) websites by login Passport.com.
Authentication principles is: and the Passport SDK of ISP website installation Microsoft (Software Development Kit, SDK); During user capture ISP website, be redirected to passport.com automatically and authenticate; Browser is being preserved an effective cookie in browser process, in the finite time under the passport.com domain name, so as to realize follow-up website exempt from the password login.
The identifying procedure of Passport authentication system comprises as shown in Figure 1:
1, the user starts the terminal browser to ISP website transmission access request;
2, the ISP website is returned redirect instruction by http protocol to user terminal, and indicating user terminal is redirected to the passport logon server;
3, user terminal is initiated authentication request to the passport logon server;
4, the authentication of passport logon server is by the response of rear line terminal return authentication;
5, user terminal is initiated access request to the ISP website once more;
6, the ISP website provides the service of user terminal requests, issues accessed content to user terminal.
The Passport authentication system of above-mentioned Microsoft has following shortcoming:
(1) need the ISP that the Passport SDK of Microsoft is installed, the employed platform of restriction ISP is necessary for microsoft operation system.
(2) identification of user identity relies on the Cooke preservation mechanism of browser, usually for for the purpose of the fail safe, the effective time of the Cookie of Passport is just in the life cycle of this browser (IE) process, after browser cuts out, Cookie will lose, when the user uses browser access ISP website once more, need login authentication again.
(3) fail safe of User Identity (Cookie) is guaranteed by browser, therefore exist to mismatch and put browser, and perhaps because the BUG of browser itself, the danger that causes Cookie to be leaked.
In the prior art, also have a kind of kerberos authentication system, its identifying procedure schematic diagram comprises as shown in Figure 2:
1, user's terminal is earlier to licence that enters the server of issuing licence of an authentication server request;
2, authentication server is authorized a licence that can enter the server of issuing licence to user's terminal;
3, user's terminal is to other the service licence of server requirement of issuing licence;
4, the server of issuing licence is authorized the service licence of requirement;
5, user's terminal uses the service licence that obtains to require service to the main frame that service is provided.
In the kerberos authentication system, because authentication server separates with the server of issuing licence, and user's terminal and authentication server, issuing licence not have between the server is connected lastingly, so the timestamp (TimeStamp) that relies on fully the effective time of all service licences in the service licence makes a decision, if TimeStamp is expired, then the user needs to obtain a new licence to authentication server again, repeats above-mentioned flow process.Therefore, the kerberos authentication process is complicated, when the TimeStamp in the service licence is expired, needs user's terminal to be connected with authentication server, the server of issuing licence once more, might cause puzzlement to user's use because connection failure causes communication disruption.
Summary of the invention
The invention provides a kind of website log authentication method, in order to solve complicated, the not high problem of fail safe of website log authentication that exists in the prior art.
According to method provided by the invention, the present invention provide in addition corresponding client terminal device, authentication and bill issue server (Authority And Grant Service, AGS) and Verification System.
The inventive method comprises the following steps:
A, client terminal device are initiated logging request to the website, obtain the website logo information of returning the website, and login authentication and bill issue server AGS submit to described AGS with user account number, password and described website logo information and carry out authentication;
After B, authentication were passed through, described AGS adopted the unique-encryption key of arranging with this website according to described website logo information, for described client terminal device generates the service ticket of logining this website and the on-line session record that comprises session key; And the described service ticket that will generate and session key send to described client terminal device;
C, described client terminal device use described service ticket to login described website; And described session key is kept at this locality, the cycle uses described session key and described AGS to carry out authentication communication, upgrade and described AGS between on-line session.
In the described steps A, after client terminal device obtains website logo information, further judge whether to have signed in among the described AGS, if described step B is carried out in not login; Otherwise execution the following step:
Described session key, user account number and described website logo information that a, described client terminal device are preserved this locality are submitted to described AGS and are carried out authentication;
B, after authentication is passed through, adopt unique-encryption key with this website agreement according to described website logo information, for described client terminal device generates the service ticket of this website of login, send to described client terminal device;
C, described client terminal device use described service ticket to login described website.
According to said method of the present invention, described step a comprises:
Described AGS is according to the local on-line session tabulation of preserving of described session key inquiry;
If the corresponding record that exists client terminal device address, user account number and session key to be complementary in described on-line session tabulation judges then to have corresponding legal on-line session record that authentication is passed through.
Described service ticket is the encryption key that adopts described AGS and the corresponding website agreement result after to user account number, client terminal device address and timestamp and the encryption of bill parameter effective period;
Among described step C or the step c, described client terminal device sends to described website with user account number and described service ticket; Described website uses the encryption key of described agreement that described service ticket is decrypted; When the timestamp in the service ticket adds that bill effective period is greater than the current time, judge that this service ticket is effective, allow described client terminal device login.
When described bill arrived effective period, described website notified described client terminal device service ticket to lose efficacy;
Described client terminal device uses local described session key and the described AGS that preserves to authenticate, and obtains service ticket once more, sends to described website and logins once more.
According to said method of the present invention, if described client terminal device does not use described session key and described AGS to carry out authentication communication in setting duration, the on-line session of setting up between then described AGS removing and this client terminal device, and the corresponding on-line session record of the local storage of deletion.
A kind of authentication and bill issue server AGS, comprising: server com-munication module, authentication module, certification module and active session are kept module;
Described server com-munication module is used for communicating by letter with client terminal device; Receive the authentication request of client terminal device, send to described authentication module, the website logo information that obtains when carrying described client Website login in the described authentication request at least;
Described authentication module carries out the authentication of user identity, and authentication by after session key and/or user request is transmitted to certification module;
Described certification module adopts the unique-encryption key of arranging with this website according to described website logo information, for described client terminal device generates the service ticket of logining this website, and send described service ticket to client terminal device by described server com-munication module;
Described active session is kept module and is connected with described authentication module; Receive the cycle authentication request of carrying session key that client terminal device is initiated, the on-line session between renewal and the client terminal device.
A kind of Verification System comprises client terminal device and authentication and bill issue server AGS, and described AGS comprises: server com-munication module, authentication module, certification module and active session are kept module;
Described server com-munication module is used for communicating by letter with client terminal device; Receive the authentication request of client terminal device, send to described authentication module, the website logo information that obtains when carrying described client Website login in the described authentication request at least;
Described authentication module carries out the authentication of user identity, and authentication by after session key and/or user request is transmitted to certification module;
Described certification module adopts the unique-encryption key of arranging with this website according to described website logo information, for described client terminal device generates the service ticket of logining this website, and send described service ticket to client terminal device by described server com-munication module;
Described active session is kept module and is connected with described authentication module; Receive the cycle authentication request of carrying session key that client terminal device is initiated, the on-line session between renewal and the client terminal device.
Beneficial effect of the present invention is as follows:
(1) adopt the present invention, regularly communicate by letter between client terminal device and the AGS, keep an active session, so AGS can accurately know user's activity time, avoid user identity to be emitted, improve authentication security by puppet.
(2) in the inventive method, client terminal device only need be logined AGS one time, can obtain the login service bill ticket (s) of a plurality of websites, has reduced the complexity of verification process.
Description of drawings
Fig. 1 is the Passport authentication system verification process schematic diagram of Microsoft in the prior art;
Fig. 2 is a kerberos authentication system certification process schematic diagram in the prior art;
Fig. 3 is the inventive method verification process schematic diagram;
Fig. 4 is a client terminal device structural representation of the present invention;
Fig. 5 authenticates for the present invention and bill issue server AGS structural representation;
The flow chart of Fig. 6 for adopting system of the present invention to authenticate.
Embodiment
The present invention adopts an authentication and bill issue server AGS to realize the website log authentication.The concrete process of argumentation comprises as shown in Figure 3:
In advance user account number U and password G are stored among the AGS; And AGS and each website unique encryption key of making an appointment; As user during, carry out following login authentication process by client terminal device request Website login:
Browser in step 1, the startup client terminal device is initiated logging request to the website of request login; Insert user account number U, " key login " button that provides on the website log webpage is provided, the request Website login.
After the logging request that client terminal device initiates is received in step 2, website, return the address B of AGS server, the checking interface IP address C of website, information such as the code name of website (identification information) D to client terminal device.
The information stores that step 3, the client terminal device of initiating logging request return the website is in this locality; Client terminal device judges whether self signs in among the AGS, if do not sign in among the described AGS, then logins AGS, and the website logo information D of user account number U, password G and the request of obtaining login is submitted to described AGS.
Account number U, password G and the local user related information of storage in advance that step 4, AGS submit to according to client terminal device carry out authentication to the user; After authentication is passed through, adopt the unique-encryption key Ks that arranges with this website according to the website logo information D, be the service ticket Ticket (s) that client terminal device generates Website login;
Ticket(s)=Ks(U,Addr,TimeStamp,Life);
The implication of following formula is: Ticket (s) uses Ks U, Addr, TimeStamp, the result after parameters such as Life are encrypted; Addr is a client address, and TimeStamp is a timestamp, Life bill effective period;
And generate an on-line session record that comprises session key (Session Key); And this on-line session record stored in the on-line session tabulation; Can comprise in the on-line session record: Session Key, account number U, client address Addr, login time, enliven information such as time LastActive at last;
AGS sends to client terminal device with service ticket Ticket (s) and the session key Session Key that generates.
TimeStamp+Life>current time;
Judge that this service ticket is effective, allow the client terminal device login.
Client terminal device receives the Session Key that AGS sends, and it is kept at this locality, and the cycle uses Session Key and AGS to carry out authentication communication, the on-line session between renewal and the AGS.
In the above-mentioned verification process, if client terminal device has signed in among the AGS, then in the above-mentioned steps 3, client terminal device sends local Session Key, user account number U and website logo information D of preserving to AGS;
In the above-mentioned steps 4, AGS carries out authentication according to Session Key, user account number U to the user; Concrete grammar is:
AGS is according to the local on-line session tabulation of preserving of Session Key inquiry; If the corresponding record that exists client terminal device address Addr, user account number U and Session Key to be complementary in the on-line session tabulation judges then to have corresponding legal on-line session record that authentication is passed through; After authentication is passed through, adopt the unique-encryption key Ks that arranges with this website according to the website logo information D, for client terminal device generates the service ticket Ticket (s) that logins this website, send to client terminal device.
When client terminal device success Website login after a period of time, if service ticket Life effective period arrives, website notice client terminal device current service bill lost efficacy; Client terminal device uses local Session Key and the AGS that preserves to authenticate, and obtains service ticket once more, sends to described website, logins this website once more.
If client terminal device does not use Session Key and AGS to carry out authentication communication in setting duration, then AGS can remove and this client terminal device between the on-line session set up, and the local corresponding on-line session record of storing of deletion.
According to above-mentioned website log authentication method provided by the invention, the invention provides a kind of corresponding client end device, in client terminal device, store browser plug-in, its concrete structure schematic diagram comprises as shown in Figure 4: browser control and monitor module, parameter analysis module, Logic control module, secure data storage module and client communication module.
Mutual control relation between each module is as follows:
When the browser in starting client terminal device was initiated logging request to the website, browser control and monitor module were caught the client browser operation, obtain the relevant parameter that includes website logo information at least that the website is returned, and send to the parameter analysis module;
The parameter analysis module carries out analysis and judgement to the parameter that receives, when parameter is legal, and the enable logic control module;
Logic control module judges whether client terminal device has signed in among authentication and the bill issue server AGS; If client terminal device does not sign in among the AGS, then communicate by letter with described AGS by described client communication module, carry out authentication, and obtain session key Session Key that AGS generates and the service ticket Ticket (s) that allows the client terminal device Website login; Described client communication module sends to the session key that obtains in the secure data storage module and stores; And the service ticket that obtains sent to Logic control module, and send to browser control and monitor module by Logic control module, realize website log;
If Logic control module is judged client terminal device and has been signed in among the AGS, then from the secure data storage module, obtain the session key and the usersaccount information of storage, send to AGS by the client communication module and carry out authentication; After authentication is passed through, generate the service ticket that allows the client terminal device Website login, send to Logic control module, send to browser control and monitor module by Logic control module again, realize website log by the client communication module by AGS;
The client communication module cycle uses described session key and AGS to carry out authentication communication, the on-line session between renewal and the described AGS.
The present invention provides a kind of authentication and bill issue server AGS in addition, and its concrete structure schematic diagram comprises as shown in Figure 5: server com-munication module, authentication module, certification module, active session are kept module and data operation modules.
Mutual control relation between each module is as follows:
Send to described authentication module after the authentication request of server com-munication module reception client terminal device; Authentication request is the authentication request of carrying user account number and password, or carries the authentication request of user account number and session key;
After receiving the authentication request of carrying user account number and password when authentication module, log-on data operational module Query Database or other persistent storage medium, data operation modules returns Query Result information to authentication module; Inquire corresponding record if Query Result shows, then authentication is passed through, and starts active session and keeps module generation session key, sends to certification module; Certification module sends to client terminal device with session key and service ticket by server com-munication module after generating service ticket;
Receive the authentication request of carrying user account number and session key of client terminal device transmission when authentication module after, start active session and keep module, judge whether to exist corresponding legal on-line session record; Active session is kept module and is returned judged result information to authentication module; If judged result shows the on-line session record that has a correspondence, then authentication is passed through, and starts certification module, generates service ticket, sends to client terminal device by server com-munication module.
The present invention provides a kind of Verification System in addition, comprises above-mentioned client terminal device provided by the invention and authentication and bill issue server AGS.
According to above-mentioned Verification System provided by the invention, the idiographic flow that carries out website log authentication comprises as shown in Figure 6:
Step S10, client terminal device start browser and initiate the website log request;
The operation that browser control in step S11, the client terminal device and monitor module are caught client browser is obtained the relevant parameter that includes website logo information at least that the website is returned, and is sent to the parameter analysis module;
Step S12, parameter analysis module check whether parameter is legal, and the enable logic control module;
Step S13, Logic control module judge whether to login AGS; If client terminal device is not logined AGS, execution in step S14; If client terminal device has been logined AGS, execution in step S20;
Step S14, Logic control module are initiated authentication request by the client communication module to AGS, carry user account number and encrypted message, continue step S15;
After step S15, server com-munication module receive authentication request, send to authentication module, continue step S16;
Step S16, authentication module log-on data operational module Query Database, data operation modules returns Query Result information to authentication module, continues step S17;
Step S17, authentication module judge according to the Query Result that returns whether demonstration is passed through; If the demonstration failure, process ends; If demonstration is passed through, then start active session and keep module, generate and preserve session key, continue step S18;
Step S18, startup certification module generate service ticket and send to client terminal device; Continue step S19;
Step S19, client terminal device use the service ticket Website login that obtains; And the session key that obtains is kept in the secure data storage module of this locality; Client terminal device uses session key and AGS to carry out the cycle authentication communication.
Step S20, Logic control module are initiated authentication request by the client communication module to AGS, carry user account number and session key, continue step S21;
After step S21, server com-munication module receive authentication request, send to authentication module, continue step S22;
Step S22, authentication module start active session and keep module, and active session is kept module and judged whether to exist corresponding legal on-line session record; Return judged result information to authentication module, continue step S23;
Step S23, authentication module judge according to the judged result of returning whether demonstration is passed through; If the demonstration failure, process ends; If demonstration is passed through, continue step S24;
Step S24, start active session and keep module, generate and preserve session key, start certification module then, generate service ticket, send to client terminal device by server com-munication module at server end; Continue step S25;
Step S25, client terminal device use the service ticket Website login that obtains; And use session key and AGS to carry out the cycle authentication communication.
In sum, adopt the present invention,, keep an active session, so AGS can accurately know user's activity time, avoid user identity to be emitted, improve authentication security by puppet owing to regularly communicate by letter between client terminal device and the AGS.
In the methods of the invention, client terminal device only need be logined AGS one time, can obtain the login service bill ticket (s) of a plurality of websites, has reduced the complexity of verification process.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (10)
1. a website log authentication method is characterized in that, comprises the following steps:
A, client terminal device are initiated logging request to the website, obtain the website logo information of returning the website, and login authentication and bill issue server AGS submit to described AGS with user account number, password and described website logo information and carry out authentication;
After B, authentication were passed through, described AGS adopted the unique-encryption key of arranging with this website according to described website logo information, for described client terminal device generates the service ticket of logining this website and the on-line session record that comprises session key; And the described service ticket that will generate and session key send to described client terminal device;
C, described client terminal device use described service ticket to login described website; And described session key is kept at this locality, the cycle uses described session key and described AGS to carry out authentication communication, upgrade and described AGS between on-line session.
2. the method for claim 1 is characterized in that, in the described steps A, after client terminal device obtains website logo information, further judges whether to have signed in among the described AGS, if described step B is carried out in not login; Otherwise execution the following step:
Described session key, user account number and described website logo information that a, described client terminal device are preserved this locality are submitted to described AGS and are carried out authentication;
B, after authentication is passed through, adopt unique-encryption key with this website agreement according to described website logo information, for described client terminal device generates the service ticket of this website of login, send to described client terminal device;
C, described client terminal device use described service ticket to login described website.
3. method as claimed in claim 2 is characterized in that, described step a comprises:
Described AGS is according to the local on-line session tabulation of preserving of described session key inquiry;
If the corresponding record that exists client terminal device address, user account number and session key to be complementary in described on-line session tabulation judges then to have corresponding legal on-line session record that authentication is passed through.
4. method as claimed in claim 1 or 2 is characterized in that, described service ticket is the encryption key that adopts described AGS and the corresponding website agreement result after to user account number, client terminal device address and timestamp and the encryption of bill parameter effective period;
Among described step C or the step c, described client terminal device sends to described website with user account number and described service ticket; Described website uses the encryption key of described agreement that described service ticket is decrypted; When the timestamp in the service ticket adds that bill effective period is greater than the current time, judge that this service ticket is effective, allow described client terminal device login.
5. method as claimed in claim 4 is characterized in that, when described bill arrived effective period, described website notified described client terminal device service ticket to lose efficacy;
Described client terminal device uses local described session key and the described AGS that preserves to authenticate, and obtains service ticket once more, sends to described website and logins once more.
6. the method for claim 1, it is characterized in that, if described client terminal device does not use described session key and described AGS to carry out authentication communication in setting duration, the on-line session of setting up between then described AGS removing and this client terminal device, and the corresponding on-line session record of the local storage of deletion.
7. one kind authenticates and bill issue server AGS, it is characterized in that comprise: server com-munication module, authentication module, certification module and active session are kept module;
Described server com-munication module is used for communicating by letter with client terminal device; Receive the authentication request of client terminal device, send to described authentication module, the website logo information that obtains when carrying described client Website login in the described authentication request at least;
Described authentication module carries out the authentication of user identity, and authentication by after session key and/or user request is transmitted to certification module;
Described certification module adopts the unique-encryption key of arranging with this website according to described website logo information, for described client terminal device generates the service ticket of logining this website, and send described service ticket to client terminal device by described server com-munication module;
Described active session is kept module and is connected with described authentication module; Receive the cycle authentication request of carrying session key that client terminal device is initiated, the on-line session between renewal and the client terminal device.
8. server as claimed in claim 7 is characterized in that, also includes data operation modules and is connected with described authentication module;
Receive the authentication request of carrying user account number and password of client terminal device transmission when authentication module after, start described data operation modules Query Database or other persistent storage medium, and return Query Result information to described authentication module;
Receive the authentication request of carrying user account number and session key of client terminal device transmission when authentication module after, start described active session and keep module, judge whether to have corresponding legal on-line session record, and return judged result information to described authentication module.
9. a Verification System comprises client terminal device and authentication and bill issue server AGS, and it is characterized in that described AGS comprises: server com-munication module, authentication module, certification module and active session are kept module;
Described server com-munication module is used for communicating by letter with client terminal device; Receive the authentication request of client terminal device, send to described authentication module, the website logo information that obtains when carrying described client Website login in the described authentication request at least;
Described authentication module carries out the authentication of user identity, and authentication by after session key and/or user request is transmitted to certification module;
Described certification module adopts the unique-encryption key of arranging with this website according to described website logo information, for described client terminal device generates the service ticket of logining this website, and send described service ticket to client terminal device by described server com-munication module;
Described active session is kept module and is connected with described authentication module; Receive the cycle authentication request of carrying session key that client terminal device is initiated, the on-line session between renewal and the client terminal device.
10. system as claimed in claim 9 is characterized in that, described client terminal device comprises: browser control and monitor module, Logic control module, secure data storage module and client communication module;
Described browser control and monitor module are caught the client browser operation; Call browser interface, service ticket is sent to Website login;
Described Logic control module judges whether client terminal device has signed in among the described AGS;
Described secure data storage module is stored the session key of the client terminal device of user account information and AGS transmission at least;
Described client communication module is used for communicating by letter with described AGS.
Described secure data storage module is stored the session key of the client terminal device of user account information and AGS transmission at least;
Described client communication module is used for communicating by letter with described AGS.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006100674616A CN101047504B (en) | 2006-03-29 | 2006-03-29 | Network log-in authorization method and authorization system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006100674616A CN101047504B (en) | 2006-03-29 | 2006-03-29 | Network log-in authorization method and authorization system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101047504A CN101047504A (en) | 2007-10-03 |
| CN101047504B true CN101047504B (en) | 2010-06-09 |
Family
ID=38771762
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2006100674616A Active CN101047504B (en) | 2006-03-29 | 2006-03-29 | Network log-in authorization method and authorization system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101047504B (en) |
Families Citing this family (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582876A (en) * | 2008-05-12 | 2009-11-18 | 华为技术有限公司 | Method, device and system for registering user generated content (UGC) |
| CN101291333B (en) * | 2008-05-19 | 2011-10-26 | 北京深思洛克软件技术股份有限公司 | Controlling method of used node number by network software |
| CN101588352B (en) * | 2008-05-22 | 2012-08-08 | 飞天诚信科技股份有限公司 | Method and system for ensuring security of operating environment |
| US8548467B2 (en) * | 2008-09-12 | 2013-10-01 | Qualcomm Incorporated | Ticket-based configuration parameters validation |
| CN101350797B (en) * | 2008-09-17 | 2011-11-30 | 腾讯科技(深圳)有限公司 | Website logging method capable of simplifying user operation, system, client and server |
| CN101478396B (en) * | 2008-12-04 | 2011-06-15 | 黄希 | Uni-directional cross-domain identity verification based on low correlation of private cipher key and application thereof |
| CN101667912B (en) * | 2009-10-14 | 2014-02-12 | 中国电信股份有限公司 | Network information transmission method and system therefor |
| CN102741852A (en) * | 2010-02-02 | 2012-10-17 | 林晖 | Authentication architecture and method for network game |
| CN101902371A (en) * | 2010-07-26 | 2010-12-01 | 华为技术有限公司 | Security control method, signature key sending method, terminal, server and system |
| CN103001936B (en) * | 2011-09-16 | 2016-05-25 | 北京新媒传信科技有限公司 | A kind of third party's application interface authorization method and system |
| CN103209158A (en) * | 2012-01-12 | 2013-07-17 | 深圳市宇初网络技术有限公司 | Third-party verification method and system |
| CN103428159A (en) * | 2012-05-14 | 2013-12-04 | 联想(北京)有限公司 | Method for logging in to program and server |
| CN104717187B (en) * | 2013-12-16 | 2018-11-23 | ***通信集团公司 | A kind of login method and equipment |
| CN104468599A (en) * | 2014-12-18 | 2015-03-25 | 浪潮(北京)电子信息产业有限公司 | Method and system for achieving session sharing among multiple applications |
| CN106681992B (en) * | 2015-11-05 | 2020-12-01 | 北京国双科技有限公司 | Method and device for managing website login information |
| CN106790331B (en) * | 2015-11-23 | 2020-07-03 | 腾讯科技(深圳)有限公司 | Service access method, system and related device |
| CN106685911B (en) * | 2016-07-29 | 2020-12-04 | 腾讯科技(深圳)有限公司 | Data processing method, authentication server and client |
| CN111405323B (en) * | 2020-03-12 | 2021-03-05 | 北京字节跳动网络技术有限公司 | Sampling method and device for pulling message record, electronic equipment and medium |
| CN111917767B (en) * | 2020-07-29 | 2022-06-07 | 苏州浪潮智能科技有限公司 | Client request authentication method, device, equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588853A (en) * | 2004-07-13 | 2005-03-02 | 中国工商银行 | Uniform identication method and system based on network |
| CN1635738A (en) * | 2003-12-26 | 2005-07-06 | 鸿富锦精密工业(深圳)有限公司 | General authentication authorization service system and method |
| CN1642080A (en) * | 2004-01-05 | 2005-07-20 | 英业达股份有限公司 | Multi-user-type unified authenticating system and method thereof |
-
2006
- 2006-03-29 CN CN2006100674616A patent/CN101047504B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1635738A (en) * | 2003-12-26 | 2005-07-06 | 鸿富锦精密工业(深圳)有限公司 | General authentication authorization service system and method |
| CN1642080A (en) * | 2004-01-05 | 2005-07-20 | 英业达股份有限公司 | Multi-user-type unified authenticating system and method thereof |
| CN1588853A (en) * | 2004-07-13 | 2005-03-02 | 中国工商银行 | Uniform identication method and system based on network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101047504A (en) | 2007-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101047504B (en) | Network log-in authorization method and authorization system | |
| CN101051904B (en) | Method for landing by account number cipher for protecting network application sequence | |
| CN101369893B (en) | Method for local area network access authentication of casual user | |
| CN100581103C (en) | Securely processing of client credentials used for WEB-based access to resources | |
| CN103685282B (en) | A kind of identity identifying method based on single-sign-on | |
| CN105187431B (en) | Login method, server, client and the communication system of third-party application | |
| CA2620785C (en) | Method, system and apparatus for game data transmission | |
| CN102469075A (en) | Integration authentication method based on WEB single sign on | |
| WO2006025989B1 (en) | Method and apparatus for automatically re-validating multiple clients of an authentication system | |
| CN110278179B (en) | Single sign-on method, device and system and electronic equipment | |
| CN101202753A (en) | Method and device for accessing plug-in connector applied system by client terminal | |
| CN104754582A (en) | Client and method for maintaining BYOD (Bring Your Own Device) safety | |
| CN106534219A (en) | Security authentication method and device for desktop cloud portal | |
| CN109547402B (en) | Data protection method and device, electronic equipment and readable storage medium | |
| CN102025748B (en) | Method, device and system for acquiring user name of Kerberos authentication mode | |
| CN102368765A (en) | Website login authentication method | |
| CN114390524B (en) | Method and device for realizing one-key login service | |
| CN112929388B (en) | Network identity cross-device application rapid authentication method and system, and user agent device | |
| CN113872992A (en) | Method for realizing strong security authentication of remote Web access in BMC system | |
| CN106302539A (en) | A kind of embedded type WEB safety certifying method | |
| CN104270346B (en) | The methods, devices and systems of two-way authentication | |
| CN101938428B (en) | Message transmission method and equipment | |
| CN105871788B (en) | Password generation method and device for login server | |
| JP6076890B2 (en) | Authentication method, authentication system, Web server, authentication program, and recording medium | |
| KR100908242B1 (en) | Certificate transmission server and system for transmitting certificate stored in fixed terminal to mobile terminal and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160112 Address after: The South Road in Guangdong province Shenzhen city Fiyta building 518057 floor 5-10 Nanshan District high tech Zone Patentee after: Shenzhen Tencent Computer System Co., Ltd. Address before: 2, 518044, East 410 room, SEG science and Technology Park, Zhenxing Road, Shenzhen, Guangdong, Futian District Patentee before: Tencent Technology (Shenzhen) Co., Ltd. |