CN103023855A - Security login system based on hardware parameters of client computer - Google Patents
Security login system based on hardware parameters of client computer Download PDFInfo
- Publication number
- CN103023855A CN103023855A CN2011102786087A CN201110278608A CN103023855A CN 103023855 A CN103023855 A CN 103023855A CN 2011102786087 A CN2011102786087 A CN 2011102786087A CN 201110278608 A CN201110278608 A CN 201110278608A CN 103023855 A CN103023855 A CN 103023855A
- Authority
- CN
- China
- Prior art keywords
- user
- module
- hardware parameter
- computer
- login system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention relates to a client security login system, in particular to a security login system based on hardware parameters of a client computer, and belongs to the technical field of communication. The security login system based on the hardware parameters of the client computer is characterized in that an acquisition module acquires user information and the user computer hardware parameters and encrypts the acquired information through an encryption module; a binding module binds the encrypted information and a user authority; a capturing module captures the hardware parameters of the current computer; a decryption module decrypts the encrypted user information and the computer hardware parameters; a checking module gradually checks the decrypted hardware parameters and the hardware parameters captured by the capturing module; and an input/output (I/O) module finishes data interaction between the security login system and a service system. By the security login system based on the hardware parameters of the client computer, the problems of relatively low automatic login security and low functionability in the prior art are solved.
Description
Technical field
The present invention relates to a kind of client secure login system, especially a kind of Security Login System based on the client computer hardware parameter.The invention belongs to communication technical field.
Background technology
Along with the development of informationization technology, the increasing professional software systems that rely on are finished at present.But all service software system all need the user to input username and password when logining at every turn, can cause the use obstacle to certain customers, and the username and password assurance is the correct use of operation system and the safety of business datum, in case username and password is stolen, to cause immeasurable loss to the user, therefore need to make to guarantee safety by restriction for certain customers and partial function, therefore the mode for system login requires also just more and more higher.
The each accessing system of user all needs to input user name, password, and for the link that reduces username and password input with to part as the user's such as older problems such as Password Input obstacle, software vendor has also been released corresponding solution.Solve at present the user and login at every turn that need to input user name, password mainly be to realize by cookie, the file that is about to comprise the information such as user's username and password writes cookie, server end read the information of this cookie when the user logined at every turn, made the user finish automatic login.In addition, fail safe mainly still relies on based on network safety measure, such as: Network Isolation, network limits, hardware facility etc.
Use cookie to realize that there is following drawback in the automatic login of user.The one, most of browsers have the restriction of 4096 bytes to the size of Cookie, and this user profile that just means that cookie can preserve can be restricted.The 2nd, if the user has been forbidden the ability of browser or client device reception Cookie, cookie can't use.The fail safe of the 3rd, cookie is lower, the user can revise the cookie on its computer, this means and to cause potential risk or to cause depending on the application program failure of cookie fail safe, the automatic login of using simultaneously cookie to carry out, only can finish account, password writing function, function is used and can't be limited, and also is to use the risk of cookie further to improve.
The problem to be solved in the present invention provides the system schema of a kind of user security login, the user first during login system, and registered user name and password, the hardware parameter of system log (SYSLOG) subscriber computer, and the authority of binding this user is to this hardware parameter.When the user logined again, the hardware parameter of the subscriber computer by logging in first time record was confirmed to realize user's identity automatically login, and change the corresponding software system module over to according to user right.Even like this user's user name password loss, appropriator be user's the also function in the normally use system of computer not, thereby guaranteed the fail safe of business datum.
Summary of the invention
The object of the invention is to: the deficiency for above prior art exists provides a kind of Security Login System based on the computer hardware parameter, to overcome the low problem that reaches functional deficiency of automatic login security in the prior art.In order to reach above purpose, the present invention comprises following part:
Acquisition module--obtain user's log-on message and a series of hardware parameters of subscriber computer;
Encrypting module--the user computer hardware parameter of obtaining is encrypted;
The authority binding of binding module--the user computer hardware parameter after will encrypting and user's log-on message and user function software module;
Trapping module--catch a series of hardware parameters of the subscriber computer of the current login system of user;
Deciphering module--the user computer hardware parameter after the encryption of system database record is decrypted into series of computation machine hardware parameter;
The one by one verification of computer hardware parameter of user's secondary login system that correction verification module--series of computation machine hardware parameter after will deciphering and trapping module are caught;
The I/O module--finish the data interaction of Security Login System and operation system;
The hardware parameter of the subscriber computer after the log-on message of database--recording user and the encryption and user's authority.
The user uses step to be:
Step 1: after using the client-access system, by acquisition module, obtain user's log-on message and the hardware parameter of a series of subscriber computers.
Step 2: the user computer hardware parameter of catching is encrypted by encrypting module.
Step 3: by binding module, the user computer hardware parameter after encrypting and user's log-on message are recorded to database, and give the authority of the corresponding operating system module of user.
Step 4: during user's access system, by trapping module, catch a series of hardware parameters of subscriber computer.
Step 5: be decrypted by the user computer hardware parameter of deciphering module after with the encryption of data-base recording.
Step 6: the user computer hardware parameter of user's secondary login system being caught by correction verification module and the one by one verification of computer hardware parameter that has after the deciphering module deciphering.
So, by the present invention, the user can sign in to system automatically, and the while binds with the function in the operation system, in the situation of automatically login, has guaranteed the safety of business datum.
Embodiment
Embodiment one
Use Microsoft VisualStudio.Net developing instrument exploitation client operating software, use database management tools SqlServer2005 special-purpose on the market to set up the needed database of system, concrete mode is:
Acquisition module--obtain user's log-on message and a series of hardware parameters of subscriber computer;
Encrypting module--the user computer hardware parameter of obtaining is encrypted;
The authority binding of binding module--the user computer hardware parameter after will encrypting and user's log-on message and user function software module;
Trapping module--catch a series of hardware parameters of the computer of user's login system;
Deciphering module--the user computer hardware parameter after the encryption of system database record is decrypted into series of computation machine hardware parameter;
The one by one verification of computer hardware parameter of user's login system that correction verification module--series of computation machine hardware parameter after will deciphering and trapping module are caught;
The reading and writing of I/O module--completing user essential information, the user computer hardware parameter after encrypting and user's authority;
The hardware parameter of the subscriber computer after the log-on message of database--recording user and the encryption and user's authority mainly comprise:
User message table (users)--be used for the log-on message of recording user and the hardware parameter information of subscriber computer, comprise the computer hardware parameter behind user's the ID, user's user name, password, encryption.
User right table (droit)--be used for recording user at the operating right of software systems, comprise permission ID, user ID, authority name, rights state.
The user uses step to be:
Step 1: after using the client-access system, by acquisition module, obtain user's log-on message and the hardware parameter of a series of subscriber computers.
Step 2: the user computer hardware parameter of catching is encrypted by encrypting module.
Step 3: by binding module, the user computer hardware parameter after encrypting and user's log-on message are recorded to database, and give the authority of the corresponding operating system module of user.
Step 4: as user again during access system, by trapping module, catch a series of hardware parameters of subscriber computer.
Step 5: be decrypted by the user computer hardware parameter of deciphering module after with the encryption of data-base recording.
Step 6: the user computer hardware parameter of user's secondary login system being caught by correction verification module and the one by one verification of computer hardware parameter that has after the deciphering module deciphering.The failure of parameter verification is arranged, and then the user can't login system, only has the complete verification success just can enter system.
In addition to the implementation, the present invention can also have other execution modes.All employings are equal to the technical scheme of replacement or equivalent transformation formation, all drop on the protection range of requirement of the present invention.
Claims (2)
1. Security Login System based on the client computer hardware parameter is characterized in that: finish secure log according to the hardware parameter of subscriber computer and comprise such as lower module:
Acquisition module---obtain user's log-on message and a series of hardware parameters of subscriber computer;
Encrypting module---the user computer hardware parameter of obtaining is encrypted;
The authority binding of binding module---the user computer hardware parameter after will encrypting and user's log-on message and user function software module;
Trapping module---catch a series of hardware parameters of the subscriber computer of user's secondary login system;
Deciphering module---the user computer hardware parameter after the encryption of system database record is decrypted into series of computation machine hardware parameter;
The one by one verification of computer hardware parameter of the current login system of user that correction verification module---series of computation machine hardware parameter after will deciphering and trapping module are caught;
The I/O module---finish the data interaction of Security Login System and operation system;
The hardware parameter of the subscriber computer after the log-on message of database---recording user and the encryption and user's authority.
2. described a kind of Security Login System based on the client computer hardware parameter according to claim 1 is further characterized in that: finish secure log needs following steps according to the hardware parameter of subscriber computer:
Step 1: after using the client-access system, by acquisition module, obtain user's log-on message and the hardware parameter of a series of subscriber computers;
Step 2: the user computer hardware parameter of catching is encrypted by encrypting module;
Step 3: by binding module, the user computer hardware parameter after encrypting and user's log-on message are recorded to database, and give the authority of the corresponding operating system module of user;
Step 4: the user during access system, by trapping module, catches a series of hardware parameters of subscriber computer again;
Step 5: be decrypted by the user computer hardware parameter of deciphering module after with the encryption of data-base recording;
Step 6: the user computer hardware parameter of user's secondary login system being caught by correction verification module and the one by one verification of computer hardware parameter that has after the deciphering module deciphering.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102786087A CN103023855A (en) | 2011-09-20 | 2011-09-20 | Security login system based on hardware parameters of client computer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011102786087A CN103023855A (en) | 2011-09-20 | 2011-09-20 | Security login system based on hardware parameters of client computer |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103023855A true CN103023855A (en) | 2013-04-03 |
Family
ID=47971991
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011102786087A Pending CN103023855A (en) | 2011-09-20 | 2011-09-20 | Security login system based on hardware parameters of client computer |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103023855A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104066203A (en) * | 2014-06-20 | 2014-09-24 | 可牛网络技术(北京)有限公司 | Method and system for generating identifier of mobile device, method for remotely controlling mobile device, and communication terminal |
| CN108881130A (en) * | 2017-05-16 | 2018-11-23 | ***通信集团重庆有限公司 | The method of controlling security and device of session control information |
| CN110162941A (en) * | 2019-04-12 | 2019-08-23 | 厦门天锐科技股份有限公司 | A kind of terminal log-on message store method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388774A (en) * | 2008-10-24 | 2009-03-18 | 焦点科技股份有限公司 | Method for automatically authenticate and recognize customer identity between different customers and login |
| CN102006306A (en) * | 2010-12-08 | 2011-04-06 | 广东高新兴通信股份有限公司 | Security authentication method for WEB service |
-
2011
- 2011-09-20 CN CN2011102786087A patent/CN103023855A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388774A (en) * | 2008-10-24 | 2009-03-18 | 焦点科技股份有限公司 | Method for automatically authenticate and recognize customer identity between different customers and login |
| CN102006306A (en) * | 2010-12-08 | 2011-04-06 | 广东高新兴通信股份有限公司 | Security authentication method for WEB service |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104066203A (en) * | 2014-06-20 | 2014-09-24 | 可牛网络技术(北京)有限公司 | Method and system for generating identifier of mobile device, method for remotely controlling mobile device, and communication terminal |
| CN108881130A (en) * | 2017-05-16 | 2018-11-23 | ***通信集团重庆有限公司 | The method of controlling security and device of session control information |
| CN110162941A (en) * | 2019-04-12 | 2019-08-23 | 厦门天锐科技股份有限公司 | A kind of terminal log-on message store method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6941146B2 (en) | Data security service | |
| CN108076057B (en) | Data security system and method based on block chain | |
| KR101590076B1 (en) | Method for managing personal information | |
| CN103685282B (en) | A kind of identity identifying method based on single-sign-on | |
| US20140317681A1 (en) | Cloud forensics | |
| US9275257B2 (en) | Secure communication architecture | |
| JP6678457B2 (en) | Data security services | |
| CN103095847B (en) | Cloud storage safety-ensuring method and system thereof | |
| US9009469B2 (en) | Systems and methods for securing data in a cloud computing environment using in-memory techniques and secret key encryption | |
| CN106575342A (en) | Kernel program including relational data base, and method and device for executing said program | |
| CN103248618A (en) | Secure file transmission system and method based on Linux adopting OpenSSL | |
| CN106161710B (en) | A kind of user account safety management system based on smart phone | |
| CN106533693B (en) | Access method and device of railway vehicle monitoring and overhauling system | |
| KR101670496B1 (en) | Data management method, Computer program for the same, Recording medium storing computer program for the same, and User Client for the same | |
| CN103971059A (en) | Cookie local storage and usage method | |
| CN102821110B (en) | A kind of password method for retrieving for audio/video storage device | |
| WO2017137481A1 (en) | A removable security device and a method to prevent unauthorized exploitation and control access to files | |
| CN103023855A (en) | Security login system based on hardware parameters of client computer | |
| CN101408955A (en) | Method and system determining obligation base on tactic | |
| JP5678150B2 (en) | User terminal, key management system, and program | |
| Lakhe | Practical Hadoop Security | |
| CN110263008A (en) | Terminal offline logs management system, method, equipment and storage medium | |
| CN115643573A (en) | Privileged account authentication method and system based on dynamic security environment | |
| Rath et al. | Design and application of a secure and flexible server-based mobile eID and e-signature solution | |
| Vanitha et al. | Data sharing: Efficient distributed accountability in cloud using third party auditor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130403 |