CN105808990A - Method and device for controlling URL access on basis of IOS system - Google Patents
Method and device for controlling URL access on basis of IOS system Download PDFInfo
- Publication number
- CN105808990A CN105808990A CN201610099951.8A CN201610099951A CN105808990A CN 105808990 A CN105808990 A CN 105808990A CN 201610099951 A CN201610099951 A CN 201610099951A CN 105808990 A CN105808990 A CN 105808990A
- Authority
- CN
- China
- Prior art keywords
- control protocol
- url
- access
- request
- web page
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method for controlling URL (Uniform Resource Locator) access on the basis of an IOS system. The method comprises the following steps of receiving a URL access control protocol; performing encrypted storage on the received URL access control protocol; receiving a request for accessing a web page; judging whether an interface corresponding to the request has the web page accessing permission or not according to the URL access control protocol; and if so, allowing the access, and receiving page data returned by the web server. The URL access control protocol is received through a user side; further, the permission control is performed according to the received URL access control protocol; the permission control is effectively simplified; and the permission control is performed at the user side, so that the stress of a server is reduced. In addition, the invention also provides a device for controlling the URL access on the basis of the IOS system.
Description
Technical field
The present invention relates to computer disposal field, particularly relate to a kind of method and apparatus controlling URL access based on IOS system.
Background technology
IOS system is to be developed to apply to the Mobile operating system of mobile phone and panel computer by American apple company, and along with developing rapidly of intelligent terminal and the Internet, network application in the work and life of people is more and more extensive.In order to ensure the safety of information, it is sometimes necessary to different people to be given different Web vector graphic authorities.But traditional based on IOS system to URL (UniformResourceLocator, URL and network address) access, URL is not carried out control of authority, each URL asked by server intercepts is judged, so, causing control of authority complex, server stress is excessive.
Summary of the invention
Based on this, in order to solve above-mentioned server stress problems of too, it is proposed that a kind of method and apparatus controlling URL access based on IOS system.
A kind of method controlling URL access based on IOS system, described method includes: receive URL access-control protocol;The described URL access-control protocol received is encrypted storage;Receive the request accessing web page;Judge according to described URL access-control protocol whether the interface of described request correspondence has the authority accessing described web page;If so, then allow to access, receive the page data that web server returns.
Wherein in an embodiment, also included before the described step receiving URL access-control protocol: obtain the log-on message of user, send the request of URL control protocol according to described log-on message to server.
Wherein in an embodiment, described the step that the described URL access-control protocol received is encrypted storage is included: adopt aes algorithm that described URL access-control protocol is encrypted.
Wherein in an embodiment, also included before the described URL of receiving access-control protocol is encrypted the step of storage: the URL access-control protocol received is carried out native protocol conversion.
Wherein in an embodiment, described judge whether interface corresponding to described request has the step of the authority accessing described web page to include according to described URL access-control protocol: obtain the domain name that described web page is corresponding, determine whether the authority of access domain name according to described URL control protocol.
A kind of device controlling URL access based on IOS system, described device includes: receiver module, is used for receiving URL access-control protocol;Memory module, for being encrypted storage by the described URL access-control protocol received;Request module, for receiving the request accessing web page;According to described URL access-control protocol, judge module, for judging whether the interface of described request correspondence has the authority accessing described web page;Allow module, if having, for the interface that described request is corresponding, the authority accessing described web page, then allow to access, receive the page data that web server returns.
Wherein in an embodiment, described device also includes: sending module, for obtaining the log-on message of user, sends the request of URL control protocol to server according to described log-on message.
Wherein in an embodiment, described encrypting module is additionally operable to adopt aes algorithm that described URL access-control protocol is encrypted.
Wherein in an embodiment, described device also includes: modular converter, and the URL access-control protocol received is carried out native protocol conversion by user.
Wherein in an embodiment, described judge module is additionally operable to obtain the domain name that described web page is corresponding, determines whether to access the authority of domain name according to described URL control protocol.
The above-mentioned method and apparatus controlling URL access based on IOS system, by receiving URL access-control protocol, the described URL access-control protocol received is encrypted storage, receive the request accessing web page, judge according to described URL access-control protocol whether the interface of described request correspondence has the authority accessing described web page, if so, then allow to access, receive the page data that web server returns.Receive URL access-control protocol by user side, and then carry out the control of authority according to this URL access-control protocol received, effectively simplify control of authority, owing to being the control carrying out authority at user side, alleviate the pressure of server.
Accompanying drawing explanation
Fig. 1 controls the URL method flow diagram accessed based on IOS system in one embodiment;
Fig. 2 controls the URL method flow diagram accessed based on IOS system in another embodiment;
Fig. 3 controls the URL method flow diagram accessed based on IOS system in further embodiment;
Fig. 4 controls the URL method sequential chart accessed based on IOS system in one embodiment;
Fig. 5 controls the URL apparatus structure block diagram accessed based on IOS system in one embodiment;
Fig. 6 controls the URL apparatus structure block diagram accessed based on IOS system in another embodiment;
Fig. 7 controls the URL apparatus structure block diagram accessed based on IOS system in further embodiment.
Detailed description of the invention
In order to make the purpose of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein is only in order to explain the present invention, is not intended to limit the present invention.
As it is shown in figure 1, in one embodiment it is proposed that a kind of control the URL method accessed based on IOS system, described method includes:
Step 102, receives URL access-control protocol.
In the present embodiment, configuring URL access-control protocol data in advance on the server, can send the request of URL access-control protocol when user side is logged in by APP from trend server, server is by URL access-control protocol data distributing to corresponding user side.Concrete, the version information of current URL access-control protocol in request server is sent when user side logs in, server returns the version information of current URL access-control protocol, user sends the request of version incremental data according to self current had version information to server, and server returns the incremental data of URL access-control protocol.Access-control protocol content includes: access mode (accessType), domain name (damain), extent of competence (isAuth), method name (method), renewal time (updateTime) etc..Concrete, access mode is divided into 0: local file accesses, 1:http protocol access, 2:https protocol access.Extent of competence is divided into 0: lack of competence, and 1: the only access rights of current interface, 2: there are the access rights of total interface.It is below partial code:
{
AccessType=1;
Domain=" www.pingan.com ";
IsAuth=1;
Method=getcurrentposition;
UpdateTime=1443496126000;
}
Step 104, is encrypted storage by the URL access-control protocol received.
Concrete, agreement is encrypted storage after receiving the URL access-control protocol that server issues by user side.When there being the request accessing web page, determine whether to access the authority of this web page according to this URL access-control protocol.Here encryption storage is equivalent to arrange control of authority, is equal to be not provided with authority if not encrypting storage.Here the encryption factor can be set to Fn (jid+sn), and wherein, Fn is expressed as the encryption factor using AES256 algorithm to obtain;Jid represents the ID of currently logged on user;Sn representative server random factor.
Step 106, receives the request accessing web page.
In the present embodiment, user side receives the request accessing web page of user's input.When user needs to access web page, input needs the content of inquiry, content map according to input, to corresponding domain name, receives the request accessing this domain name, and then determines whether to access the authority of this domain name according to the URL access-control protocol in user side encryption storage.
Step 108, judges according to URL access-control protocol whether the interface of request correspondence has the authority accessing web page.If so, step 110 is then entered, if it is not, then terminate.
Concrete, extent of competence is divided into 0: lack of competence, and 1: the only access rights of current interface, 2: there are the access rights of total interface.After receiving the request accessing web page, judge whether the interface of correspondence has the authority accessing this web page according to the URL access-control protocol stored at user side.If it has, then allow to access, receive the page data that web server returns.If the interface of correspondence does not access the authority of this web page, then terminate, access unsuccessfully.
Step 110, it is allowed to access, receives the page data that web server returns.
Concrete, if judging that corresponding interface has the authority accessing current page according to the URL access-control protocol data stored at user side APP, then allow to access this web page, receive the page data that web server returns.
In the present embodiment, by receiving URL access-control protocol, the URL access-control protocol received is encrypted storage, receive the request accessing web page, judge according to URL access-control protocol whether the interface of described request correspondence has the authority accessing described web page, if so, then allow to access, receive the page data that web server returns.Receive URL access-control protocol by user side, and then carry out the control of authority according to this URL access-control protocol received, effectively simplify control of authority, owing to being the control carrying out authority at user side, alleviate the pressure of server.
As in figure 2 it is shown, in one embodiment, also include before the step of the URL access-control protocol issued at described reception server:
Step 101, obtains the log-on message of user, sends the request of URL control protocol to server according to log-on message.
In the present embodiment, when getting the log-on message of user, send the request of URL control protocol to server according to this log-on message.Here log-on message refers to the information signing in user side APP.Concrete, send the control of authority protocol version information in request current server and version number, current version information is sent to user side by server, user side judges whether to need to update according to the version information received, if current version number is consistent with the version number of the access-control protocol of user side, the version that then explanation user side is current has been latest edition, it is not necessary to update.If it is inconsistent, illustrate to need to update, user side asks to issue the incremental data of URL access-control protocol according to the version number of self, and the incremental data according to receiving is updated.
In one embodiment, the step that the URL access-control protocol received is encrypted storage includes: adopt AES (TheAdvancedEncryptionStandard, Advanced Encryption Standard) algorithm that URL access-control protocol is encrypted.
Concrete, aes algorithm is to adopt symmetric block ciphers system, and wherein, block length is necessary for 128 bits, and key length can be any one in 128 bits, 192 bits, 256 bits.AES encryption has repetition and the conversion of a lot of wheel.Substantially step is as follows: 1, cipher key spreading, and 2, initially take turns, 3, repeat wheel, 4, finally take turns.
As it is shown on figure 3, in one embodiment, also included before the described URL of receiving access-control protocol is encrypted the step of storage:
Step 103, carries out native protocol conversion by the URL access-control protocol received.
Concrete, the access-control protocol data received are converted to and are suitable to user side and carry out the native protocol of control of authority.Wherein, control of authority has two kinds, one is non-universe name authority: type (file/http/https)+title (domain name/filename)+method name, as: " httpwww.pingan.comgetcurrentposition " represents that in the web page of www.pingan.com domain name, JS (JavaScript, script) has the authority of access AppIOSWebView (page view) the Nativegetcurrentposition method provided.One is universe name authority: type (file/http/https)+title (domain name/filename), as: " httpwww.pingan.comgetcurrentposition " represents that in the web page of www.pingan.com domain name, JS has the authority accessing AppIOSWebView all Native (this locality) method provided.
In one embodiment, judge whether the interface of request correspondence has the step of the authority accessing web page to include according to URL access-control protocol: obtain the domain name that web page is corresponding, determine whether to access the authority of domain name according to URL control protocol.
Concrete, judge whether user has the request accessing web page to be the domain name corresponding by acquisition web page according to URL access-control protocol, and then determine whether to access the authority of this domain name according to URL control protocol.If it has, then allow to access, receive the page data that web server returns.
As shown in Figure 4, in one embodiment it is proposed that a kind of control the URL method sequential chart accessed based on IOS system.After user side APP detects the information that user logs in, 1) version information asking current entitlement control protocol and URL access-control protocol is sent to server;2), after server receives request, the version information of current entitlement control protocol is returned;3) user side APP sends the incremental data of request permissions control protocol according to the version information received to server;4) server returns the incremental data of authority control protocol to user side APP according to this request;5), after user side APP receives control of authority data, the control of authority data received are carried out native protocol conversion;6) storage then it is encrypted;7) the access web page request that user sends is received;8) according to control of authority agreement and URL access-control protocol, user side APP judges whether this user has the authority accessing this web page, 9) if having, then allow to access web server, 10) receive the page data that web server returns.11) if not accessing the authority of this web page, then denied access, 12) return web page to access unsuccessfully.
As shown in Figure 5, it is proposed that a kind of device controlling URL access based on IOS system, the method includes:
Receiver module 502, is used for receiving URL access-control protocol;
Memory module 504, for being encrypted storage by the described URL access-control protocol received;
Request module 506, for receiving the request accessing web page;
According to described URL access-control protocol, judge module 508, for judging whether the interface of described request correspondence has the authority accessing described web page;
Allow module 510, if having, for the interface that described request is corresponding, the authority accessing described web page, then allow to access, receive the page data that web server returns.
As shown in Figure 6, in one embodiment, the above-mentioned device based on the control URL access of IOS system also includes:
Sending module 501, for obtaining the log-on message of user, sends the request of URL control protocol according to described log-on message to server.
In one embodiment, memory module 504 is additionally operable to adopt aes algorithm that described URL access-control protocol is encrypted.
As it is shown in fig. 7, in one embodiment, control the URL device accessed based on IOS system and also include:
Modular converter 503, the URL access-control protocol received is carried out native protocol conversion by user.
In one embodiment, it is judged that module 508 is additionally operable to obtain the domain name that described web page is corresponding, determine whether to access the authority of domain name according to URL control protocol.
Embodiment described above only have expressed the several embodiments of the present invention, and it describes comparatively concrete and detailed, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.It should be pointed out that, for the person of ordinary skill of the art, without departing from the inventive concept of the premise, it is also possible to making some deformation and improvement, these broadly fall into protection scope of the present invention.Therefore, the protection domain of patent of the present invention should be as the criterion with claims.
Claims (10)
1. controlling the URL method accessed based on IOS system, described method includes:
Receive URL access-control protocol;
The described URL access-control protocol received is encrypted storage;
Receive the request accessing web page;
Judge according to described URL access-control protocol whether the interface of described request correspondence has the authority accessing described web page;
If so, then allow to access, receive the page data that web server returns.
2. method according to claim 1, it is characterised in that also included before the described step receiving URL access-control protocol:
Obtain the log-on message of user, send the request of URL control protocol according to described log-on message to server.
3. method according to claim 1, it is characterised in that described the step that the described URL access-control protocol received is encrypted storage is included: adopt aes algorithm that described URL access-control protocol is encrypted.
4. method according to claim 1, it is characterised in that also included before the described URL of receiving access-control protocol is encrypted the step of storage:
The URL access-control protocol received is carried out native protocol conversion.
5. method according to claim 1, it is characterized in that, described judge whether interface corresponding to described request has the step of the authority accessing described web page to include according to described URL access-control protocol: obtain the domain name that described web page is corresponding, determine whether the authority of access domain name according to described URL control protocol.
6. controlling the URL device accessed based on IOS system, described device includes:
Receiver module, is used for receiving URL access-control protocol;
Memory module, for being encrypted storage by the described URL access-control protocol received;
Request module, for receiving the request accessing web page;
According to described URL access-control protocol, judge module, for judging whether the interface of described request correspondence has the authority accessing described web page;
Allow module, if having, for the interface that described request is corresponding, the authority accessing described web page, then allow to access, receive the page data that web server returns.
7. device according to claim 6, it is characterised in that described device also includes:
Sending module, for obtaining the log-on message of user, sends the request of URL control protocol according to described log-on message to server.
8. device according to claim 6, it is characterised in that described encrypting module is additionally operable to adopt aes algorithm that described URL access-control protocol is encrypted.
9. device according to claim 6, it is characterised in that described device also includes:
Modular converter, the URL access-control protocol received is carried out native protocol conversion by user.
10. device according to claim 6, it is characterised in that described judge module is additionally operable to obtain the domain name that described web page is corresponding, determines whether to access the authority of domain name according to described URL control protocol.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610099951.8A CN105808990B (en) | 2016-02-23 | 2016-02-23 | Method and apparatus based on the control URL access of IOS system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610099951.8A CN105808990B (en) | 2016-02-23 | 2016-02-23 | Method and apparatus based on the control URL access of IOS system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105808990A true CN105808990A (en) | 2016-07-27 |
CN105808990B CN105808990B (en) | 2019-01-18 |
Family
ID=56466419
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610099951.8A Active CN105808990B (en) | 2016-02-23 | 2016-02-23 | Method and apparatus based on the control URL access of IOS system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105808990B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106302429A (en) * | 2016-08-10 | 2017-01-04 | 上海斐讯数据通信技术有限公司 | A kind of communication encryption method |
CN108958825A (en) * | 2017-05-19 | 2018-12-07 | 腾讯科技(深圳)有限公司 | A kind of information configuring methods and device |
CN110688167A (en) * | 2018-07-04 | 2020-01-14 | 中国电信股份有限公司 | Method and device for generating function link set and computer readable storage medium |
CN110909324A (en) * | 2019-11-19 | 2020-03-24 | 杭州迪普科技股份有限公司 | Control method and device for web permission |
CN111552987A (en) * | 2020-04-16 | 2020-08-18 | 重庆富民银行股份有限公司 | Page access authority control method |
WO2020186775A1 (en) * | 2019-03-15 | 2020-09-24 | 平安科技(深圳)有限公司 | Service data providing method, apparatus and device, and computer-readable storage medium |
WO2021068569A1 (en) * | 2019-10-12 | 2021-04-15 | 平安科技(深圳)有限公司 | Authentication method and apparatus, and computer system and readable storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2010117874A (en) * | 2008-11-13 | 2010-05-27 | Hitachi Ltd | Url filtering system |
CN102497632A (en) * | 2011-11-30 | 2012-06-13 | 北京百纳威尔科技有限公司 | Smart-phone-based webpage access control method, system and smart phone |
CN102724189A (en) * | 2012-06-06 | 2012-10-10 | 杭州华三通信技术有限公司 | Method and device for controlling user URL (uniform resource locator) access |
CN103366019A (en) * | 2013-08-06 | 2013-10-23 | 飞天诚信科技股份有限公司 | Webpage intercepting method and device based on iOS device |
-
2016
- 2016-02-23 CN CN201610099951.8A patent/CN105808990B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2010117874A (en) * | 2008-11-13 | 2010-05-27 | Hitachi Ltd | Url filtering system |
CN102497632A (en) * | 2011-11-30 | 2012-06-13 | 北京百纳威尔科技有限公司 | Smart-phone-based webpage access control method, system and smart phone |
CN102724189A (en) * | 2012-06-06 | 2012-10-10 | 杭州华三通信技术有限公司 | Method and device for controlling user URL (uniform resource locator) access |
CN103366019A (en) * | 2013-08-06 | 2013-10-23 | 飞天诚信科技股份有限公司 | Webpage intercepting method and device based on iOS device |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106302429A (en) * | 2016-08-10 | 2017-01-04 | 上海斐讯数据通信技术有限公司 | A kind of communication encryption method |
CN106302429B (en) * | 2016-08-10 | 2020-01-10 | 上海斐讯数据通信技术有限公司 | Communication encryption method |
CN108958825A (en) * | 2017-05-19 | 2018-12-07 | 腾讯科技(深圳)有限公司 | A kind of information configuring methods and device |
CN110688167A (en) * | 2018-07-04 | 2020-01-14 | 中国电信股份有限公司 | Method and device for generating function link set and computer readable storage medium |
WO2020186775A1 (en) * | 2019-03-15 | 2020-09-24 | 平安科技(深圳)有限公司 | Service data providing method, apparatus and device, and computer-readable storage medium |
WO2021068569A1 (en) * | 2019-10-12 | 2021-04-15 | 平安科技(深圳)有限公司 | Authentication method and apparatus, and computer system and readable storage medium |
CN110909324A (en) * | 2019-11-19 | 2020-03-24 | 杭州迪普科技股份有限公司 | Control method and device for web permission |
CN110909324B (en) * | 2019-11-19 | 2022-03-01 | 杭州迪普科技股份有限公司 | Control method and device for web permission |
CN111552987A (en) * | 2020-04-16 | 2020-08-18 | 重庆富民银行股份有限公司 | Page access authority control method |
Also Published As
Publication number | Publication date |
---|---|
CN105808990B (en) | 2019-01-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105808990A (en) | Method and device for controlling URL access on basis of IOS system | |
KR101914408B1 (en) | Internet access authentication methods and clients, and computer storage media | |
CN104852925B (en) | Mobile intelligent terminal anti-data-leakage secure storage, backup method | |
US8527762B2 (en) | Method for realizing an authentication center and an authentication system thereof | |
KR101735102B1 (en) | Method and appatus for providing application service in mobile communication system | |
CN103763308A (en) | Method and device for having access to webpage safely and downloading data through intelligent terminal | |
CN106936853A (en) | A kind of system-oriented integrated cross-domain single login system and method | |
CN103733599A (en) | Apparatus and method for supporting family cloud in cloud computing system | |
US9198036B2 (en) | Method for providing application service | |
CN102868732A (en) | Account password-based login implementation method, system and device | |
KR20130022846A (en) | System and method for sharing content suing nfc in cloud circumstance | |
CN106411878B (en) | Method, device and system for making access control strategy | |
CN105554098A (en) | Device configuration method, server and system | |
CN103532982A (en) | Wearable device based authorization method, device and system | |
KR20150036371A (en) | Voucher authorization for cloud server | |
CN104144163A (en) | Identity verification method, device and system | |
CN113190828A (en) | Request proxy method, client device and proxy service device | |
CN106982430B (en) | Portal authentication method and system based on user use habits | |
CN105491093A (en) | Terminal authentication method, network access methods, server, wireless access point and terminal | |
CN105072108A (en) | User information transmission method, device and system | |
CN112507320A (en) | Access control method, device, system, electronic equipment and storage medium | |
CN104767614A (en) | Information authentication method and device | |
CN108512860A (en) | Intelligent charging spot management system based on Cloud Server and its working method | |
CN106572136A (en) | Server operation control method, device and system | |
US7174333B2 (en) | Data obtaining method and terminals |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |