CN106161470A - A kind of authorization method, client, server and system - Google Patents

A kind of authorization method, client, server and system Download PDF

Info

Publication number
CN106161470A
CN106161470A CN201610797546.3A CN201610797546A CN106161470A CN 106161470 A CN106161470 A CN 106161470A CN 201610797546 A CN201610797546 A CN 201610797546A CN 106161470 A CN106161470 A CN 106161470A
Authority
CN
China
Prior art keywords
authorization
identification information
authorization object
client
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610797546.3A
Other languages
Chinese (zh)
Other versions
CN106161470B (en
Inventor
孙吉平
刘荣华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Senseshield Technology Co Ltd
Original Assignee
Beijing Senseshield Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Senseshield Technology Co Ltd filed Critical Beijing Senseshield Technology Co Ltd
Priority to CN201610797546.3A priority Critical patent/CN106161470B/en
Publication of CN106161470A publication Critical patent/CN106161470A/en
Application granted granted Critical
Publication of CN106161470B publication Critical patent/CN106161470B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of authorization method, client, server and system, relate to Internet technical field, the problem of operating process very complicated when main purpose is to solve in prior art to authorize authorization object (controlling lock), it is achieved simplify the authorisation step of authorization object.Main technical schemes includes: server generates authorization identification information according to client registers information;Receive the solicited message obtaining described authorization identification information that described client sends;In response to described solicited message, described authorization identification information is sent to described client, in order to authorization object is authorized by described client according to described authorization identification information.

Description

A kind of authorization method, client, server and system
Technical field
The present invention relates to Internet technical field, particularly relate to a kind of authorization method, client, server and system.
Background technology
Along with the fast development of Internet technology and universal, increasing user is more prone to use the Internet to carry out Routine work, along with the Internet use in routine duties, also gets more and more to the requirement of private data in the Internet, example As, software programmers guarantees the application safety of software by using hardware controls lock.
At present, control lock and can be supplied to one comparatively safe programmed environment of software programmers, wherein, control lock by Third party lockmaking mechanism provides.If user has use demand to controlling lock, then need to provide a person to third party lockmaking mechanism Part information, the personal identification of user, after the personally identifiable information getting user, is customized in control by third party lockmaking mechanism In lockmaking, and produce;The personally identifiable information and the secure identification information that control to carry in lock user produced, will be raw The control lock produced is sent to user's hands by modes such as mailing, it is achieved the special customization controlled between lock and user i.e. controls The control lockset that lock user has has uniqueness.But, when controlling lock loss, damaging or stolen by malicious person, control lock User needs again to apply for that customization controls lock to third party lockmaking mechanism, and again applies for that the control lock process of customization is the most loaded down with trivial details Complexity, causing again customizing control lockset has certain hysteresis quality, affects user's use to controlling lock.
Summary of the invention
In view of this, a kind of authorization method, client, server and the system that the present invention provides, main purpose is to solve The problem of operating process very complicated when certainly authorization object (controlling lock) being authorized in prior art, it is achieved simplify mandate right The authorisation step of elephant.
In order to solve the problems referred to above, present invention generally provides following technical scheme:
First aspect, the invention provides a kind of authorization method, and the method is applied to server side, including:
Server generates authorization identification information according to client registers information;
Receive the solicited message obtaining described authorization identification information that described client sends;
In response to described solicited message, described authorization identification information is sent to described client, in order to described client According to described authorization identification information, authorization object is authorized.
Preferably, before server generates authorization identification information according to client registers information, described method includes:
Receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, described Log-on message comprises the User Identity of described authorization object;
In response to described registration request, and send the information succeeded in registration to described client;
The User Identity of described authorization object is stored.
Preferably, server includes according to client registers information generation authorization identification information:
Obtain the User Identity of described authorization object;
User Identity according to described authorization object generates described authorization identification information.
Preferably, described method also includes:
Detect whether described authorization object exists more redaction;
If detecting there is more redaction in described authorization object, then send described authorization object to described client and exist more The notification message of redaction.
Preferably, described method also includes:
Receiving the authorization object renewal solicited message that described client sends, described authorization object updates in solicited message and wraps Containing described authorization identification information;
Update solicited message in response to described authorization object, search corresponding latest edition according to described authorization identification information Authorization object AKU, and the authorization object AKU of described latest edition is sent to described client.
Preferably, before search the authorization object AKU of corresponding latest edition according to described authorization identification information, Described method also includes:
Obtain described authorization object and update the authorization identification information in solicited message or the certificate chain of authorization object;
Certificate chain according to described authorization identification information or authorization object updates solicited message to described authorization object to be carried out Certification;
The authorization object AKU searching corresponding latest edition according to described authorization identification information includes:
If certification success, then search the authorization object AKU of corresponding latest edition according to described authorization identification information.
Preferably, the authorization object AKU of described latest edition is sent extremely described client to include:
The cipher mode of correspondence is determined according to described authorization identification information;
Use the cipher mode after determining that the authorization object AKU of described latest edition is encrypted;
The authorization object AKU of the latest edition after encryption is signed, and sends to described client.
Second aspect, the present invention provides a kind of authorization method, and the method is applied to client, including:
User end to server sends registration request, wherein, comprises log-on message in described registration request;
After succeeding in registration, send the request of acquisition authorization identification information to described server according to described registration information Information, wherein, described authorization identification information is generated according to described log-on message by described server;
Receive described authorization identification information, and according to described authorization identification information, authorization object is authorized.
Preferably, according to described authorization identification information, authorization object is carried out mandate to include:
Set up the communication connection between described authorization object;
It is embedded to described authorization object by described authorization identification information according to described communication connection.
Preferably, after authorizing authorization object according to described authorization identification information, described method also includes:
There is the notification message of more redaction in the authorization object receiving the transmission of described server;
Sending authorization object to described server and update solicited message, described authorization object updates in solicited message and comprises institute State authorization identification information;
Receive the authorization object AKU of the latest edition that described server sends, and use the mandate of described latest edition The authorization object of legacy version is updated by object AKU.
Preferably, after receiving the authorization object AKU of the latest edition that described server sends, described method is also Including:
The manner of decryption that the authorization object AKU of described latest edition is corresponding is determined according to described authorization identification information;
The manner of decryption using the authorization object AKU of described latest edition corresponding is right to the mandate of described latest edition As being decrypted.
The third aspect, the present invention provides a kind of server, including:
Signal generating unit, for generating authorization identification information according to client registers information;
First receives unit, for receiving the described mandate mark obtaining the generation of described signal generating unit that described client sends The solicited message of knowledge information;
First transmitting element, for receiving, in response to described first, the described solicited message that unit receives, by described mandate Identification information sends to described client, in order to authorization object is awarded by described client according to described authorization identification information Power.
Preferably, described server includes:
Second receive unit, for described signal generating unit according to client registers information generate authorization identification information it Before, receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, described registration Information comprises the User Identity of described authorization object;
Second transmitting element, for receiving, in response to described second, the described registration request that unit receives, and to described Client sends the information succeeded in registration;
Memory element, for receiving the User Identity storage of the described authorization object that unit receives by described second.
Preferably, described signal generating unit includes:
Acquisition module, for obtaining the User Identity of described authorization object;
Generation module, the User Identity of the described authorization object for obtaining according to described acquisition module generates described Authorization identification information.
Preferably, described server also includes:
Detector unit, is used for detecting whether described authorization object exists more redaction;
3rd transmitting element, for when described detector unit detects that described authorization object exists more redaction, to institute State the client described authorization object of transmission and there is the notification message of more redaction.
Preferably, described server also includes:
3rd receives unit, and the authorization object sent for receiving described client updates solicited message, and described mandate is right Described authorization identification information is comprised as updating in solicited message;
Search unit, for receiving, in response to the described 3rd, the described authorization object renewal solicited message that unit receives, The authorization object AKU of corresponding latest edition is searched according to described authorization identification information;
4th transmitting element, the authorization object AKU of the described latest edition for being searched by described lookup unit sends To described client.
Preferably, described server also includes:
Acquiring unit, for searching awarding of corresponding latest edition at described lookup unit according to described authorization identification information Before power object AKU, obtain described authorization object and update the authorization identification information in solicited message or the certificate of authorization object Chain;
Authentication ' unit, for the described authorization identification information obtained according to described acquiring unit or the certificate chain of authorization object Described authorization object is updated solicited message be authenticated;
Described lookup unit, is additionally operable to, when described authentication ' unit certification success, search according to described authorization identification information The authorization object AKU of corresponding latest edition.
Preferably, described 4th transmitting element includes:
Determine module, for determining the cipher mode of correspondence according to described authorization identification information;
Encrypting module, for use described determine module determine after the cipher mode authorization object to described latest edition AKU is encrypted;
Processing module, for the authorization object AKU of the latest edition after the encryption of described encrypting module is signed, And send to described client.
Fourth aspect, the present invention provides a kind of client, including:
First transmitting element, for sending registration request to server, wherein, comprises registration letter in described registration request Breath;
Second transmitting element, after being used for succeeding in registration, sends acquisition according to described registration information to described server The solicited message of authorization identification information, wherein, described authorization identification information is generated according to described log-on message by described server;
First receives unit, is used for receiving described authorization identification information;
Granted unit, enters authorization object for the described authorization identification information received according to described first reception unit Row authorizes.
Preferably, described granted unit includes:
Set up module, for setting up the communication connection between described authorization object;
Embedded module, for setting up the described communication connection of module foundation by embedded for described authorization identification information according to described To described authorization object.
Preferably, described client also includes:
Second receives unit, for authorizing authorization object according to described authorization identification information at described granted unit Afterwards, there is the notification message of more redaction in the authorization object receiving the transmission of described server;
3rd transmitting element, updates solicited message for sending authorization object to described server, and described authorization object is more Newly requested information comprises described authorization identification information;
3rd receives unit, for receiving the authorization object AKU of the latest edition that described server sends;
Updating block, for using the described 3rd authorization object AKU receiving the described latest edition that unit receives The authorization object of legacy version is updated.
Preferably, described client also includes:
Determine unit, receive the authorization object of the latest edition that described server sends for receiving unit the described 3rd After AKU, determine, according to described authorization identification information, the manner of decryption that the authorization object of described latest edition is corresponding;
Decryption unit, described determines that the authorization object AKU of described latest edition that unit determines is corresponding for using The authorization object AKU of described latest edition is decrypted by manner of decryption.
5th aspect, the present invention provides a kind of authoring system, and described system includes: server as described in the third aspect and Client as described in fourth aspect.
By technique scheme, the technical scheme that the present invention provides at least has the advantage that
A kind of authorization method, client, server and the system that the present invention provides, server is according to client registers information Generate authorization identification information, after generating authorization identification information, receive the request of the acquisition authorization identification information that client sends Information, and this solicited message is responded, authorization flag information is sent to client, in order to client is according to acquisition Authorization object is authorized by authorization identification information, compared with the authorisation step passing through very complicated in prior art, and the present invention Embodiment is by the way of online mandate, and authorization object is awarded by the authorization identification information that client generates according to server Power, simple to operation.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, And can be practiced according to the content of description, and in order to allow above and other objects of the present invention, the feature and advantage can Become apparent, below especially exemplified by the detailed description of the invention of the present invention.
Accompanying drawing explanation
By reading the detailed description of hereafter preferred implementation, various other advantage and benefit common for this area Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation, and is not considered as the present invention Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical parts.In the accompanying drawings:
Fig. 1 shows the flow chart of the first method authorized that the embodiment of the present invention provides;
Fig. 2 shows the flow chart of the method for the second mandate that the embodiment of the present invention provides;
Fig. 3 shows the block architecture diagram of a kind of client that the embodiment of the present invention provides and server interaction;
Fig. 4 shows the flow chart of the third method authorized that the embodiment of the present invention provides;
Fig. 5 shows the composition frame chart of a kind of server that the embodiment of the present invention provides;
Fig. 6 shows the composition frame chart of the another kind of server that the embodiment of the present invention provides;
Fig. 7 shows the composition frame chart of a kind of client that the embodiment of the present invention provides;
Fig. 8 shows the composition frame chart of another client that the embodiment of the present invention provides;
Fig. 9 shows the composition frame chart of a kind of authoring system that the embodiment of the present invention provides.
Detailed description of the invention
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although accompanying drawing shows the disclosure Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure and should be by embodiments set forth here Limited.On the contrary, it is provided that these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure Complete conveys to those skilled in the art.
The embodiment of the present invention provides a kind of method of mandate, and the method is applied to server side, as it is shown in figure 1, described side Method includes:
101, server generates authorization identification information according to client registers information.
It should be noted that the authorization object described in the embodiment of the present invention is for controlling lock, this control lock is given birth to by lockmaking mechanism The hardware device produced.
In prior art, lockmaking mechanism is when producing control lock, directly by authorization identification information (user identity mark Know) it is embedded in control lock, it is achieved the special customization of client, but when controlling lock and losing or damage, again to lockmaking machine The process that structure application controls lock is sufficiently complex loaded down with trivial details.
In embodiments of the present invention, when control lock is produced by lockmaking mechanism, not by authorization identification information It is embedded in control lock, and only comprises the identity information of lockmaking mechanism, such as Merchant name, produce article No. etc.;And, control the private of lock Key information;Owing to the authorization object (controlling lock) described in the embodiment of the present invention does not comprises authorization identification information when producing, therefore, Authorization object (controlling lock) described in the embodiment of the present invention has versatility, is not i.e. authorizing authorization object (controlling lock) Before, anyone can obtain this authorization object (controlling lock).
User is when obtaining authorization object, and first, the registration network address (client) specified by lockmaking mechanism is registered, In user carries out registration process, the log-on message of user can be indicated, audit for lockmaking mechanism (server), treat lockmaking machine Structure (server) is audited by rear, by mailing or authorization object (control lock) is the mode such as can be got face to face, by controls lock Consign to user, so that the general controls lock got is authorized by user.
Server, after receiving the registration request that client sends, obtains the log-on message that this client is corresponding, base Responding registration request in this log-on message, after success to be registered, server generates according to client registers information and authorizes Identification information, wherein, comprises in log-on message: the information such as User Identity, name, date of birth.In actual applications, institute State the authorization identification information lock number corresponding to control lock, there is uniqueness.
102, server receives the solicited message obtaining described authorization identification information that described client sends.
After user gets authorization object (controlling lock), user, with terminal electronic device as carrier, sets up authorization object And the communication connection between client, client uses register account number and login password to set up with server and communicates to connect, and to Server sends the solicited message obtaining authorization identification information.Due to, user is when first use controls lock, and this control lock is one Individual general controls is locked, and only after user end to server gets authorization identification information, and uses the mandate of acquisition to identify After authorization object (controlling lock) is authorized by information, this authorization object (controlling lock) just can become the control lock of customization, i.e. authorizes After authorization object (control lock) and user between have one-to-one relationship.
Authorization object sets up the carrier of communication connection with client, can be including but not limited to herein below, such as: individual The terminal units such as people's computer, desktop computer, panel computer, smart mobile phone, this is not construed as limiting by the concrete embodiment of the present invention.
103, server is in response to described solicited message, sends described authorization identification information to described client.
Server is after receiving the solicited message of the authorization identification information that client sends, and server passes through client Log-on message, obtain corresponding authorization identification information, and this authorization identification information sent to client, in order to described client Authorization object is authorized by end according to described authorization identification information.
A kind of authorization method that the embodiment of the present invention provides, server generates according to client registers information and authorizes mark letter Breath, after generating authorization identification information, receives the solicited message of the acquisition authorization identification information that client sends, and to this request Information responds, and sends authorization flag information to client, in order to client is according to the authorization identification information pair obtained Authorization object authorizes, and compared with the authorisation step passing through very complicated in prior art, the embodiment of the present invention is by online The mode authorized, authorization object is authorized by the authorization identification information that client generates according to server, simple to operation.
Further, as refining further and extension above-described embodiment, server is performed according to visitor in step 101 Before family end log-on message generates authorization identification information, server receives the registration request that client sends, in this registration request Comprise the log-on messages such as User Identity, after registration request is audited by server based on log-on message, if examination & verification is passed through, Then send the information succeeded in registration to client, and the User Identity of authorization object is stored;If server is audited Do not pass through, then send to client and register unsuccessful announcement information.
In concrete application process, server can record a mapping relations list, and this mapping relations list records has User Identity, authorization identification information, authorization object version number between corresponding relation, it is simple to control lock unify Management and monitoring.After server examination & verification is by the registration request of client, User Identity is stored in mapping relations table In.
Further, server includes in the concrete steps generating authorization identification information according to client registers information: clothes Business device obtains the User Identity of authorization object, generates authorization identification information according to the User Identity of authorization object, its In, User Identity is including but not limited to herein below, such as: identification card number, telephone number, company's station number, mailbox Etc..
Further, in prior art, lockmaking mechanism can be to the control produced in order to promote the combination property controlling lock Lock is upgraded, but, during to controlling lock escalation, need user to lock the control of legacy version by sides such as mailing Formula, is back to lockmaking mechanism, in order to the control of legacy version is locked and upgraded by lockmaking mechanism, and a series of process is the most multiple Miscellaneous, there is hysteresis quality, affect user's use to controlling lock.
In order to solve the problems referred to above, in the embodiment of the present invention, server can detect whether authorization object exists more redaction, If detecting there is more redaction in authorization object, then send authorization object to client and there is the notification message of more redaction.
When client receives after the authorization object that server sends exists the notification message of more redaction, send out to server Sending authorization object to update solicited message, this authorization object updates in solicited message and comprises authorization identification information.Server receives also The authorization object that customer in response end sends updates solicited message, searches the authorization object liter of latest edition according to authorization identification information Level bag, and the authorization object AKU of latest edition is sent to client, in order to the authorization object of legacy version is entered by client Row upgrading, conveniently realizes the online upgrading of authorization object (controlling lock).
Further, in order to ensure the liter level security of control lock, prevent malicious person from forging control lock PKI, thus private with it Key reaches the purpose of deciphering upgrading data.Server is searching the authorization object liter of corresponding latest edition with authorization identification information Before level bag, server obtains authorization object and updates the authorization identification information in solicited message and the certificate chain of authorization object, makes With authorization identification information and certificate chain, authorization object is authenticated;If authorization object updates comprises mandate mark in solicited message Information, then server inquires about this control lock public data in the server according to this authorization identification information, such as: Merchant name, Producing the data such as article No., if inquiring about unsuccessfully, then authorization object renewal solicited message is illegal;If successful inquiring, then basis Authorization identification information determines the cipher mode of correspondence, uses the authorization object AKU to latest edition of the cipher mode after determining It is encrypted, and the authorization object AKU of the latest edition after encryption is signed, and send to client.The present invention is real Executing the cipher mode described in example is the public key encryption mode determined when producing authorization object (controlling lock).
If authorization object updates the certificate chain carrying authorization object in solicited message, server first verifies that this certificate chain is fitted Whether close legal and this certificate chain to be issued by lockmaking mechanism, if be proved to be successful, then it is right to determine according to authorization identification information The cipher mode answered, uses the cipher mode after determining to be encrypted the authorization object AKU of latest edition, and to encryption After the authorization object AKU of latest edition sign, and send to client.
Further, the embodiment of the present invention also provides for another kind of authorization method, and the method is applied to client, such as Fig. 2 institute Showing, described method includes:
201, user end to server sends registration request.
Wherein, described registration request comprises log-on message.
202, after client registers success, send acquisition according to described registration information to described server and authorize mark The solicited message of information.
Wherein, described authorization identification information is generated according to described log-on message by described server.
Client is after succeeding in registration, in order to this authorization object (control lock) being carried out the customization of user identity, need to Server obtains the authorization identification information of this authorization object, it is achieved control the online identity customization of lock.
203, client receives described authorization identification information, and awards authorization object according to described authorization identification information Power.
A kind of authorization method that the embodiment of the present invention provides, server generates according to client registers information and authorizes mark letter Breath, after generating authorization identification information, receives the solicited message of the acquisition authorization identification information that client sends, and to this request Information responds, and sends authorization flag information to client, in order to client is according to the authorization identification information pair obtained Authorization object authorizes, and compared with the authorisation step passing through very complicated in prior art, the embodiment of the present invention is by online The mode authorized, authorization object is authorized by the authorization identification information that client generates according to server, simple to operation.
Further, as refining further and extension above-described embodiment, perform according to described mandate in step 203 When authorization object is authorized by identification information, including: client sets up communication connection with authorization object, will according to communication connection Authorization identification information is embedded in authorization object, it is achieved the customization of general controls lock.
Further, owing to authorization object may exist upgraded version, to optimize the combination property of authorization object, because of This, after authorization object is authorized by client according to authorization identification information, the authorization object receiving server transmission is deposited At the notification message of more redaction, user end to server sends authorization object and updates solicited message, and this authorization object updates please Ask and information comprises authorization identification information, after this authorization object renewal solicited message is responded by server, receive clothes The authorization object AKU of the latest edition that business device sends, and use the authorization object AKU of this latest edition to legacy version Authorization object is updated.To solve in prior art, authorization object updates the problem that step is complicated.
Further, in order to determine the safety problem in authorization object escalation process, server is received in client After the authorization object AKU of the latest edition sent, according to authorization identification information, client determines that the mandate of latest edition is right As the manner of decryption that AKU is corresponding, and use the manner of decryption of the authorization object AKU of latest edition that latest edition is awarded Power object AKU is decrypted, and performs the renewal of authorization object.In actual applications, client is first by disposing in advance In the PKI controlling lock the authorization object AKU of latest edition carried out the sign test of data signature, after sign test is passed through, client The private key using PKI corresponding carries out the deciphering of authorization object AKU, performs the upgrading of authorization object after successful decryption.
Further, above the mistake that authorization object (control lock) is authorized by client and server has been respectively illustrated Journey, will illustrate the interaction of client with server below.As it is shown on figure 3, Fig. 3 shows that the embodiment of the present invention carries A kind of client of confession and the block architecture diagram of server interaction, wherein, the exemplary only citing of Fig. 3, the embodiment of the present invention pair Shown in Fig. 3, content is not especially limited.
Wherein, as shown in Figure 4, server interaction flow concrete with client step includes:
401, user end to server sends registration request.
Wherein, described registration request comprises log-on message.
402, server receives the registration request that described client sends;In response to described registration request, and to described visitor Family end sends the information succeeded in registration;The User Identity of described authorization object is stored.
Wherein, described registration request comprises described log-on message, described log-on message comprises described authorization object User Identity.
403, server generates authorization identification information according to the User Identity of authorization object.
404, client sends acquisition according to the User Identity of described authorization object to described server and authorizes mark The solicited message of information.
405, server receives the solicited message obtaining described authorization identification information that described client sends;In response to institute State solicited message, described authorization identification information is sent to described client.
406, client receives described authorization identification information, and awards authorization object according to described authorization identification information Power.
407, server detects whether described authorization object exists more redaction;If detecting, described authorization object exists more Redaction, then send described authorization object to described client and there is the notification message of more redaction.
408, there is the notification message of more redaction in the authorization object that the described server of client reception sends;To described clothes Business device sends authorization object and updates solicited message, and described authorization object updates in solicited message and comprises described authorization identification information.
409, server receives the authorization object renewal solicited message that described client sends, and described authorization object updates please Ask and information comprises described authorization identification information;Update solicited message in response to described authorization object, authorize mark according to described The authorization object of the latest edition that information searching is corresponding, and the authorization object of described latest edition is sent to described client.
410, client receives the authorization object of the latest edition that described server sends, and uses described latest edition The authorization object of legacy version is updated by authorization object.
It should be noted that not closing step 401 to the detailed description of step 410 refer to above-mentioned associated description, the present invention Embodiment repeats the most one by one at this.
Further, as to the realization of method shown in above-mentioned Fig. 1, another embodiment of the present invention additionally provides a kind of service Device.This device embodiment is corresponding with preceding method embodiment, and for ease of reading, preceding method is no longer implemented by this device embodiment Detail content in example repeats one by one, it should be understood that the device in the present embodiment correspondence can realize preceding method in fact Execute the full content in example.
The embodiment of the present invention provides a kind of server, as it is shown in figure 5, this server includes:
Signal generating unit 51, for generating authorization identification information according to client registers information;
First receives unit 52, awards described in acquisition described signal generating unit 51 generation that described client sends for receiving The solicited message of power identification information;
First transmitting element 53, for receiving, in response to described first, the described solicited message that unit 52 receives, by described Authorization identification information sends to described client, in order to authorization object is carried out by described client according to described authorization identification information Authorize.
Further, as shown in Figure 6, described server includes:
Second receives unit 54, for generating authorization identification information in described signal generating unit 51 according to client registers information Before, the registration request that described client sends is received;Wherein, described registration request comprises described log-on message, described note Volume information comprises the User Identity of described authorization object;
Second transmitting element 55, for the described registration request received in response to described second reception unit 54, and to Described client sends the information succeeded in registration;
Memory element 56, deposits for receiving the User Identity of the described authorization object that unit 54 receives by described second Storage.
Further, as shown in Figure 6, described signal generating unit 51 includes:
Acquisition module 511, for obtaining the User Identity of described authorization object;
Generation module 512, the User Identity of the described authorization object for obtaining according to described acquisition module 511 is raw Become described authorization identification information.
Further, as shown in Figure 6, described server also includes:
Detector unit 57, is used for detecting whether described authorization object exists more redaction;
3rd transmitting element 58, is used for when described detector unit 57 detects that described authorization object exists more redaction, Send described authorization object to described client and there is the notification message of more redaction.
Further, as shown in Figure 6, described server also includes:
3rd receives unit 59, and the authorization object sent for receiving described client updates solicited message, described mandate Object updates in solicited message and comprises described authorization identification information;
Search unit 5010, more newly requested for the described authorization object received in response to described 3rd reception unit 59 Information, searches the authorization object of corresponding latest edition according to described authorization identification information;
4th transmitting element 5011, the authorization object of the described latest edition for being searched by described lookup unit 5010 is sent out Deliver to described client.
Further, as shown in Figure 6, described server also includes:
Acquiring unit 5012, for searching the up-to-date of correspondence at described lookup unit 5010 according to described authorization identification information Before the authorization object of version, obtain described authorization object and update the authorization identification information in solicited message or the card of authorization object Book chain;
Authentication ' unit 5013, for the described authorization identification information obtained according to described acquiring unit 5012 or authorization object Certificate chain to described authorization object update solicited message be authenticated;
Described lookup unit 5010, is additionally operable to when described authentication ' unit 5013 certification success, authorizes mark according to described The authorization object of the latest edition that information searching is corresponding.
Further, as shown in Figure 6, described 4th transmitting element 5011 includes:
Determine module 50111, for determining the cipher mode of correspondence according to described authorization identification information;
Encrypting module 50112, for use described determine module 50111 determine after cipher mode to described latest edition Authorization object be encrypted;
Processing module 50113, the authorization object of the latest edition after being encrypted by described encrypting module 50112 is signed Name, and send to described client.
The embodiment of the present invention also provides for a kind of client, as it is shown in fig. 7, described client includes:
First transmitting element 71, for sending registration request to server, wherein, comprises registration letter in described registration request Breath;
Second transmitting element 72, after being used for succeeding in registration, obtains to the transmission of described server according to described registration information Taking the solicited message of authorization identification information, wherein, described authorization identification information is raw according to described log-on message by described server Become;
First receives unit 73, is used for receiving described authorization identification information;
Granted unit 74, right to authorizing for the described authorization identification information received according to described first reception unit 73 As authorizing.
Further, as shown in Figure 8, described granted unit 74 includes:
Set up module 741, for setting up the communication connection between described authorization object;
Embedded module 742, for setting up the described communication connection of module foundation by described authorization identification information according to described Inside it is embedded to described authorization object.
Further, as shown in Figure 8, described client also includes:
Second receive unit 75, at described second transmitting element 72 according to described registration information to described service Before device sends the solicited message obtaining authorization identification information, there is more redaction in the authorization object receiving the transmission of described server Notification message;
3rd transmitting element 76, updates solicited message, described authorization object for sending authorization object to described server Update in solicited message and comprise described authorization identification information;
3rd receives unit 77, for receiving the authorization object of the latest edition that described server sends;
Updating block 78, for using the described 3rd authorization object pair receiving the described latest edition that unit 77 receives The authorization object of legacy version is updated.
Further, as shown in Figure 8, described client also includes:
Determine unit 79, receive the mandate of the latest edition that described server sends for receiving unit 77 the described 3rd After object, determine, according to described authorization identification information, the manner of decryption that the authorization object of described latest edition is corresponding;
Decryption unit 710, described determines that the authorization object of described latest edition that unit 79 determines is corresponding for using The authorization object of described latest edition is decrypted by manner of decryption.
Further, the embodiment of the present invention also provides for a kind of authoring system, as it is shown in figure 9, described system includes: such as Fig. 5 Or the server shown in arbitrary width and the client 92 as shown in width arbitrary in Fig. 7 or Fig. 8 in Fig. 6.
A kind of client, server and the authoring system that the present invention provides, server generates according to client registers information Authorization identification information, after generating authorization identification information, receives the solicited message of the acquisition authorization identification information that client sends, And this solicited message is responded, authorization flag information is sent to client, in order to client is according to the mandate obtained Authorization object is authorized by identification information, and compared with the authorisation step passing through very complicated in prior art, the present invention implements Example is by the way of online mandate, and authorization object is authorized by the authorization identification information that client generates according to server, letter Single easily operation.
Described server includes processor and memorizer, above-mentioned signal generating unit, the first reception unit and the first transmitting element Store in memory as program unit Deng all, processor perform storage said procedure unit in memory and realize Corresponding function.
Processor comprises kernel, kernel goes memorizer is transferred corresponding program unit.Kernel can arrange one More than or, when solving in prior art to authorize authorization object (controlling lock) by adjusting kernel parameter, operating process is numerous The problem of trivial complexity, it is achieved simplify the authorisation step of authorization object.
Memorizer potentially includes the volatile memory in computer-readable medium, random access memory (RAM) and/ Or the form such as Nonvolatile memory, such as read only memory (ROM) or flash memory (flash RAM), memorizer includes that at least one is deposited Storage chip.
Present invention also provides a kind of computer program, when performing in data handling equipment, at the beginning of being adapted for carrying out Beginningization has the program code of following method step: server generates authorization identification information according to client registers information;Receive institute State the solicited message obtaining described authorization identification information that client sends;In response to described solicited message, authorize mark by described Knowledge information sends to described client, in order to authorization object is authorized by described client according to described authorization identification information.
In the above embodiment of the present invention, the description to each embodiment all emphasizes particularly on different fields, and does not has in certain embodiment The part described in detail, may refer to the associated description of other embodiments.
Those skilled in the art are it should be appreciated that embodiments herein can be provided as method, system or computer program Product.Therefore, the reality in terms of the application can use complete hardware embodiment, complete software implementation or combine software and hardware Execute the form of example.And, the application can use at one or more computers wherein including computer usable program code The upper computer program product implemented of usable storage medium (including but not limited to disk memory, CD-ROM, optical memory etc.) The form of product.
The application is with reference to method, equipment (system) and the flow process of computer program according to the embodiment of the present application Figure and/or block diagram describe.It should be understood that can the most first-class by computer program instructions flowchart and/or block diagram Flow process in journey and/or square frame and flow chart and/or block diagram and/or the combination of square frame.These computer programs can be provided Instruction arrives the processor of general purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce A raw machine so that the instruction performed by the processor of computer or other programmable data processing device is produced for real The device of the function specified in one flow process of flow chart or multiple flow process and/or one square frame of block diagram or multiple square frame now.
These computer program instructions may be alternatively stored in and computer or other programmable data processing device can be guided with spy Determine in the computer-readable memory that mode works so that the instruction being stored in this computer-readable memory produces and includes referring to Make the manufacture of device, this command device realize at one flow process of flow chart or multiple flow process and/or one square frame of block diagram or The function specified in multiple square frames.
These computer program instructions also can be loaded in computer or other programmable data processing device so that at meter Perform sequence of operations step on calculation machine or other programmable devices to produce computer implemented process, thus at computer or The instruction performed on other programmable devices provides for realizing at one flow process of flow chart or multiple flow process and/or block diagram one The step of the function specified in individual square frame or multiple square frame.
In a typical configuration, calculating equipment includes one or more processor (CPU), input/output interface, net Network interface and internal memory.
Memorizer potentially includes the volatile memory in computer-readable medium, random access memory (RAM) and/ Or the form such as Nonvolatile memory, such as read only memory (ROM) or flash memory (flash RAM).Memorizer is that computer-readable is situated between The example of matter.
Computer-readable medium includes that removable media permanent and non-permanent, removable and non-can be by any method Or technology realizes information storage.Information can be computer-readable instruction, data structure, the module of program or other data. The example of the storage medium of computer includes, but are not limited to phase transition internal memory (PRAM), static RAM (SRAM), moves State random access memory (DRAM), other kinds of random access memory (RAM), read only memory (ROM), electric erasable Programmable read only memory (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc read only memory (CD-ROM), Digital versatile disc (DVD) or other optical storage, magnetic cassette tape, the storage of tape magnetic rigid disk or other magnetic storage apparatus Or any other non-transmission medium, can be used for the information that storage can be accessed by a computing device.According to defining herein, calculate Machine computer-readable recording medium does not include temporary computer readable media (transitory media), such as data signal and the carrier wave of modulation.
Also, it should be noted term " includes ", " comprising " or its any other variant are intended to nonexcludability Comprise, so that include that the process of a series of key element, method, commodity or equipment not only include those key elements, but also wrap Include other key elements being not expressly set out, or also include want intrinsic for this process, method, commodity or equipment Element.In the case of there is no more restriction, statement " including ... " key element limited, it is not excluded that including key element Process, method, commodity or equipment there is also other identical element.
It will be understood by those skilled in the art that embodiments herein can be provided as method, system or computer program. Therefore, the embodiment in terms of the application can use complete hardware embodiment, complete software implementation or combine software and hardware Form.And, the application can use can be with depositing at one or more computers wherein including computer usable program code The shape of the upper computer program implemented of storage media (including but not limited to disk memory, CD-ROM, optical memory etc.) Formula.
These are only embodiments herein, be not limited to the application.To those skilled in the art, The application can have various modifications and variations.All made within spirit herein and principle any amendment, equivalent, Improve, within the scope of should be included in claims hereof.

Claims (23)

1. an authorization method, it is characterised in that including:
Server generates authorization identification information according to client registers information;
Receive the solicited message obtaining described authorization identification information that described client sends;
In response to described solicited message, described authorization identification information is sent to described client, in order to described client according to Authorization object is authorized by described authorization identification information.
Method the most according to claim 1, it is characterised in that generate mandate mark according to client registers information at server Before knowledge information, described method includes:
Receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, described registration Information comprises the User Identity of described authorization object;
In response to described registration request, and send the information succeeded in registration to described client;
The User Identity of described authorization object is stored.
Method the most according to claim 2, it is characterised in that server generates according to client registers information and authorizes mark Information includes:
Obtain the User Identity of described authorization object;
User Identity according to described authorization object generates described authorization identification information.
Method the most according to claim 1, it is characterised in that described method also includes:
Detect whether described authorization object exists more redaction;
If detecting there is more redaction in described authorization object, then send described authorization object to described client and there is more new edition This notification message.
Method the most according to claim 4, it is characterised in that described method also includes:
Receiving the authorization object renewal solicited message that described client sends, described authorization object updates in solicited message and comprises institute State authorization identification information;
Update solicited message in response to described authorization object, search awarding of corresponding latest edition according to described authorization identification information Power object AKU, and the authorization object AKU of described latest edition is sent to described client.
Method the most according to claim 5, it is characterised in that searching the up-to-date of correspondence according to described authorization identification information Before the authorization object AKU of version, described method also includes:
Obtain described authorization object and update the authorization identification information in solicited message or the certificate chain of authorization object;
Certificate chain according to described authorization identification information or authorization object updates solicited message to described authorization object and is authenticated;
The authorization object AKU searching corresponding latest edition according to described authorization identification information includes:
If certification success, then search the authorization object AKU of corresponding latest edition according to described authorization identification information.
Method the most according to claim 6, it is characterised in that the authorization object AKU of described latest edition is sent extremely Described client includes:
The cipher mode of correspondence is determined according to described authorization identification information;
Use the cipher mode after determining that the authorization object AKU of described latest edition is encrypted;
The authorization object AKU of the latest edition after encryption is signed, and sends to described client.
8. an authorization method, it is characterised in that including:
User end to server sends registration request, wherein, comprises log-on message in described registration request;
After succeeding in registration, send the request letter of acquisition authorization identification information to described server according to described registration information Breath, wherein, described authorization identification information is generated according to described log-on message by described server;
Receive described authorization identification information, and according to described authorization identification information, authorization object is authorized.
Method the most according to claim 8, it is characterised in that authorization object is awarded according to described authorization identification information Power includes:
Set up the communication connection between described authorization object;
It is embedded to described authorization object by described authorization identification information according to described communication connection.
Method the most according to claim 8, it is characterised in that authorization object is being entered according to described authorization identification information After row authorizes, described method also includes:
There is the notification message of more redaction in the authorization object receiving the transmission of described server;
Send authorization object to described server and update solicited message, described authorization object update in solicited message comprise described in award Power identification information;
Receive the authorization object AKU of the latest edition that described server sends, and use the authorization object of described latest edition The authorization object of legacy version is updated by AKU.
11. methods according to claim 10, it is characterised in that receiving the awarding of latest edition that described server sends After power object AKU, described method also includes:
The manner of decryption that the authorization object AKU of described latest edition is corresponding is determined according to described authorization identification information;
The authorization object of described latest edition is entered by the manner of decryption using the authorization object AKU of described latest edition corresponding Row deciphering.
12. 1 kinds of servers, it is characterised in that including:
Signal generating unit, for generating authorization identification information according to client registers information;
First receives unit, for receiving the described mandate mark letter obtaining the generation of described signal generating unit that described client sends The solicited message of breath;
First transmitting element, for receiving, in response to described first, the described solicited message that unit receives, authorizes mark by described Information sends to described client, in order to authorization object is authorized by described client according to described authorization identification information.
13. servers according to claim 12, it is characterised in that described server includes:
Second receives unit, before generating authorization identification information in described signal generating unit according to client registers information, connects Receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, in described log-on message Comprise the User Identity of described authorization object;
Second transmitting element, for receiving, in response to described second, the described registration request that unit receives, and to described client End sends the information succeeded in registration;
Memory element, for receiving the User Identity storage of the described authorization object that unit receives by described second.
14. servers according to claim 13, it is characterised in that described signal generating unit includes:
Acquisition module, for obtaining the User Identity of described authorization object;
Generation module, the User Identity of the described authorization object for obtaining according to described acquisition module generates described mandate Identification information.
15. servers according to claim 12, it is characterised in that described server also includes:
Detector unit, is used for detecting whether described authorization object exists more redaction;
3rd transmitting element, for when described detector unit detects that described authorization object exists more redaction, to described visitor Family end sends described authorization object and there is the notification message of more redaction.
16. servers according to claim 15, it is characterised in that described server also includes:
3rd receives unit, and the authorization object sent for receiving described client updates solicited message, and described authorization object is more Newly requested information comprises described authorization identification information;
Search unit, for receiving, in response to the described 3rd, the described authorization object renewal solicited message that unit receives, according to Described authorization identification information searches the authorization object AKU of corresponding latest edition;
4th transmitting element, the authorization object AKU of the described latest edition for being searched by described lookup unit sends to institute State client.
17. servers according to claim 16, it is characterised in that described server also includes:
Acquiring unit, right for the mandate searching corresponding latest edition according to described authorization identification information at described lookup unit Before AKU, obtain described authorization object and update the authorization identification information in solicited message or the certificate chain of authorization object;
Authentication ' unit, is used for the certificate chain of described authorization identification information or the authorization object obtained according to described acquiring unit to institute State authorization object renewal solicited message to be authenticated;
Described lookup unit, is additionally operable to when described authentication ' unit certification success, searches correspondence according to described authorization identification information The authorization object AKU of latest edition.
18. servers according to claim 17, it is characterised in that described 4th transmitting element includes:
Determine module, for determining the cipher mode of correspondence according to described authorization identification information;
Encrypting module, for use described determine module determine after cipher mode the authorization object of described latest edition is upgraded Bag is encrypted;
Processing module, the authorization object AKU of the latest edition after being encrypted by described encrypting module is signed, concurrently Deliver to described client.
19. 1 kinds of clients, it is characterised in that including:
First transmitting element, for sending registration request to server, wherein, comprises log-on message in described registration request;
Second transmitting element, after being used for succeeding in registration, sends acquisition according to described registration information to described server and authorizes The solicited message of identification information, wherein, described authorization identification information is generated according to described log-on message by described server;
First receives unit, is used for receiving described authorization identification information;
Granted unit, awards authorization object for the described authorization identification information received according to described first reception unit Power.
20. clients according to claim 19, it is characterised in that described granted unit includes:
Set up module, for setting up the communication connection between described authorization object;
Embedded module, for being embedded to institute according to the described described communication connection setting up module foundation by described authorization identification information State authorization object.
21. clients according to claim 19, it is characterised in that described client also includes:
Second receives unit, for authorization object being authorized it at described granted unit according to described authorization identification information After, there is the notification message of more redaction in the authorization object receiving the transmission of described server;
3rd transmitting element, updates solicited message for sending authorization object to described server, and described authorization object updates please Ask and information comprises described authorization identification information;
3rd receives unit, for receiving the authorization object AKU of the latest edition that described server sends;
Updating block, for using the described 3rd to receive the authorization object AKU of the described latest edition that unit receives to old The authorization object of version is updated.
22. clients according to claim 21, it is characterised in that described client also includes:
Determine unit, receive the authorization object upgrading of the latest edition that described server sends for receiving unit the described 3rd After bag, determine, according to described authorization identification information, the manner of decryption that the authorization object AKU of described latest edition is corresponding;
Decryption unit, for using the deciphering that the described authorization object AKU determining described latest edition that unit determines is corresponding The authorization object of described latest edition is decrypted by mode.
23. 1 kinds of authoring systems, it is characterised in that described system includes: the service as according to any one of claim 12-18 Device and the client as according to any one of claim 19-22.
CN201610797546.3A 2016-08-31 2016-08-31 A kind of authorization method, client, server and system Active CN106161470B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610797546.3A CN106161470B (en) 2016-08-31 2016-08-31 A kind of authorization method, client, server and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610797546.3A CN106161470B (en) 2016-08-31 2016-08-31 A kind of authorization method, client, server and system

Publications (2)

Publication Number Publication Date
CN106161470A true CN106161470A (en) 2016-11-23
CN106161470B CN106161470B (en) 2019-02-26

Family

ID=57344449

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610797546.3A Active CN106161470B (en) 2016-08-31 2016-08-31 A kind of authorization method, client, server and system

Country Status (1)

Country Link
CN (1) CN106161470B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107169316A (en) * 2017-04-13 2017-09-15 北京深思数盾科技股份有限公司 A kind of method and system of trustship hardware controls lock
CN107358066A (en) * 2017-07-20 2017-11-17 北京深思数盾科技股份有限公司 Software license methods, devices and systems
CN109474433A (en) * 2018-10-23 2019-03-15 航天信息股份有限公司 Client certificate based on billing system signs and issues method and device
CN112968863A (en) * 2021-01-17 2021-06-15 迅鳐成都科技有限公司 Distributed authorization management method, device and storage medium based on R tree
CN113282891A (en) * 2021-06-28 2021-08-20 北京安天网络安全技术有限公司 Version authorization control method and device, computing equipment and storage medium
CN116340893A (en) * 2022-12-26 2023-06-27 上海通天晓信息技术有限公司 Service provider application authorization system, method, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102202057A (en) * 2011-05-18 2011-09-28 株洲南车时代电气股份有限公司 System and method for safely dumping data of mobile memory
CN104063789A (en) * 2013-03-18 2014-09-24 财付通支付科技有限公司 Method, device and system used for processing processed object
CN104113552A (en) * 2014-07-28 2014-10-22 百度在线网络技术(北京)有限公司 Platform authorization method, platform server side, application client side and system
US20150180838A1 (en) * 2012-12-12 2015-06-25 Institute For Information Industry Major management apparatus, authorized management apparatus, electronic apparatus for delegation management, and delegation management methods thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102202057A (en) * 2011-05-18 2011-09-28 株洲南车时代电气股份有限公司 System and method for safely dumping data of mobile memory
US20150180838A1 (en) * 2012-12-12 2015-06-25 Institute For Information Industry Major management apparatus, authorized management apparatus, electronic apparatus for delegation management, and delegation management methods thereof
CN104063789A (en) * 2013-03-18 2014-09-24 财付通支付科技有限公司 Method, device and system used for processing processed object
CN104113552A (en) * 2014-07-28 2014-10-22 百度在线网络技术(北京)有限公司 Platform authorization method, platform server side, application client side and system

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107169316A (en) * 2017-04-13 2017-09-15 北京深思数盾科技股份有限公司 A kind of method and system of trustship hardware controls lock
CN107358066A (en) * 2017-07-20 2017-11-17 北京深思数盾科技股份有限公司 Software license methods, devices and systems
CN109474433A (en) * 2018-10-23 2019-03-15 航天信息股份有限公司 Client certificate based on billing system signs and issues method and device
CN112968863A (en) * 2021-01-17 2021-06-15 迅鳐成都科技有限公司 Distributed authorization management method, device and storage medium based on R tree
CN112968863B (en) * 2021-01-17 2022-11-18 迅鳐成都科技有限公司 Distributed authorization management method and device based on R tree and storage medium
CN113282891A (en) * 2021-06-28 2021-08-20 北京安天网络安全技术有限公司 Version authorization control method and device, computing equipment and storage medium
CN116340893A (en) * 2022-12-26 2023-06-27 上海通天晓信息技术有限公司 Service provider application authorization system, method, electronic equipment and storage medium
CN116340893B (en) * 2022-12-26 2024-02-02 上海通天晓信息技术有限公司 Service provider application authorization system, method, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN106161470B (en) 2019-02-26

Similar Documents

Publication Publication Date Title
US20210351931A1 (en) System and method for securely processing an electronic identity
US20230246842A1 (en) Compact recordation protocol
US9792598B2 (en) System and method for initially establishing and periodically confirming trust in a software application
US20200211002A1 (en) System and method for authorization token generation and transaction validation
CN106161470B (en) A kind of authorization method, client, server and system
US8095519B2 (en) Multifactor authentication with changing unique values
CN104919775B (en) The system and method synchronous for key chain
US9159046B2 (en) Systems and methods for implementing supply chain visibility policies
CN112106324A (en) Methods, computer program products and devices for creating, registering and verifying digitally stamped assets
US20140156531A1 (en) System and Method for Authenticating Transactions Through a Mobile Device
EP2810402A2 (en) A method and database system for secure storage and communication of information
CN111160909B (en) Hidden static supervision system and method for blockchain supply chain transaction
CN106936588A (en) A kind of trustship method, the apparatus and system of hardware controls lock
CN113557508A (en) Method, computer program product and apparatus for transferring ownership rights to digital assets
CN104137111A (en) Information processing apparatus, information processing system, information processing method and computer program
US10108937B2 (en) Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof
CN110166452A (en) A kind of access control method and system based on JavaCard shared interface
Oliveira Dynamic QR codes for Ticketing Systems
CN117557260A (en) Virtual currency wallet implementation method, system and electronic equipment
CN115150831A (en) Processing method, device, server and medium for network access request

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee after: Beijing Shendun Technology Co.,Ltd.

Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd.

CP01 Change in the name or title of a patent holder