CN106161470A - A kind of authorization method, client, server and system - Google Patents
A kind of authorization method, client, server and system Download PDFInfo
- Publication number
- CN106161470A CN106161470A CN201610797546.3A CN201610797546A CN106161470A CN 106161470 A CN106161470 A CN 106161470A CN 201610797546 A CN201610797546 A CN 201610797546A CN 106161470 A CN106161470 A CN 106161470A
- Authority
- CN
- China
- Prior art keywords
- authorization
- identification information
- authorization object
- client
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of authorization method, client, server and system, relate to Internet technical field, the problem of operating process very complicated when main purpose is to solve in prior art to authorize authorization object (controlling lock), it is achieved simplify the authorisation step of authorization object.Main technical schemes includes: server generates authorization identification information according to client registers information;Receive the solicited message obtaining described authorization identification information that described client sends;In response to described solicited message, described authorization identification information is sent to described client, in order to authorization object is authorized by described client according to described authorization identification information.
Description
Technical field
The present invention relates to Internet technical field, particularly relate to a kind of authorization method, client, server and system.
Background technology
Along with the fast development of Internet technology and universal, increasing user is more prone to use the Internet to carry out
Routine work, along with the Internet use in routine duties, also gets more and more to the requirement of private data in the Internet, example
As, software programmers guarantees the application safety of software by using hardware controls lock.
At present, control lock and can be supplied to one comparatively safe programmed environment of software programmers, wherein, control lock by
Third party lockmaking mechanism provides.If user has use demand to controlling lock, then need to provide a person to third party lockmaking mechanism
Part information, the personal identification of user, after the personally identifiable information getting user, is customized in control by third party lockmaking mechanism
In lockmaking, and produce;The personally identifiable information and the secure identification information that control to carry in lock user produced, will be raw
The control lock produced is sent to user's hands by modes such as mailing, it is achieved the special customization controlled between lock and user i.e. controls
The control lockset that lock user has has uniqueness.But, when controlling lock loss, damaging or stolen by malicious person, control lock
User needs again to apply for that customization controls lock to third party lockmaking mechanism, and again applies for that the control lock process of customization is the most loaded down with trivial details
Complexity, causing again customizing control lockset has certain hysteresis quality, affects user's use to controlling lock.
Summary of the invention
In view of this, a kind of authorization method, client, server and the system that the present invention provides, main purpose is to solve
The problem of operating process very complicated when certainly authorization object (controlling lock) being authorized in prior art, it is achieved simplify mandate right
The authorisation step of elephant.
In order to solve the problems referred to above, present invention generally provides following technical scheme:
First aspect, the invention provides a kind of authorization method, and the method is applied to server side, including:
Server generates authorization identification information according to client registers information;
Receive the solicited message obtaining described authorization identification information that described client sends;
In response to described solicited message, described authorization identification information is sent to described client, in order to described client
According to described authorization identification information, authorization object is authorized.
Preferably, before server generates authorization identification information according to client registers information, described method includes:
Receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, described
Log-on message comprises the User Identity of described authorization object;
In response to described registration request, and send the information succeeded in registration to described client;
The User Identity of described authorization object is stored.
Preferably, server includes according to client registers information generation authorization identification information:
Obtain the User Identity of described authorization object;
User Identity according to described authorization object generates described authorization identification information.
Preferably, described method also includes:
Detect whether described authorization object exists more redaction;
If detecting there is more redaction in described authorization object, then send described authorization object to described client and exist more
The notification message of redaction.
Preferably, described method also includes:
Receiving the authorization object renewal solicited message that described client sends, described authorization object updates in solicited message and wraps
Containing described authorization identification information;
Update solicited message in response to described authorization object, search corresponding latest edition according to described authorization identification information
Authorization object AKU, and the authorization object AKU of described latest edition is sent to described client.
Preferably, before search the authorization object AKU of corresponding latest edition according to described authorization identification information,
Described method also includes:
Obtain described authorization object and update the authorization identification information in solicited message or the certificate chain of authorization object;
Certificate chain according to described authorization identification information or authorization object updates solicited message to described authorization object to be carried out
Certification;
The authorization object AKU searching corresponding latest edition according to described authorization identification information includes:
If certification success, then search the authorization object AKU of corresponding latest edition according to described authorization identification information.
Preferably, the authorization object AKU of described latest edition is sent extremely described client to include:
The cipher mode of correspondence is determined according to described authorization identification information;
Use the cipher mode after determining that the authorization object AKU of described latest edition is encrypted;
The authorization object AKU of the latest edition after encryption is signed, and sends to described client.
Second aspect, the present invention provides a kind of authorization method, and the method is applied to client, including:
User end to server sends registration request, wherein, comprises log-on message in described registration request;
After succeeding in registration, send the request of acquisition authorization identification information to described server according to described registration information
Information, wherein, described authorization identification information is generated according to described log-on message by described server;
Receive described authorization identification information, and according to described authorization identification information, authorization object is authorized.
Preferably, according to described authorization identification information, authorization object is carried out mandate to include:
Set up the communication connection between described authorization object;
It is embedded to described authorization object by described authorization identification information according to described communication connection.
Preferably, after authorizing authorization object according to described authorization identification information, described method also includes:
There is the notification message of more redaction in the authorization object receiving the transmission of described server;
Sending authorization object to described server and update solicited message, described authorization object updates in solicited message and comprises institute
State authorization identification information;
Receive the authorization object AKU of the latest edition that described server sends, and use the mandate of described latest edition
The authorization object of legacy version is updated by object AKU.
Preferably, after receiving the authorization object AKU of the latest edition that described server sends, described method is also
Including:
The manner of decryption that the authorization object AKU of described latest edition is corresponding is determined according to described authorization identification information;
The manner of decryption using the authorization object AKU of described latest edition corresponding is right to the mandate of described latest edition
As being decrypted.
The third aspect, the present invention provides a kind of server, including:
Signal generating unit, for generating authorization identification information according to client registers information;
First receives unit, for receiving the described mandate mark obtaining the generation of described signal generating unit that described client sends
The solicited message of knowledge information;
First transmitting element, for receiving, in response to described first, the described solicited message that unit receives, by described mandate
Identification information sends to described client, in order to authorization object is awarded by described client according to described authorization identification information
Power.
Preferably, described server includes:
Second receive unit, for described signal generating unit according to client registers information generate authorization identification information it
Before, receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, described registration
Information comprises the User Identity of described authorization object;
Second transmitting element, for receiving, in response to described second, the described registration request that unit receives, and to described
Client sends the information succeeded in registration;
Memory element, for receiving the User Identity storage of the described authorization object that unit receives by described second.
Preferably, described signal generating unit includes:
Acquisition module, for obtaining the User Identity of described authorization object;
Generation module, the User Identity of the described authorization object for obtaining according to described acquisition module generates described
Authorization identification information.
Preferably, described server also includes:
Detector unit, is used for detecting whether described authorization object exists more redaction;
3rd transmitting element, for when described detector unit detects that described authorization object exists more redaction, to institute
State the client described authorization object of transmission and there is the notification message of more redaction.
Preferably, described server also includes:
3rd receives unit, and the authorization object sent for receiving described client updates solicited message, and described mandate is right
Described authorization identification information is comprised as updating in solicited message;
Search unit, for receiving, in response to the described 3rd, the described authorization object renewal solicited message that unit receives,
The authorization object AKU of corresponding latest edition is searched according to described authorization identification information;
4th transmitting element, the authorization object AKU of the described latest edition for being searched by described lookup unit sends
To described client.
Preferably, described server also includes:
Acquiring unit, for searching awarding of corresponding latest edition at described lookup unit according to described authorization identification information
Before power object AKU, obtain described authorization object and update the authorization identification information in solicited message or the certificate of authorization object
Chain;
Authentication ' unit, for the described authorization identification information obtained according to described acquiring unit or the certificate chain of authorization object
Described authorization object is updated solicited message be authenticated;
Described lookup unit, is additionally operable to, when described authentication ' unit certification success, search according to described authorization identification information
The authorization object AKU of corresponding latest edition.
Preferably, described 4th transmitting element includes:
Determine module, for determining the cipher mode of correspondence according to described authorization identification information;
Encrypting module, for use described determine module determine after the cipher mode authorization object to described latest edition
AKU is encrypted;
Processing module, for the authorization object AKU of the latest edition after the encryption of described encrypting module is signed,
And send to described client.
Fourth aspect, the present invention provides a kind of client, including:
First transmitting element, for sending registration request to server, wherein, comprises registration letter in described registration request
Breath;
Second transmitting element, after being used for succeeding in registration, sends acquisition according to described registration information to described server
The solicited message of authorization identification information, wherein, described authorization identification information is generated according to described log-on message by described server;
First receives unit, is used for receiving described authorization identification information;
Granted unit, enters authorization object for the described authorization identification information received according to described first reception unit
Row authorizes.
Preferably, described granted unit includes:
Set up module, for setting up the communication connection between described authorization object;
Embedded module, for setting up the described communication connection of module foundation by embedded for described authorization identification information according to described
To described authorization object.
Preferably, described client also includes:
Second receives unit, for authorizing authorization object according to described authorization identification information at described granted unit
Afterwards, there is the notification message of more redaction in the authorization object receiving the transmission of described server;
3rd transmitting element, updates solicited message for sending authorization object to described server, and described authorization object is more
Newly requested information comprises described authorization identification information;
3rd receives unit, for receiving the authorization object AKU of the latest edition that described server sends;
Updating block, for using the described 3rd authorization object AKU receiving the described latest edition that unit receives
The authorization object of legacy version is updated.
Preferably, described client also includes:
Determine unit, receive the authorization object of the latest edition that described server sends for receiving unit the described 3rd
After AKU, determine, according to described authorization identification information, the manner of decryption that the authorization object of described latest edition is corresponding;
Decryption unit, described determines that the authorization object AKU of described latest edition that unit determines is corresponding for using
The authorization object AKU of described latest edition is decrypted by manner of decryption.
5th aspect, the present invention provides a kind of authoring system, and described system includes: server as described in the third aspect and
Client as described in fourth aspect.
By technique scheme, the technical scheme that the present invention provides at least has the advantage that
A kind of authorization method, client, server and the system that the present invention provides, server is according to client registers information
Generate authorization identification information, after generating authorization identification information, receive the request of the acquisition authorization identification information that client sends
Information, and this solicited message is responded, authorization flag information is sent to client, in order to client is according to acquisition
Authorization object is authorized by authorization identification information, compared with the authorisation step passing through very complicated in prior art, and the present invention
Embodiment is by the way of online mandate, and authorization object is awarded by the authorization identification information that client generates according to server
Power, simple to operation.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of description, and in order to allow above and other objects of the present invention, the feature and advantage can
Become apparent, below especially exemplified by the detailed description of the invention of the present invention.
Accompanying drawing explanation
By reading the detailed description of hereafter preferred implementation, various other advantage and benefit common for this area
Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation, and is not considered as the present invention
Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical parts.In the accompanying drawings:
Fig. 1 shows the flow chart of the first method authorized that the embodiment of the present invention provides;
Fig. 2 shows the flow chart of the method for the second mandate that the embodiment of the present invention provides;
Fig. 3 shows the block architecture diagram of a kind of client that the embodiment of the present invention provides and server interaction;
Fig. 4 shows the flow chart of the third method authorized that the embodiment of the present invention provides;
Fig. 5 shows the composition frame chart of a kind of server that the embodiment of the present invention provides;
Fig. 6 shows the composition frame chart of the another kind of server that the embodiment of the present invention provides;
Fig. 7 shows the composition frame chart of a kind of client that the embodiment of the present invention provides;
Fig. 8 shows the composition frame chart of another client that the embodiment of the present invention provides;
Fig. 9 shows the composition frame chart of a kind of authoring system that the embodiment of the present invention provides.
Detailed description of the invention
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although accompanying drawing shows the disclosure
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure and should be by embodiments set forth here
Limited.On the contrary, it is provided that these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
The embodiment of the present invention provides a kind of method of mandate, and the method is applied to server side, as it is shown in figure 1, described side
Method includes:
101, server generates authorization identification information according to client registers information.
It should be noted that the authorization object described in the embodiment of the present invention is for controlling lock, this control lock is given birth to by lockmaking mechanism
The hardware device produced.
In prior art, lockmaking mechanism is when producing control lock, directly by authorization identification information (user identity mark
Know) it is embedded in control lock, it is achieved the special customization of client, but when controlling lock and losing or damage, again to lockmaking machine
The process that structure application controls lock is sufficiently complex loaded down with trivial details.
In embodiments of the present invention, when control lock is produced by lockmaking mechanism, not by authorization identification information
It is embedded in control lock, and only comprises the identity information of lockmaking mechanism, such as Merchant name, produce article No. etc.;And, control the private of lock
Key information;Owing to the authorization object (controlling lock) described in the embodiment of the present invention does not comprises authorization identification information when producing, therefore,
Authorization object (controlling lock) described in the embodiment of the present invention has versatility, is not i.e. authorizing authorization object (controlling lock)
Before, anyone can obtain this authorization object (controlling lock).
User is when obtaining authorization object, and first, the registration network address (client) specified by lockmaking mechanism is registered,
In user carries out registration process, the log-on message of user can be indicated, audit for lockmaking mechanism (server), treat lockmaking machine
Structure (server) is audited by rear, by mailing or authorization object (control lock) is the mode such as can be got face to face, by controls lock
Consign to user, so that the general controls lock got is authorized by user.
Server, after receiving the registration request that client sends, obtains the log-on message that this client is corresponding, base
Responding registration request in this log-on message, after success to be registered, server generates according to client registers information and authorizes
Identification information, wherein, comprises in log-on message: the information such as User Identity, name, date of birth.In actual applications, institute
State the authorization identification information lock number corresponding to control lock, there is uniqueness.
102, server receives the solicited message obtaining described authorization identification information that described client sends.
After user gets authorization object (controlling lock), user, with terminal electronic device as carrier, sets up authorization object
And the communication connection between client, client uses register account number and login password to set up with server and communicates to connect, and to
Server sends the solicited message obtaining authorization identification information.Due to, user is when first use controls lock, and this control lock is one
Individual general controls is locked, and only after user end to server gets authorization identification information, and uses the mandate of acquisition to identify
After authorization object (controlling lock) is authorized by information, this authorization object (controlling lock) just can become the control lock of customization, i.e. authorizes
After authorization object (control lock) and user between have one-to-one relationship.
Authorization object sets up the carrier of communication connection with client, can be including but not limited to herein below, such as: individual
The terminal units such as people's computer, desktop computer, panel computer, smart mobile phone, this is not construed as limiting by the concrete embodiment of the present invention.
103, server is in response to described solicited message, sends described authorization identification information to described client.
Server is after receiving the solicited message of the authorization identification information that client sends, and server passes through client
Log-on message, obtain corresponding authorization identification information, and this authorization identification information sent to client, in order to described client
Authorization object is authorized by end according to described authorization identification information.
A kind of authorization method that the embodiment of the present invention provides, server generates according to client registers information and authorizes mark letter
Breath, after generating authorization identification information, receives the solicited message of the acquisition authorization identification information that client sends, and to this request
Information responds, and sends authorization flag information to client, in order to client is according to the authorization identification information pair obtained
Authorization object authorizes, and compared with the authorisation step passing through very complicated in prior art, the embodiment of the present invention is by online
The mode authorized, authorization object is authorized by the authorization identification information that client generates according to server, simple to operation.
Further, as refining further and extension above-described embodiment, server is performed according to visitor in step 101
Before family end log-on message generates authorization identification information, server receives the registration request that client sends, in this registration request
Comprise the log-on messages such as User Identity, after registration request is audited by server based on log-on message, if examination & verification is passed through,
Then send the information succeeded in registration to client, and the User Identity of authorization object is stored;If server is audited
Do not pass through, then send to client and register unsuccessful announcement information.
In concrete application process, server can record a mapping relations list, and this mapping relations list records has
User Identity, authorization identification information, authorization object version number between corresponding relation, it is simple to control lock unify
Management and monitoring.After server examination & verification is by the registration request of client, User Identity is stored in mapping relations table
In.
Further, server includes in the concrete steps generating authorization identification information according to client registers information: clothes
Business device obtains the User Identity of authorization object, generates authorization identification information according to the User Identity of authorization object, its
In, User Identity is including but not limited to herein below, such as: identification card number, telephone number, company's station number, mailbox
Etc..
Further, in prior art, lockmaking mechanism can be to the control produced in order to promote the combination property controlling lock
Lock is upgraded, but, during to controlling lock escalation, need user to lock the control of legacy version by sides such as mailing
Formula, is back to lockmaking mechanism, in order to the control of legacy version is locked and upgraded by lockmaking mechanism, and a series of process is the most multiple
Miscellaneous, there is hysteresis quality, affect user's use to controlling lock.
In order to solve the problems referred to above, in the embodiment of the present invention, server can detect whether authorization object exists more redaction,
If detecting there is more redaction in authorization object, then send authorization object to client and there is the notification message of more redaction.
When client receives after the authorization object that server sends exists the notification message of more redaction, send out to server
Sending authorization object to update solicited message, this authorization object updates in solicited message and comprises authorization identification information.Server receives also
The authorization object that customer in response end sends updates solicited message, searches the authorization object liter of latest edition according to authorization identification information
Level bag, and the authorization object AKU of latest edition is sent to client, in order to the authorization object of legacy version is entered by client
Row upgrading, conveniently realizes the online upgrading of authorization object (controlling lock).
Further, in order to ensure the liter level security of control lock, prevent malicious person from forging control lock PKI, thus private with it
Key reaches the purpose of deciphering upgrading data.Server is searching the authorization object liter of corresponding latest edition with authorization identification information
Before level bag, server obtains authorization object and updates the authorization identification information in solicited message and the certificate chain of authorization object, makes
With authorization identification information and certificate chain, authorization object is authenticated;If authorization object updates comprises mandate mark in solicited message
Information, then server inquires about this control lock public data in the server according to this authorization identification information, such as: Merchant name,
Producing the data such as article No., if inquiring about unsuccessfully, then authorization object renewal solicited message is illegal;If successful inquiring, then basis
Authorization identification information determines the cipher mode of correspondence, uses the authorization object AKU to latest edition of the cipher mode after determining
It is encrypted, and the authorization object AKU of the latest edition after encryption is signed, and send to client.The present invention is real
Executing the cipher mode described in example is the public key encryption mode determined when producing authorization object (controlling lock).
If authorization object updates the certificate chain carrying authorization object in solicited message, server first verifies that this certificate chain is fitted
Whether close legal and this certificate chain to be issued by lockmaking mechanism, if be proved to be successful, then it is right to determine according to authorization identification information
The cipher mode answered, uses the cipher mode after determining to be encrypted the authorization object AKU of latest edition, and to encryption
After the authorization object AKU of latest edition sign, and send to client.
Further, the embodiment of the present invention also provides for another kind of authorization method, and the method is applied to client, such as Fig. 2 institute
Showing, described method includes:
201, user end to server sends registration request.
Wherein, described registration request comprises log-on message.
202, after client registers success, send acquisition according to described registration information to described server and authorize mark
The solicited message of information.
Wherein, described authorization identification information is generated according to described log-on message by described server.
Client is after succeeding in registration, in order to this authorization object (control lock) being carried out the customization of user identity, need to
Server obtains the authorization identification information of this authorization object, it is achieved control the online identity customization of lock.
203, client receives described authorization identification information, and awards authorization object according to described authorization identification information
Power.
A kind of authorization method that the embodiment of the present invention provides, server generates according to client registers information and authorizes mark letter
Breath, after generating authorization identification information, receives the solicited message of the acquisition authorization identification information that client sends, and to this request
Information responds, and sends authorization flag information to client, in order to client is according to the authorization identification information pair obtained
Authorization object authorizes, and compared with the authorisation step passing through very complicated in prior art, the embodiment of the present invention is by online
The mode authorized, authorization object is authorized by the authorization identification information that client generates according to server, simple to operation.
Further, as refining further and extension above-described embodiment, perform according to described mandate in step 203
When authorization object is authorized by identification information, including: client sets up communication connection with authorization object, will according to communication connection
Authorization identification information is embedded in authorization object, it is achieved the customization of general controls lock.
Further, owing to authorization object may exist upgraded version, to optimize the combination property of authorization object, because of
This, after authorization object is authorized by client according to authorization identification information, the authorization object receiving server transmission is deposited
At the notification message of more redaction, user end to server sends authorization object and updates solicited message, and this authorization object updates please
Ask and information comprises authorization identification information, after this authorization object renewal solicited message is responded by server, receive clothes
The authorization object AKU of the latest edition that business device sends, and use the authorization object AKU of this latest edition to legacy version
Authorization object is updated.To solve in prior art, authorization object updates the problem that step is complicated.
Further, in order to determine the safety problem in authorization object escalation process, server is received in client
After the authorization object AKU of the latest edition sent, according to authorization identification information, client determines that the mandate of latest edition is right
As the manner of decryption that AKU is corresponding, and use the manner of decryption of the authorization object AKU of latest edition that latest edition is awarded
Power object AKU is decrypted, and performs the renewal of authorization object.In actual applications, client is first by disposing in advance
In the PKI controlling lock the authorization object AKU of latest edition carried out the sign test of data signature, after sign test is passed through, client
The private key using PKI corresponding carries out the deciphering of authorization object AKU, performs the upgrading of authorization object after successful decryption.
Further, above the mistake that authorization object (control lock) is authorized by client and server has been respectively illustrated
Journey, will illustrate the interaction of client with server below.As it is shown on figure 3, Fig. 3 shows that the embodiment of the present invention carries
A kind of client of confession and the block architecture diagram of server interaction, wherein, the exemplary only citing of Fig. 3, the embodiment of the present invention pair
Shown in Fig. 3, content is not especially limited.
Wherein, as shown in Figure 4, server interaction flow concrete with client step includes:
401, user end to server sends registration request.
Wherein, described registration request comprises log-on message.
402, server receives the registration request that described client sends;In response to described registration request, and to described visitor
Family end sends the information succeeded in registration;The User Identity of described authorization object is stored.
Wherein, described registration request comprises described log-on message, described log-on message comprises described authorization object
User Identity.
403, server generates authorization identification information according to the User Identity of authorization object.
404, client sends acquisition according to the User Identity of described authorization object to described server and authorizes mark
The solicited message of information.
405, server receives the solicited message obtaining described authorization identification information that described client sends;In response to institute
State solicited message, described authorization identification information is sent to described client.
406, client receives described authorization identification information, and awards authorization object according to described authorization identification information
Power.
407, server detects whether described authorization object exists more redaction;If detecting, described authorization object exists more
Redaction, then send described authorization object to described client and there is the notification message of more redaction.
408, there is the notification message of more redaction in the authorization object that the described server of client reception sends;To described clothes
Business device sends authorization object and updates solicited message, and described authorization object updates in solicited message and comprises described authorization identification information.
409, server receives the authorization object renewal solicited message that described client sends, and described authorization object updates please
Ask and information comprises described authorization identification information;Update solicited message in response to described authorization object, authorize mark according to described
The authorization object of the latest edition that information searching is corresponding, and the authorization object of described latest edition is sent to described client.
410, client receives the authorization object of the latest edition that described server sends, and uses described latest edition
The authorization object of legacy version is updated by authorization object.
It should be noted that not closing step 401 to the detailed description of step 410 refer to above-mentioned associated description, the present invention
Embodiment repeats the most one by one at this.
Further, as to the realization of method shown in above-mentioned Fig. 1, another embodiment of the present invention additionally provides a kind of service
Device.This device embodiment is corresponding with preceding method embodiment, and for ease of reading, preceding method is no longer implemented by this device embodiment
Detail content in example repeats one by one, it should be understood that the device in the present embodiment correspondence can realize preceding method in fact
Execute the full content in example.
The embodiment of the present invention provides a kind of server, as it is shown in figure 5, this server includes:
Signal generating unit 51, for generating authorization identification information according to client registers information;
First receives unit 52, awards described in acquisition described signal generating unit 51 generation that described client sends for receiving
The solicited message of power identification information;
First transmitting element 53, for receiving, in response to described first, the described solicited message that unit 52 receives, by described
Authorization identification information sends to described client, in order to authorization object is carried out by described client according to described authorization identification information
Authorize.
Further, as shown in Figure 6, described server includes:
Second receives unit 54, for generating authorization identification information in described signal generating unit 51 according to client registers information
Before, the registration request that described client sends is received;Wherein, described registration request comprises described log-on message, described note
Volume information comprises the User Identity of described authorization object;
Second transmitting element 55, for the described registration request received in response to described second reception unit 54, and to
Described client sends the information succeeded in registration;
Memory element 56, deposits for receiving the User Identity of the described authorization object that unit 54 receives by described second
Storage.
Further, as shown in Figure 6, described signal generating unit 51 includes:
Acquisition module 511, for obtaining the User Identity of described authorization object;
Generation module 512, the User Identity of the described authorization object for obtaining according to described acquisition module 511 is raw
Become described authorization identification information.
Further, as shown in Figure 6, described server also includes:
Detector unit 57, is used for detecting whether described authorization object exists more redaction;
3rd transmitting element 58, is used for when described detector unit 57 detects that described authorization object exists more redaction,
Send described authorization object to described client and there is the notification message of more redaction.
Further, as shown in Figure 6, described server also includes:
3rd receives unit 59, and the authorization object sent for receiving described client updates solicited message, described mandate
Object updates in solicited message and comprises described authorization identification information;
Search unit 5010, more newly requested for the described authorization object received in response to described 3rd reception unit 59
Information, searches the authorization object of corresponding latest edition according to described authorization identification information;
4th transmitting element 5011, the authorization object of the described latest edition for being searched by described lookup unit 5010 is sent out
Deliver to described client.
Further, as shown in Figure 6, described server also includes:
Acquiring unit 5012, for searching the up-to-date of correspondence at described lookup unit 5010 according to described authorization identification information
Before the authorization object of version, obtain described authorization object and update the authorization identification information in solicited message or the card of authorization object
Book chain;
Authentication ' unit 5013, for the described authorization identification information obtained according to described acquiring unit 5012 or authorization object
Certificate chain to described authorization object update solicited message be authenticated;
Described lookup unit 5010, is additionally operable to when described authentication ' unit 5013 certification success, authorizes mark according to described
The authorization object of the latest edition that information searching is corresponding.
Further, as shown in Figure 6, described 4th transmitting element 5011 includes:
Determine module 50111, for determining the cipher mode of correspondence according to described authorization identification information;
Encrypting module 50112, for use described determine module 50111 determine after cipher mode to described latest edition
Authorization object be encrypted;
Processing module 50113, the authorization object of the latest edition after being encrypted by described encrypting module 50112 is signed
Name, and send to described client.
The embodiment of the present invention also provides for a kind of client, as it is shown in fig. 7, described client includes:
First transmitting element 71, for sending registration request to server, wherein, comprises registration letter in described registration request
Breath;
Second transmitting element 72, after being used for succeeding in registration, obtains to the transmission of described server according to described registration information
Taking the solicited message of authorization identification information, wherein, described authorization identification information is raw according to described log-on message by described server
Become;
First receives unit 73, is used for receiving described authorization identification information;
Granted unit 74, right to authorizing for the described authorization identification information received according to described first reception unit 73
As authorizing.
Further, as shown in Figure 8, described granted unit 74 includes:
Set up module 741, for setting up the communication connection between described authorization object;
Embedded module 742, for setting up the described communication connection of module foundation by described authorization identification information according to described
Inside it is embedded to described authorization object.
Further, as shown in Figure 8, described client also includes:
Second receive unit 75, at described second transmitting element 72 according to described registration information to described service
Before device sends the solicited message obtaining authorization identification information, there is more redaction in the authorization object receiving the transmission of described server
Notification message;
3rd transmitting element 76, updates solicited message, described authorization object for sending authorization object to described server
Update in solicited message and comprise described authorization identification information;
3rd receives unit 77, for receiving the authorization object of the latest edition that described server sends;
Updating block 78, for using the described 3rd authorization object pair receiving the described latest edition that unit 77 receives
The authorization object of legacy version is updated.
Further, as shown in Figure 8, described client also includes:
Determine unit 79, receive the mandate of the latest edition that described server sends for receiving unit 77 the described 3rd
After object, determine, according to described authorization identification information, the manner of decryption that the authorization object of described latest edition is corresponding;
Decryption unit 710, described determines that the authorization object of described latest edition that unit 79 determines is corresponding for using
The authorization object of described latest edition is decrypted by manner of decryption.
Further, the embodiment of the present invention also provides for a kind of authoring system, as it is shown in figure 9, described system includes: such as Fig. 5
Or the server shown in arbitrary width and the client 92 as shown in width arbitrary in Fig. 7 or Fig. 8 in Fig. 6.
A kind of client, server and the authoring system that the present invention provides, server generates according to client registers information
Authorization identification information, after generating authorization identification information, receives the solicited message of the acquisition authorization identification information that client sends,
And this solicited message is responded, authorization flag information is sent to client, in order to client is according to the mandate obtained
Authorization object is authorized by identification information, and compared with the authorisation step passing through very complicated in prior art, the present invention implements
Example is by the way of online mandate, and authorization object is authorized by the authorization identification information that client generates according to server, letter
Single easily operation.
Described server includes processor and memorizer, above-mentioned signal generating unit, the first reception unit and the first transmitting element
Store in memory as program unit Deng all, processor perform storage said procedure unit in memory and realize
Corresponding function.
Processor comprises kernel, kernel goes memorizer is transferred corresponding program unit.Kernel can arrange one
More than or, when solving in prior art to authorize authorization object (controlling lock) by adjusting kernel parameter, operating process is numerous
The problem of trivial complexity, it is achieved simplify the authorisation step of authorization object.
Memorizer potentially includes the volatile memory in computer-readable medium, random access memory (RAM) and/
Or the form such as Nonvolatile memory, such as read only memory (ROM) or flash memory (flash RAM), memorizer includes that at least one is deposited
Storage chip.
Present invention also provides a kind of computer program, when performing in data handling equipment, at the beginning of being adapted for carrying out
Beginningization has the program code of following method step: server generates authorization identification information according to client registers information;Receive institute
State the solicited message obtaining described authorization identification information that client sends;In response to described solicited message, authorize mark by described
Knowledge information sends to described client, in order to authorization object is authorized by described client according to described authorization identification information.
In the above embodiment of the present invention, the description to each embodiment all emphasizes particularly on different fields, and does not has in certain embodiment
The part described in detail, may refer to the associated description of other embodiments.
Those skilled in the art are it should be appreciated that embodiments herein can be provided as method, system or computer program
Product.Therefore, the reality in terms of the application can use complete hardware embodiment, complete software implementation or combine software and hardware
Execute the form of example.And, the application can use at one or more computers wherein including computer usable program code
The upper computer program product implemented of usable storage medium (including but not limited to disk memory, CD-ROM, optical memory etc.)
The form of product.
The application is with reference to method, equipment (system) and the flow process of computer program according to the embodiment of the present application
Figure and/or block diagram describe.It should be understood that can the most first-class by computer program instructions flowchart and/or block diagram
Flow process in journey and/or square frame and flow chart and/or block diagram and/or the combination of square frame.These computer programs can be provided
Instruction arrives the processor of general purpose computer, special-purpose computer, Embedded Processor or other programmable data processing device to produce
A raw machine so that the instruction performed by the processor of computer or other programmable data processing device is produced for real
The device of the function specified in one flow process of flow chart or multiple flow process and/or one square frame of block diagram or multiple square frame now.
These computer program instructions may be alternatively stored in and computer or other programmable data processing device can be guided with spy
Determine in the computer-readable memory that mode works so that the instruction being stored in this computer-readable memory produces and includes referring to
Make the manufacture of device, this command device realize at one flow process of flow chart or multiple flow process and/or one square frame of block diagram or
The function specified in multiple square frames.
These computer program instructions also can be loaded in computer or other programmable data processing device so that at meter
Perform sequence of operations step on calculation machine or other programmable devices to produce computer implemented process, thus at computer or
The instruction performed on other programmable devices provides for realizing at one flow process of flow chart or multiple flow process and/or block diagram one
The step of the function specified in individual square frame or multiple square frame.
In a typical configuration, calculating equipment includes one or more processor (CPU), input/output interface, net
Network interface and internal memory.
Memorizer potentially includes the volatile memory in computer-readable medium, random access memory (RAM) and/
Or the form such as Nonvolatile memory, such as read only memory (ROM) or flash memory (flash RAM).Memorizer is that computer-readable is situated between
The example of matter.
Computer-readable medium includes that removable media permanent and non-permanent, removable and non-can be by any method
Or technology realizes information storage.Information can be computer-readable instruction, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase transition internal memory (PRAM), static RAM (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read only memory (ROM), electric erasable
Programmable read only memory (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc read only memory (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassette tape, the storage of tape magnetic rigid disk or other magnetic storage apparatus
Or any other non-transmission medium, can be used for the information that storage can be accessed by a computing device.According to defining herein, calculate
Machine computer-readable recording medium does not include temporary computer readable media (transitory media), such as data signal and the carrier wave of modulation.
Also, it should be noted term " includes ", " comprising " or its any other variant are intended to nonexcludability
Comprise, so that include that the process of a series of key element, method, commodity or equipment not only include those key elements, but also wrap
Include other key elements being not expressly set out, or also include want intrinsic for this process, method, commodity or equipment
Element.In the case of there is no more restriction, statement " including ... " key element limited, it is not excluded that including key element
Process, method, commodity or equipment there is also other identical element.
It will be understood by those skilled in the art that embodiments herein can be provided as method, system or computer program.
Therefore, the embodiment in terms of the application can use complete hardware embodiment, complete software implementation or combine software and hardware
Form.And, the application can use can be with depositing at one or more computers wherein including computer usable program code
The shape of the upper computer program implemented of storage media (including but not limited to disk memory, CD-ROM, optical memory etc.)
Formula.
These are only embodiments herein, be not limited to the application.To those skilled in the art,
The application can have various modifications and variations.All made within spirit herein and principle any amendment, equivalent,
Improve, within the scope of should be included in claims hereof.
Claims (23)
1. an authorization method, it is characterised in that including:
Server generates authorization identification information according to client registers information;
Receive the solicited message obtaining described authorization identification information that described client sends;
In response to described solicited message, described authorization identification information is sent to described client, in order to described client according to
Authorization object is authorized by described authorization identification information.
Method the most according to claim 1, it is characterised in that generate mandate mark according to client registers information at server
Before knowledge information, described method includes:
Receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, described registration
Information comprises the User Identity of described authorization object;
In response to described registration request, and send the information succeeded in registration to described client;
The User Identity of described authorization object is stored.
Method the most according to claim 2, it is characterised in that server generates according to client registers information and authorizes mark
Information includes:
Obtain the User Identity of described authorization object;
User Identity according to described authorization object generates described authorization identification information.
Method the most according to claim 1, it is characterised in that described method also includes:
Detect whether described authorization object exists more redaction;
If detecting there is more redaction in described authorization object, then send described authorization object to described client and there is more new edition
This notification message.
Method the most according to claim 4, it is characterised in that described method also includes:
Receiving the authorization object renewal solicited message that described client sends, described authorization object updates in solicited message and comprises institute
State authorization identification information;
Update solicited message in response to described authorization object, search awarding of corresponding latest edition according to described authorization identification information
Power object AKU, and the authorization object AKU of described latest edition is sent to described client.
Method the most according to claim 5, it is characterised in that searching the up-to-date of correspondence according to described authorization identification information
Before the authorization object AKU of version, described method also includes:
Obtain described authorization object and update the authorization identification information in solicited message or the certificate chain of authorization object;
Certificate chain according to described authorization identification information or authorization object updates solicited message to described authorization object and is authenticated;
The authorization object AKU searching corresponding latest edition according to described authorization identification information includes:
If certification success, then search the authorization object AKU of corresponding latest edition according to described authorization identification information.
Method the most according to claim 6, it is characterised in that the authorization object AKU of described latest edition is sent extremely
Described client includes:
The cipher mode of correspondence is determined according to described authorization identification information;
Use the cipher mode after determining that the authorization object AKU of described latest edition is encrypted;
The authorization object AKU of the latest edition after encryption is signed, and sends to described client.
8. an authorization method, it is characterised in that including:
User end to server sends registration request, wherein, comprises log-on message in described registration request;
After succeeding in registration, send the request letter of acquisition authorization identification information to described server according to described registration information
Breath, wherein, described authorization identification information is generated according to described log-on message by described server;
Receive described authorization identification information, and according to described authorization identification information, authorization object is authorized.
Method the most according to claim 8, it is characterised in that authorization object is awarded according to described authorization identification information
Power includes:
Set up the communication connection between described authorization object;
It is embedded to described authorization object by described authorization identification information according to described communication connection.
Method the most according to claim 8, it is characterised in that authorization object is being entered according to described authorization identification information
After row authorizes, described method also includes:
There is the notification message of more redaction in the authorization object receiving the transmission of described server;
Send authorization object to described server and update solicited message, described authorization object update in solicited message comprise described in award
Power identification information;
Receive the authorization object AKU of the latest edition that described server sends, and use the authorization object of described latest edition
The authorization object of legacy version is updated by AKU.
11. methods according to claim 10, it is characterised in that receiving the awarding of latest edition that described server sends
After power object AKU, described method also includes:
The manner of decryption that the authorization object AKU of described latest edition is corresponding is determined according to described authorization identification information;
The authorization object of described latest edition is entered by the manner of decryption using the authorization object AKU of described latest edition corresponding
Row deciphering.
12. 1 kinds of servers, it is characterised in that including:
Signal generating unit, for generating authorization identification information according to client registers information;
First receives unit, for receiving the described mandate mark letter obtaining the generation of described signal generating unit that described client sends
The solicited message of breath;
First transmitting element, for receiving, in response to described first, the described solicited message that unit receives, authorizes mark by described
Information sends to described client, in order to authorization object is authorized by described client according to described authorization identification information.
13. servers according to claim 12, it is characterised in that described server includes:
Second receives unit, before generating authorization identification information in described signal generating unit according to client registers information, connects
Receive the registration request that described client sends;Wherein, described registration request comprises described log-on message, in described log-on message
Comprise the User Identity of described authorization object;
Second transmitting element, for receiving, in response to described second, the described registration request that unit receives, and to described client
End sends the information succeeded in registration;
Memory element, for receiving the User Identity storage of the described authorization object that unit receives by described second.
14. servers according to claim 13, it is characterised in that described signal generating unit includes:
Acquisition module, for obtaining the User Identity of described authorization object;
Generation module, the User Identity of the described authorization object for obtaining according to described acquisition module generates described mandate
Identification information.
15. servers according to claim 12, it is characterised in that described server also includes:
Detector unit, is used for detecting whether described authorization object exists more redaction;
3rd transmitting element, for when described detector unit detects that described authorization object exists more redaction, to described visitor
Family end sends described authorization object and there is the notification message of more redaction.
16. servers according to claim 15, it is characterised in that described server also includes:
3rd receives unit, and the authorization object sent for receiving described client updates solicited message, and described authorization object is more
Newly requested information comprises described authorization identification information;
Search unit, for receiving, in response to the described 3rd, the described authorization object renewal solicited message that unit receives, according to
Described authorization identification information searches the authorization object AKU of corresponding latest edition;
4th transmitting element, the authorization object AKU of the described latest edition for being searched by described lookup unit sends to institute
State client.
17. servers according to claim 16, it is characterised in that described server also includes:
Acquiring unit, right for the mandate searching corresponding latest edition according to described authorization identification information at described lookup unit
Before AKU, obtain described authorization object and update the authorization identification information in solicited message or the certificate chain of authorization object;
Authentication ' unit, is used for the certificate chain of described authorization identification information or the authorization object obtained according to described acquiring unit to institute
State authorization object renewal solicited message to be authenticated;
Described lookup unit, is additionally operable to when described authentication ' unit certification success, searches correspondence according to described authorization identification information
The authorization object AKU of latest edition.
18. servers according to claim 17, it is characterised in that described 4th transmitting element includes:
Determine module, for determining the cipher mode of correspondence according to described authorization identification information;
Encrypting module, for use described determine module determine after cipher mode the authorization object of described latest edition is upgraded
Bag is encrypted;
Processing module, the authorization object AKU of the latest edition after being encrypted by described encrypting module is signed, concurrently
Deliver to described client.
19. 1 kinds of clients, it is characterised in that including:
First transmitting element, for sending registration request to server, wherein, comprises log-on message in described registration request;
Second transmitting element, after being used for succeeding in registration, sends acquisition according to described registration information to described server and authorizes
The solicited message of identification information, wherein, described authorization identification information is generated according to described log-on message by described server;
First receives unit, is used for receiving described authorization identification information;
Granted unit, awards authorization object for the described authorization identification information received according to described first reception unit
Power.
20. clients according to claim 19, it is characterised in that described granted unit includes:
Set up module, for setting up the communication connection between described authorization object;
Embedded module, for being embedded to institute according to the described described communication connection setting up module foundation by described authorization identification information
State authorization object.
21. clients according to claim 19, it is characterised in that described client also includes:
Second receives unit, for authorization object being authorized it at described granted unit according to described authorization identification information
After, there is the notification message of more redaction in the authorization object receiving the transmission of described server;
3rd transmitting element, updates solicited message for sending authorization object to described server, and described authorization object updates please
Ask and information comprises described authorization identification information;
3rd receives unit, for receiving the authorization object AKU of the latest edition that described server sends;
Updating block, for using the described 3rd to receive the authorization object AKU of the described latest edition that unit receives to old
The authorization object of version is updated.
22. clients according to claim 21, it is characterised in that described client also includes:
Determine unit, receive the authorization object upgrading of the latest edition that described server sends for receiving unit the described 3rd
After bag, determine, according to described authorization identification information, the manner of decryption that the authorization object AKU of described latest edition is corresponding;
Decryption unit, for using the deciphering that the described authorization object AKU determining described latest edition that unit determines is corresponding
The authorization object of described latest edition is decrypted by mode.
23. 1 kinds of authoring systems, it is characterised in that described system includes: the service as according to any one of claim 12-18
Device and the client as according to any one of claim 19-22.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610797546.3A CN106161470B (en) | 2016-08-31 | 2016-08-31 | A kind of authorization method, client, server and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610797546.3A CN106161470B (en) | 2016-08-31 | 2016-08-31 | A kind of authorization method, client, server and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106161470A true CN106161470A (en) | 2016-11-23 |
CN106161470B CN106161470B (en) | 2019-02-26 |
Family
ID=57344449
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610797546.3A Active CN106161470B (en) | 2016-08-31 | 2016-08-31 | A kind of authorization method, client, server and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106161470B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107169316A (en) * | 2017-04-13 | 2017-09-15 | 北京深思数盾科技股份有限公司 | A kind of method and system of trustship hardware controls lock |
CN107358066A (en) * | 2017-07-20 | 2017-11-17 | 北京深思数盾科技股份有限公司 | Software license methods, devices and systems |
CN109474433A (en) * | 2018-10-23 | 2019-03-15 | 航天信息股份有限公司 | Client certificate based on billing system signs and issues method and device |
CN112968863A (en) * | 2021-01-17 | 2021-06-15 | 迅鳐成都科技有限公司 | Distributed authorization management method, device and storage medium based on R tree |
CN113282891A (en) * | 2021-06-28 | 2021-08-20 | 北京安天网络安全技术有限公司 | Version authorization control method and device, computing equipment and storage medium |
CN116340893A (en) * | 2022-12-26 | 2023-06-27 | 上海通天晓信息技术有限公司 | Service provider application authorization system, method, electronic equipment and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102202057A (en) * | 2011-05-18 | 2011-09-28 | 株洲南车时代电气股份有限公司 | System and method for safely dumping data of mobile memory |
CN104063789A (en) * | 2013-03-18 | 2014-09-24 | 财付通支付科技有限公司 | Method, device and system used for processing processed object |
CN104113552A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
US20150180838A1 (en) * | 2012-12-12 | 2015-06-25 | Institute For Information Industry | Major management apparatus, authorized management apparatus, electronic apparatus for delegation management, and delegation management methods thereof |
-
2016
- 2016-08-31 CN CN201610797546.3A patent/CN106161470B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102202057A (en) * | 2011-05-18 | 2011-09-28 | 株洲南车时代电气股份有限公司 | System and method for safely dumping data of mobile memory |
US20150180838A1 (en) * | 2012-12-12 | 2015-06-25 | Institute For Information Industry | Major management apparatus, authorized management apparatus, electronic apparatus for delegation management, and delegation management methods thereof |
CN104063789A (en) * | 2013-03-18 | 2014-09-24 | 财付通支付科技有限公司 | Method, device and system used for processing processed object |
CN104113552A (en) * | 2014-07-28 | 2014-10-22 | 百度在线网络技术(北京)有限公司 | Platform authorization method, platform server side, application client side and system |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107169316A (en) * | 2017-04-13 | 2017-09-15 | 北京深思数盾科技股份有限公司 | A kind of method and system of trustship hardware controls lock |
CN107358066A (en) * | 2017-07-20 | 2017-11-17 | 北京深思数盾科技股份有限公司 | Software license methods, devices and systems |
CN109474433A (en) * | 2018-10-23 | 2019-03-15 | 航天信息股份有限公司 | Client certificate based on billing system signs and issues method and device |
CN112968863A (en) * | 2021-01-17 | 2021-06-15 | 迅鳐成都科技有限公司 | Distributed authorization management method, device and storage medium based on R tree |
CN112968863B (en) * | 2021-01-17 | 2022-11-18 | 迅鳐成都科技有限公司 | Distributed authorization management method and device based on R tree and storage medium |
CN113282891A (en) * | 2021-06-28 | 2021-08-20 | 北京安天网络安全技术有限公司 | Version authorization control method and device, computing equipment and storage medium |
CN116340893A (en) * | 2022-12-26 | 2023-06-27 | 上海通天晓信息技术有限公司 | Service provider application authorization system, method, electronic equipment and storage medium |
CN116340893B (en) * | 2022-12-26 | 2024-02-02 | 上海通天晓信息技术有限公司 | Service provider application authorization system, method, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN106161470B (en) | 2019-02-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210351931A1 (en) | System and method for securely processing an electronic identity | |
US20230246842A1 (en) | Compact recordation protocol | |
US9792598B2 (en) | System and method for initially establishing and periodically confirming trust in a software application | |
US20200211002A1 (en) | System and method for authorization token generation and transaction validation | |
CN106161470B (en) | A kind of authorization method, client, server and system | |
US8095519B2 (en) | Multifactor authentication with changing unique values | |
CN104919775B (en) | The system and method synchronous for key chain | |
US9159046B2 (en) | Systems and methods for implementing supply chain visibility policies | |
CN112106324A (en) | Methods, computer program products and devices for creating, registering and verifying digitally stamped assets | |
US20140156531A1 (en) | System and Method for Authenticating Transactions Through a Mobile Device | |
EP2810402A2 (en) | A method and database system for secure storage and communication of information | |
CN111160909B (en) | Hidden static supervision system and method for blockchain supply chain transaction | |
CN106936588A (en) | A kind of trustship method, the apparatus and system of hardware controls lock | |
CN113557508A (en) | Method, computer program product and apparatus for transferring ownership rights to digital assets | |
CN104137111A (en) | Information processing apparatus, information processing system, information processing method and computer program | |
US10108937B2 (en) | Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof | |
CN110166452A (en) | A kind of access control method and system based on JavaCard shared interface | |
Oliveira | Dynamic QR codes for Ticketing Systems | |
CN117557260A (en) | Virtual currency wallet implementation method, system and electronic equipment | |
CN115150831A (en) | Processing method, device, server and medium for network access request |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee after: Beijing Shendun Technology Co.,Ltd. Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder |