CN108494794A - A kind of auth method and device - Google Patents
A kind of auth method and device Download PDFInfo
- Publication number
- CN108494794A CN108494794A CN201810321174.6A CN201810321174A CN108494794A CN 108494794 A CN108494794 A CN 108494794A CN 201810321174 A CN201810321174 A CN 201810321174A CN 108494794 A CN108494794 A CN 108494794A
- Authority
- CN
- China
- Prior art keywords
- icon
- icons
- several
- server
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Power Engineering (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
Abstract
A kind of auth method of present invention offer and device, server can generate the first random icon and several second icons, and the first icon can be sent to client, and client can show first icon;First icon and several second icons are sent to authority checking equipment, authority checking equipment can show the first icon and several second icons, when the third icon that user is inputted in authority checking equipment is equal to the first icon, authentication success.It can be in the apparatus, it is only necessary to which user reads the first icon from client, and selects the first icon that can be changed at any time since the first icon is generated at random by server in authority checking equipment, to safe;And user is only needed to select the first icon in authority checking equipment, consequently facilitating user uses.
Description
Technical field
The present invention relates to identity validation technology field more particularly to a kind of auth methods and device.
Background technology
In practice, when user wants to log on to certain server, in order to improve safety, the usual server can lead to
Cross some approach(For example, passing through SMS or mailbox etc.)Disposal password is sent to user, to only be inputted in user
Username and password it is all correct, and when disposal password is identical as the disposal password transmitted by server before, Yong Hucai
The server can be successfully logged in, this technology is TOTP(Time-based One-Time Password are based on timestamp
The disposal password of algorithm).Here disposal password is usually all that user is manually entered, it is to be understood that this mode
It is comparatively laborious, it is not easy to the use of user.
Therefore, a kind of user-friendly auth method is designed, a kind of urgent problem to be solved is just become.
Invention content
The purpose of the present invention is to provide a kind of auth method and devices.
One of in order to achieve the above-mentioned object of the invention, an embodiment of the present invention provides a kind of identity for server and tests
Card method, includes the following steps:Transmitted by reception client includes the logging request of username and password;Described in determination
When username and password all passes through authentication, first icon and several second icons are generated based on random algorithm, and will
First icon is sent to the client, the first icon and several second icons is sent to authority checking equipment, wherein described
First icon and several second icons include character string and with coloured icon;It receives transmitted by the authority checking equipment
Third icon, and determining that character string that third icon is included is equal to the character string that the first icon is included and third figure
When target color is equal to the color of the first icon, pass through authentication.
As being further improved for an embodiment of the present invention, if it is described based on random algorithm generate first icon and
Dry second icon, including:First icon and two the second icons are generated based on random algorithm.
An embodiment of the present invention provides a kind of authentication means for server, comprises the following modules:Log in letter
Cease receiving module, for receive transmitted by client include username and password logging request;Authentication module is used for
When determining that the username and password all passes through authentication, first icon and several second figures are generated based on random algorithm
It marks, and the first icon is sent to the client, the first icon and several second icons are sent to authority checking equipment,
In, first icon and several second icons include character string and with coloured icon;Processing module, for receiving
The third icon transmitted by authority checking equipment is stated, and is determining that the character string that third icon is included is wrapped equal to the first icon
When the color of the character string and third icon that contain is equal to the color of the first icon, pass through authentication.
An embodiment of the present invention provides a kind of auth method for client, includes the following steps:To clothes
Business device transmission includes the logging request of username and password;Receive the first icon transmitted by server;Show the first icon.
As being further improved for an embodiment of the present invention, the first icon of the displaying, including:It is shown by display screen
First icon.
An embodiment of the present invention provides a kind of authentication means for client, comprises the following modules:Request
Sending module, for including the logging request of username and password to server transmission;First information receiving module, for connecing
Receive the first icon transmitted by server;First display module, for showing the first icon.
An embodiment of the present invention provides a kind of auth method for authority checking equipment, including following step
Suddenly:Receive the first icon transmitted by server and several second icons;Show the first icon and several second icons, and will be from
The third icon that input equipment is inputted is sent to the server, and third icon is first icon and several second icons
In any.
As being further improved for an embodiment of the present invention, first icon and several received transmitted by server
Second icon, including:Receive the first icon and two the second icons transmitted by server.
As being further improved for an embodiment of the present invention, the first icon of the displaying and several second icons, and will
The third icon inputted from input equipment is sent to the server, including:The first icon and several is shown on the touchscreen
Third icon is sent to the server by the second icon when third icon is touched.
An embodiment of the present invention provides a kind of authentication means for authority checking equipment, including with lower die
Block:Second information receiving module, for receiving the first icon and several second icons transmitted by server;Second displaying mould
The third icon inputted from input equipment for showing the first icon and several second icons, and is sent to the clothes by block
Business device, third icon are any in first icon and several second icons.
Compared with the existing technology, the technical effects of the invention are that:The embodiment of the present invention provides a kind of auth method
And device, server can generate the first random icon and several second icons, and can the first icon be sent to client, visitor
Family end can show first icon;First icon and several second icons are sent to authority checking equipment, authority checking
Equipment can show the first icon and several second icons, when the third icon that user is inputted in authority checking equipment is equal to the
When one icon, authentication success.It can be in the apparatus, it is only necessary to which user reads the first icon from client, and is authorizing
Verification equipment selects the first icon that can be changed at any time since the first icon is generated at random by server, to pacify
Quan Xinggao;And user is only needed to select the first icon in authority checking equipment, consequently facilitating user uses.
Description of the drawings
Fig. 1 is the Organization Chart of the embodiment of the present invention;
Fig. 2 is the flow diagram of the auth method for server in the embodiment of the present invention one;
Fig. 3 is the flow diagram of the auth method for client in the embodiment of the present invention two;
Fig. 4 is the interface for client in the embodiment of the present invention two;
Fig. 5 is the flow diagram of the auth method for authority checking equipment in the embodiment of the present invention three;
Fig. 6 is the first interface of the authority checking equipment in the embodiment of the present invention three;
Fig. 7 is the second contact surface of the authority checking equipment in the embodiment of the present invention three.
Specific implementation mode
Hereinafter, the present invention will be described in detail with reference to various embodiments shown in the accompanying drawings.But these embodiments are not
The limitation present invention, structure that those skilled in the art are made according to these embodiments, method or change functionally
It changes and is included within the scope of protection of the present invention.
As shown in Figure 1, including server 1, client 2 and authority checking equipment 3 in the present invention;Wherein, server
1 can be the various servers 1 for providing service on network, for example, Web server 1, mailbox server or ERP
(Enterprise Resourse Planning, Enterprise Resource Management)Server 1 etc.;Client 2 can be PC(Personal
Computer, personal computer)Machine etc.;Authority checking equipment 3 can be intelligent mobile terminal(For example, smart mobile phone, tablet electricity
Brain)Deng.
Here it is possible to understand, when user wants the service provided using server 1, it is necessary to first in server 1
On registered, registration when, need user provide username and password, then the mark of authority checking equipment 3 is provided again
Know symbol, then server 1 can preserve the user name that is mutually related, password and authority checking equipment 3 identifier.For example, such as
Fruit authority checking equipment 3 is smart mobile phone, and identifier can be the phone number etc. of smart mobile phone.Authority checking equipment is being provided
When 3 identifier, a Quick Response Code can be shown, if scanning the Quick Response Code with smart mobile phone, which is
The authority checking equipment 3.
In the present invention, can giving the setting of each icon, there are one attribute values, and the mark institute that changes plan is stored by the attribute value
Corresponding color and character string.
The embodiment of the present invention one provides a kind of auth method for server 1, here, the auth method
It is executed by server 1, as shown in Fig. 2, including the following steps:
Step 201:Transmitted by reception client 2 includes the logging request of username and password;When user uses client 2
It when carrying out login service device 1, needs to input username and password, later, client 2 can be stepped on what is sent comprising username and password
Record request be sent to server 1, then, server 1 can receive include username and password logging request.
Step 202:When determining that the username and password all passes through authentication, one the is generated based on random algorithm
One icon and several second icons, and the first icon is sent to the client 2, sends out the first icon and several second icons
It is sent to authority checking equipment 3, wherein first icon and several second icons include character string and with coloured figure
Mark;Here, 1 meeting of server(For example, from the file system or cipher server 1 of server 1)Store that the user name is corresponding to be tested
Password is demonstrate,proved, when successfully obtaining the verification password, and when the verification password is with the password match, means that the username and password is logical
Cross authentication.Optionally, any two icon in first icon and several second icons is all different, i.e., and arbitrary two
The character string that a icon cannot be included and color are all.Optionally, the character string that the first, second icon is included all be by
The character of English alphabet a-z or A-Z are formed by the icon that length is 2.Here, the random algorithm can be:Sherwood
Algorithm, Las Vegas algorithm, numerical value probabilistic algorithm or Monte carlo algorithm etc..
Optionally, described that first icon is sent to the client 2, including:By the first icon and authority checking equipment 3
Identifier be sent to the client 2.
Step 203:It receives the third icon transmitted by the authority checking equipment 3, and is determining that third icon included
Character string when being equal to the color of the first icon character string and third icon for being included and being equal to the color of the first icon, pass through
Authentication.Preferably, described that first icon and several second icons are generated based on random algorithm, including:Based on random
Algorithm generates first icon and two the second icons.
The embodiment of the present invention additionally provides a kind of authentication means for server 1, comprises the following modules:Log in letter
Cease receiving module, for receive transmitted by client 2 include username and password logging request;Authentication module is used for
When determining that the username and password all passes through authentication, first icon and several second is generated based on random algorithm
Icon, and the first icon is sent to the client 2, the first icon and several second icons are sent to authority checking equipment
3, wherein first icon and several second icons include character string and with coloured icon;Processing module, for connecing
It receives the third icon transmitted by the authority checking equipment 3, and is determining that the character string that third icon is included is equal to the first figure
The included character string of mark and when the color of third icon is equal to the color of the first icon, passes through authentication.
Second embodiment of the present invention provides a kind of auth methods for client 2, here, the auth method
Have performed by client 2, as shown in figure 3, including the following steps:
Step 301:Include the logging request of username and password to the transmission of server 1;Here, when user uses client 2
When carrying out game server 1, need to open login page(For example, opening log-on webpage, or opens software and show login page), so
After input username and password, later click " logins " button, at this time client 2 will to server 1 transmission include user
The logging request of name and password.
Step 302:Receive the first icon transmitted by server 1;In embodiment one, server 1 can be by the first icon
It is sent to client 2, to which client 2 will receive the first icon transmitted by server 1.
Step 303:Show the first icon.Here it is possible to the first icon be shown by various modes, for example, passing through display
Screen display etc..
Optionally, client 2 can be received from server 1 by the identifier of the first icon and authority checking equipment 3, to
The identifier and the first icon can be shown simultaneously, for example, in fig. 4 it is shown that identifier " Huawei MHA-AL00 ".
Preferably, the first icon of the displaying, including:The first icon is shown by display screen.It here, as shown in figure 4, can
To show the first icon " 5T " on the screen of client 2, color is marked with oblique line.
The embodiment of the present invention additionally provides a kind of authentication means for client 2, comprises the following modules:Request hair
Module is sent, for including the logging request of username and password to the transmission of server 1;First information receiving module, for connecing
Receive the first icon transmitted by server 1;First display module, for showing the first icon.
The embodiment of the present invention three provides a kind of auth method for authority checking equipment 3, and here, which tests
Card method can be executed by authority checking equipment 3, as shown in figure 5, including the following steps:
Step 501:Receive the first icon transmitted by server 1 and several second icons;In embodiment one, 1 meeting of server
First icon and the second icon are sent to authority checking equipment 3, then, authority checking equipment 3 will receive the first icon
With several second icons.
Step 502:It shows the first icon and several second icons, and the third icon inputted from input equipment is sent
To the server 1, third icon is any in first icon and several second icons.Here, authority checking equipment 3
It can make to show the first icon and several second icons in various manners, for example, displaying etc. on a display screen.Here, user
Any in the first icon and several second icons can be clicked using mouse or touch screen, the icon being clicked is third
Icon.
Preferably, first icon received transmitted by server 1 and several second icons, including:Receive server 1
The first transmitted icon and two the second icons.
Preferably, the first icon of the displaying and several second icons, and the third icon that will be inputted from input equipment
It is sent to the server 1, including:The first icon and several second icons are shown on the touchscreen, when third icon is touched
When, third icon is sent to the server 1.Here, as shown in fig. 6, can first counsel user whether allow to log in, when with
When " √ agreements " is clicked at family, into interface shown in Fig. 7, in the interface, it can show " 5T "(Color is with slash mark), " 5T "
(Color is with grid wire tag)" 2g "(Color is white), at this point, user can read in interface shown in Fig. 4 " 5T "(Face
Color is with slash mark), user clicks " 5T " in the figure 7(Color is with slash mark), at this point, authority checking equipment 3 can be by " 5T "
(Color is with slash mark)Icon be sent to server 1.
The embodiment of the present invention has been also provided to a kind of authentication means for authority checking equipment 3, including with lower die
Block:Second information receiving module, for receiving the first icon and several second icons transmitted by server 1;
Second display module, for showing the first icon and several second icons, and the third figure that will be inputted from input equipment
Mark is sent to the server 1, and third icon is any in first icon and several second icons.
An embodiment of the present invention provides a kind of auth method and device, server 1 can generate the first random icon
With several second icons, and the first icon can be sent to client 2, client 2 can show first icon;By described first
Icon and several second icons are sent to authority checking equipment 3, and authority checking equipment 3 can show the first icon and several second figures
Mark, when the third icon that user is inputted in authority checking equipment 3 is equal to the first icon, authentication success.Can be with,
In the device, it is only necessary to user reads the first icon from client 2, and selects the first icon in authority checking equipment 3, by
It is generated, can be changed at any time at random by server 1 in the first icon, to safe;And user is only needed to authorize
It verifies equipment 3 and selects the first icon, consequently facilitating user uses.
It should be appreciated that although this specification is described in terms of embodiments, but not each embodiment only includes one
A independent technical solution, this description of the specification is merely for the sake of clarity, and those skilled in the art should will say
As a whole, the technical solution in each embodiment may also be suitably combined to form those skilled in the art can for bright book
With the other embodiment of understanding.
The series of detailed descriptions listed above only for the present invention feasible embodiment specifically
Bright, they are all without departing from equivalent implementations made by technical spirit of the present invention not to limit the scope of the invention
Or change should all be included in the protection scope of the present invention.
Claims (10)
1. a kind of auth method for server, which is characterized in that include the following steps:
Transmitted by reception client includes the logging request of username and password;
When determining that the username and password all passes through authentication, first icon and several is generated based on random algorithm
Second icon, and the first icon is sent to the client, the first icon and several second icons are sent to authority checking
Equipment, wherein first icon and several second icons include character string and with coloured icon;
It receives the third icon transmitted by the authority checking equipment, and is determining that character string that third icon is included is equal to the
When the color of character string and third icon that one icon is included is equal to the color of the first icon, pass through authentication.
2. auth method according to claim 1, which is characterized in that described to generate one first based on random algorithm
Icon and several second icons, including:First icon and two the second icons are generated based on random algorithm.
3. a kind of authentication means for server, which is characterized in that comprise the following modules:
Log-on message receiving module, for receive transmitted by client include username and password logging request;
Authentication module, for when determining that the username and password all passes through authentication, one to be generated based on random algorithm
First icon and several second icons, and the first icon is sent to the client, by the first icon and several second icons
It is sent to authority checking equipment, wherein first icon and several second icons include character string and with coloured figure
Mark;
Processing module for receiving the third icon transmitted by the authority checking equipment, and is determining that third icon included
Character string when being equal to the color of the first icon character string and third icon for being included and being equal to the color of the first icon, pass through
Authentication.
4. a kind of auth method for client, which is characterized in that include the following steps:
Include the logging request of username and password to server transmission;
Receive the first icon transmitted by server;
Show the first icon.
5. auth method according to claim 4, which is characterized in that the first icon of the displaying, including:By aobvious
Display screen shows the first icon.
6. a kind of authentication means for client, which is characterized in that comprise the following modules:
Request sending module, for including the logging request of username and password to server transmission;
First information receiving module, for receiving the first icon transmitted by server;
First display module, for showing the first icon.
7. a kind of auth method for authority checking equipment, which is characterized in that include the following steps:
Receive the first icon transmitted by server and several second icons;
It shows the first icon and several second icons, and the third icon inputted from input equipment is sent to the service
Device, third icon are any in first icon and several second icons.
8. auth method according to claim 7, which is characterized in that first figure received transmitted by server
Mark and several second icons, including:Receive the first icon and two the second icons transmitted by server.
9. auth method according to claim 7, which is characterized in that the first icon of the displaying and several second figures
Mark, and the third icon inputted from input equipment is sent to the server, including:
The first icon and several second icons are shown on the touchscreen, and when third icon is touched, third icon is sent to
The server.
10. a kind of authentication means for authority checking equipment, which is characterized in that comprise the following modules:
Second information receiving module, for receiving the first icon and several second icons transmitted by server;
Second display module, for showing the first icon and several second icons, and the third figure that will be inputted from input equipment
Mark is sent to the server, and third icon is any in first icon and several second icons.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810321174.6A CN108494794A (en) | 2018-04-11 | 2018-04-11 | A kind of auth method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810321174.6A CN108494794A (en) | 2018-04-11 | 2018-04-11 | A kind of auth method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108494794A true CN108494794A (en) | 2018-09-04 |
Family
ID=63315432
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810321174.6A Pending CN108494794A (en) | 2018-04-11 | 2018-04-11 | A kind of auth method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108494794A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112199137A (en) * | 2020-09-01 | 2021-01-08 | 北京达佳互联信息技术有限公司 | Display method and device of login interface, electronic equipment and storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103188263A (en) * | 2013-03-22 | 2013-07-03 | 百度在线网络技术(北京)有限公司 | Verification method, system and device |
CN104917724A (en) * | 2014-03-11 | 2015-09-16 | 腾讯科技(深圳)有限公司 | Identity verification method and apparatus |
CN105100005A (en) * | 2014-05-07 | 2015-11-25 | 腾讯科技(深圳)有限公司 | Identity verification method and device |
CN105491010A (en) * | 2015-11-19 | 2016-04-13 | 上海携程商务有限公司 | Cross validation method and system for verification codes |
CN105718783A (en) * | 2014-12-03 | 2016-06-29 | 阿里巴巴集团控股有限公司 | Verification code interaction method, device, client and server |
CN106612277A (en) * | 2016-12-09 | 2017-05-03 | 武汉斗鱼网络科技有限公司 | Method and system for realizing CAPTCHA verification using cipher disk |
-
2018
- 2018-04-11 CN CN201810321174.6A patent/CN108494794A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103188263A (en) * | 2013-03-22 | 2013-07-03 | 百度在线网络技术(北京)有限公司 | Verification method, system and device |
CN104917724A (en) * | 2014-03-11 | 2015-09-16 | 腾讯科技(深圳)有限公司 | Identity verification method and apparatus |
CN105100005A (en) * | 2014-05-07 | 2015-11-25 | 腾讯科技(深圳)有限公司 | Identity verification method and device |
CN105718783A (en) * | 2014-12-03 | 2016-06-29 | 阿里巴巴集团控股有限公司 | Verification code interaction method, device, client and server |
CN105491010A (en) * | 2015-11-19 | 2016-04-13 | 上海携程商务有限公司 | Cross validation method and system for verification codes |
CN106612277A (en) * | 2016-12-09 | 2017-05-03 | 武汉斗鱼网络科技有限公司 | Method and system for realizing CAPTCHA verification using cipher disk |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112199137A (en) * | 2020-09-01 | 2021-01-08 | 北京达佳互联信息技术有限公司 | Display method and device of login interface, electronic equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11451528B2 (en) | Two factor authentication with authentication objects | |
EP2684330B1 (en) | Method and system for granting access to a secured website | |
JP7027475B2 (en) | Decentralized, decentralized data aggregation | |
US20240080311A1 (en) | Managing security credentials | |
EP3044987B1 (en) | Method and system for verifying an account operation | |
US10299118B1 (en) | Authenticating a person for a third party without requiring input of a password by the person | |
US10050787B1 (en) | Authentication objects with attestation | |
US10362019B2 (en) | Managing security credentials | |
US10049202B1 (en) | Strong authentication using authentication objects | |
US9767262B1 (en) | Managing security credentials | |
CN103607284A (en) | Identity authentication method and equipment and server | |
US11444936B2 (en) | Managing security credentials | |
CN107040518A (en) | A kind of private clound server log method and system | |
US20160212123A1 (en) | System and method for providing a certificate by way of a browser extension | |
CN110324344A (en) | The method and device of account information certification | |
TWI540874B (en) | Identity authentication method, device and system | |
KR101027228B1 (en) | User-authentication apparatus for internet security, user-authentication method for internet security, and recorded medium recording the same | |
CN109495458A (en) | A kind of method, system and the associated component of data transmission | |
CN108494794A (en) | A kind of auth method and device | |
CN108616520A (en) | A kind of auth method and device | |
EP3840288B1 (en) | Pre-registration of authentication devices | |
EP3329650B1 (en) | Providing multi-factor authentication credentials via device notifications | |
Jindal et al. | Multi-factor authentication scheme using mobile app and camera | |
KR101735964B1 (en) | Terminal device and Smart device using login website of the terminal device and Method for controlling the same | |
CN108512855A (en) | A kind of auth method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180904 |
|
RJ01 | Rejection of invention patent application after publication |