CN109005155B - Identity authentication method and device - Google Patents
Identity authentication method and device Download PDFInfo
- Publication number
- CN109005155B CN109005155B CN201810724395.8A CN201810724395A CN109005155B CN 109005155 B CN109005155 B CN 109005155B CN 201810724395 A CN201810724395 A CN 201810724395A CN 109005155 B CN109005155 B CN 109005155B
- Authority
- CN
- China
- Prior art keywords
- random number
- identification number
- authentication
- authentication request
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the invention provides an identity authentication method and device. The method is applied to a client, and comprises the following steps: sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal to a server; the client is installed on the terminal; receiving a random number fed back by the server for the first authentication request; encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext; and sending a second authentication request carrying the identification number and the first ciphertext to the server. The authentication process in the embodiment of the invention is simple and convenient to operate; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
Description
Technical Field
The embodiment of the invention relates to the technical field of communication, in particular to an identity authentication method and device.
Background
Identity authentication refers to a process of confirming the identity of an operator, so as to determine whether the user has access and use rights to a certain resource, prevent an attacker from impersonating a legitimate user to obtain the access rights of the resource, ensure the security of a system and data, and authorize the legitimate interests of the accessor.
At present, the commonly used authentication methods mainly include three types: an identity authentication mode based on a user name and a password, an identity authentication mode based on a biological characteristic identification technology, and an identity authentication mode of hardware equipment based on a Universal Serial Bus (USB); however, there are some drawbacks to the above three authentication methods.
Specifically, the identity authentication method based on the user name and the password (or password) is common at present, but the password has the risk of leakage or forgetting, and the password rules of different accounts are inconsistent, so that the user may need to memorize a plurality of passwords, and the passwords are easy to be confused, which brings trouble to the user.
The identity authentication method based on the biological characteristics mainly comprises fingerprint identification, face identification, iris identification and the like. On one hand, the biometric identification depends on hardware support, and on the other hand, other authentication modes are needed as a premise during first authentication so as to collect the biometric characteristics, and the process is complicated.
The authentication mode of hardware equipment based on the USB, such as the USB Key, is common in website authentication related to the financial industry, but additional hardware needs to be carried when the hardware equipment is used, so that the hardware equipment is inconvenient to use and is not easy to popularize.
Disclosure of Invention
The embodiment of the invention provides an identity authentication method and device, which are used for solving the problem of defects of an identity authentication mode in the prior art.
In one aspect, an embodiment of the present invention provides an identity authentication method, where the method is applied to a client, and the method includes:
sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal to a server; the client is installed on the terminal;
receiving a random number fed back by the server for the first authentication request;
encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
and sending a second authentication request carrying the identification number and the first ciphertext to the server.
In another aspect, an embodiment of the present invention provides an identity authentication method, where the identity authentication method is applied to a server, and the method includes:
receiving a first authentication request which is sent by a client and carries an identification number of a user identity SIM card of a terminal; the client is installed on the terminal;
generating a random number according to a second preset algorithm, feeding the random number back to the client, and recording a first corresponding relation between the random number and the identification number;
receiving a second authentication request which is sent by the client and carries the identification number to be authenticated and the first ciphertext; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card;
and authenticating the second authentication request according to the first corresponding relation.
In another aspect, an embodiment of the present invention provides an identity authentication apparatus, which is applied to a client, where the apparatus includes:
the first sending module is used for sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of the terminal to the server; the client is installed on the terminal;
a random number receiving module, configured to receive a random number fed back by the server for the first authentication request;
the encryption module is used for encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
and the second sending module is used for sending a second authentication request carrying the identification number and the first ciphertext to the server.
In another aspect, an embodiment of the present invention provides an identity authentication apparatus, which is applied to a server, and the apparatus includes:
the first receiving module is used for receiving a first authentication request which is sent by a client and carries an identification number of a user identity SIM card of a terminal; the client is installed on the terminal;
the random number generating module is used for generating a random number according to a second preset algorithm, feeding the random number back to the client and recording a first corresponding relation between the random number and the identification number;
the second receiving module is used for receiving a second authentication request which is sent by the client and carries the identification number to be authenticated and the first ciphertext; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card;
and the authentication module is used for authenticating the second authentication request according to the first corresponding relation.
On the other hand, the embodiment of the present invention further provides an electronic device, which includes a memory, a processor, a bus, and a computer program stored on the memory and executable on the processor, where the processor implements the steps in the identity authentication method when executing the computer program.
In still another aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps in the identity authentication method.
The identity authentication method and the identity authentication device provided by the embodiment of the invention send a first authentication request carrying an identification number of a subscriber identity module SIM card of a terminal to a server, and receive a random number fed back by the server aiming at the first authentication request; and then encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, finally sending a second authentication request carrying the identification number and the first ciphertext to the server, and if a message passing the authentication of the second authentication request is received subsequently, the client can execute a process corresponding to the identity authentication at this time. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of an identity authentication method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a first example of an embodiment of the present invention;
FIG. 3 is a schematic flow chart of a second example of an embodiment of the present invention;
fig. 4 is a second schematic flowchart of an identity authentication method according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an identity authentication apparatus according to an embodiment of the present invention;
fig. 6 is a second schematic structural diagram of an identity authentication apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 shows a flowchart of an identity authentication method according to an embodiment of the present invention.
As shown in fig. 1, an identity authentication method provided in an embodiment of the present invention is applied to a client, and the method includes:
The client is installed in the terminal, and when performing identity authentication, the client acquires an Identification number of a Subscriber Identity Module (SIM) card of the terminal.
Alternatively, the Identification Number may be an International Mobile Subscriber Identity (IMSI) of the SIM card, and the IMSI is a mark for distinguishing a Mobile Subscriber, and is stored in the SIM card and may be used to distinguish valid information of the Mobile Subscriber.
The client carries the identification number in the first authentication request to request the server to perform identity authentication on the client.
As a first example, referring to fig. 2, the client in fig. 2 performs step 1 to send a first authentication request to the server. After receiving the first authentication request, the server generates a random number, executes step 2, sends the random number to the client, and records a first corresponding relationship between the random number and the identification number in step 3.
After the client sends the first authentication request to the server, the client receives the random number fed back by the server, the random number is used for authenticating the identity of the client, and due to the randomness of the random number, the client can be prevented from being repeatedly used.
103, encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext.
The first preset algorithm is a known or pre-agreed encryption algorithm between the client and the server. The certificate public key preset in the SIM card, i.e. the public key value in the certificate of the SIM card, the SIM card certificate usually contains the following information: a public key value, identifier information (such as name and email address), a validity period (validity time of the certificate), issuer identifier information, and an issuer's digital signature, etc., to verify the validity of the binding between the public key of the principal in which the certificate is located and the principal's identifier information.
The client encrypts the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, and the first ciphertext can be used for verifying the first preset algorithm and the certificate public key so as to verify the identity of the client.
With continued reference to fig. 2, the client in fig. 2 performs step 4 to encrypt the random number.
And 104, sending a second authentication request carrying the identification number and the first ciphertext to the server.
The client sends a second authentication request to the server, and the second authentication request carries the identification number and the first ciphertext, so that the server searches a local random number corresponding to the identification number and recorded locally by the server according to the identification number, verifies the first ciphertext according to the local random number, and realizes authentication of the second authentication request.
Further, after the client subsequently receives the message that the server passes the authentication of the second authentication request, the client may execute a process corresponding to the current authentication, for example, a login process of the third-party application program, and after the second authentication request is completed, the client may log in the third-party application program without a secret, and at this time, the login process does not need login manners such as a user name and a password, so that the complexity of the login manner based on the user name and the password is avoided.
With continued reference to fig. 2, the client in fig. 2 performs step 5 to send a second authentication request to the server.
In the embodiment of the invention, a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal is sent to a server, and a random number fed back by the server for the first authentication request is received; and then encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, finally sending a second authentication request carrying the identification number and the first ciphertext to the server, and if a message passing the authentication of the second authentication request is received subsequently, the client can execute a process corresponding to the identity authentication at this time. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment. The invention solves the problem of the defects of the identity authentication mode in the prior art.
Optionally, in this embodiment of the present invention, after the step of sending the second authentication request carrying the identification number and the first ciphertext to the server, the method includes:
receiving an authentication result of the server for the second authentication request;
and logging in a preset application program when the authentication result indicates that the second authentication request passes.
The method comprises the steps that a preset application program is a third-party application program, and when identity authentication is a login process of the third-party application program, a client sends a second authentication request to a server and receives an authentication result of the server aiming at the second authentication request; and when the authentication result indicates that the second authentication request passes, the password-free login of the preset application program is performed, and the identity authentication is completed based on the certificate in the SIM card, so that the complexity of a login mode based on a user name and a password is avoided.
Further, in the embodiment of the present invention, the step of logging in the preset application includes:
acquiring a preset request parameter of the client;
requesting a preset user identification number from the server according to the preset request parameter;
and logging in a preset application program according to the preset user identification number.
In the process of logging in the preset application program, a preset Request parameter of a client is firstly acquired, after the server finishes identity authentication of the client by using a Request Token (Request Token) with the preset Request parameter as authorization, the Request Token is sent to the client, the client firstly requests an Access Token (Access Token) from the server according to the Request Token, then requests a preset user identification number of the client from the server according to the Access Token, the preset user identification number can be OpenID, and finally, the third-party application program is logged in based on the preset user identification number.
As a second example, referring to fig. 3, a secret-less login process of an identity authentication method provided in an embodiment of the present invention mainly includes the following steps:
if yes, go to step 302, otherwise, fail to authenticate and end the process.
Specifically, the identity authentication process mainly comprises the following steps:
1. sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal to a server; the client is installed on the terminal;
2. receiving a random number fed back by the server for the first authentication request;
3. encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
4. sending a second authentication request carrying the identification number and the first ciphertext to the server;
5. receiving an authentication result of the server to the second authentication request: if the authentication result passes, step 303 is executed, otherwise, the authentication fails and the process ends.
and 305, logging in the third-party application program according to the OpenID, and ending the process.
In the above example, the password-free login is realized, and the problems that the account name and the password of the third-party application are forgotten or leaked are avoided; meanwhile, the SIM card with the preset certificate is used as a communication medium and also as a certificate for identity authentication without additionally adding hardware; in addition, the certificate is preset in the SIM card from the factory, so that the problem of complicated identity authentication information acquisition is solved; and because the SIM card has the ability of communication, can realize the management and control to the identity voucher that reports the loss.
In the embodiment of the invention, a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal is sent to a server, and a random number fed back by the server for the first authentication request is received; and then encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, finally sending a second authentication request carrying the identification number and the first ciphertext to the server, and subsequently, if receiving a message that the second authentication request passes the authentication, executing a password-free login third-party application program by the client. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
As another aspect of the embodiment of the present invention, referring to fig. 4, an embodiment of the present invention further provides an identity authentication method applied to a server, where the method includes:
The client is installed on the terminal, and when identity authentication is carried out, the client carries the identification number of the SIM card of the terminal in a first authentication request and sends the first authentication request to the server so as to request the server to carry out identity authentication on the client.
Alternatively, the identification number may be the IMSI of the SIM card, and the IMSI is a mark for distinguishing the mobile subscriber, and is stored in the SIM card and is used for distinguishing valid information of the mobile subscriber.
As a first example, referring to fig. 2, in fig. 2, the client performs step 1, and sends a first authentication request to the server; the server receives the authentication request.
The server generates a random number according to a second preset algorithm, the random number is used for authenticating the identity of the client, and due to the randomness of the random number, repeated use can be prevented.
With reference to fig. 2, after receiving the first authentication request, the server generates a random number, and executes step 2 to send the random number to the client, and step 3 to record a first corresponding relationship between the random number and the identification number.
The server receives a second authentication request sent by the client, wherein the second authentication request carries a first ciphertext and an identification number to be authenticated; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in a terminal SIM card where the client is located, and the first preset algorithm is a known or pre-agreed encryption algorithm between the client and the server.
The certificate public key preset in the SIM card, i.e. the public key value in the certificate of the SIM card, the SIM card certificate usually contains the following information: a public key value, identifier information (such as name and email address), a validity period (validity time of the certificate), issuer identifier information, and an issuer's digital signature, etc., to verify the validity of the binding between the public key of the principal in which the certificate is located and the principal's identifier information.
The server determines a random number (hereinafter referred to as a local random number) corresponding to the identification number to be authenticated in the first corresponding relationship according to the identification number to be authenticated; obtaining a plaintext (namely a random number) of a first ciphertext according to a decryption algorithm corresponding to a first preset algorithm; if the random number is consistent with the local random number, the certificate public key of the client and the first preset algorithm are correct, and the second authentication request passes authentication and the identity authentication of the client passes.
In the embodiment of the invention, a first authentication request which is sent by a client and carries the identification number of the SIM card of the terminal is received; generating a random number according to a second preset algorithm, feeding the random number back to the client, and recording a first corresponding relation between the random number and the identification number; receiving a second authentication request which is sent by the client and carries the identification number to be authenticated and the first ciphertext; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card; and authenticating the second authentication request according to the first corresponding relation. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment. The invention solves the problem of the defects of the identity authentication mode in the prior art.
Specifically, in this embodiment of the present invention, the step of authenticating the second authentication request according to the first corresponding relationship includes:
acquiring an identification number to be authenticated carried in the second authentication request;
acquiring a preset certificate private key corresponding to the identification number to be authenticated, and decrypting the first ciphertext according to the certificate private key and a decryption algorithm corresponding to a first preset algorithm to obtain a decrypted plaintext;
and if the decrypted plaintext is the same as the local random number, determining that the second authentication request passes the authentication.
The server obtains the identification number to be authenticated carried in the second authentication request, determines a local random number corresponding to the identification number to be authenticated in the first corresponding relationship according to the identification number to be authenticated, obtains a preset certificate private key corresponding to the identification number to be authenticated, and obtains a plaintext (namely a random number) of a first ciphertext according to the certificate private key and a decryption algorithm corresponding to a first preset algorithm; if the random number is consistent with the local random number, the certificate public key of the client and the first preset algorithm are correct, and the second authentication request passes authentication and the identity authentication of the client passes.
Optionally, in this embodiment of the present invention, after the step of authenticating the second authentication request according to the first corresponding relationship, the method further includes:
and feeding back an authentication result to the client.
After the server authenticates the second authentication request, an authentication result is fed back to the client, if the authentication result indicates that the authentication is passed, the client can execute a process corresponding to the identity authentication, for example, a login process of a third-party application program, after the second authentication request is completed, the client can log in the third-party application program without secret, and at the moment, login modes such as a user name and a password are not needed in the login process, so that the complexity of the login mode based on the user name and the password is avoided.
With continued reference to fig. 2, the server in fig. 2 executes step 6 to feed back the authentication result to the client.
In the embodiment of the invention, a first authentication request which is sent by a client and carries the identification number of the SIM card of the terminal is received; generating a random number according to a second preset algorithm, feeding the random number back to the client, and recording a first corresponding relation between the random number and the identification number; receiving a second authentication request which is sent by the client and carries the identification number to be authenticated and the first ciphertext; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card; and authenticating the second authentication request according to the first corresponding relation. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
The identity authentication method provided by the embodiment of the present invention is described above, and an identity authentication apparatus provided by the embodiment of the present invention is described below with reference to the accompanying drawings.
Referring to fig. 5, an embodiment of the present invention provides an identity authentication apparatus, which is applied to a client, and the apparatus includes:
a first sending module 501, configured to send a first authentication request carrying an identification number of a subscriber identity module SIM card of a terminal to a server; and the client is installed on the terminal.
The client is installed in the terminal, and when identity authentication is carried out, the client acquires the identification number of the SIM card of the terminal.
Alternatively, the Identification Number may be an International Mobile Subscriber Identity (IMSI) of the SIM card, and the IMSI is a mark for distinguishing a Mobile Subscriber, and is stored in the SIM card and may be used to distinguish valid information of the Mobile Subscriber.
The client carries the identification number in the first authentication request to request the server to perform identity authentication on the client.
A random number receiving module 502, configured to receive a random number fed back by the server for the first authentication request.
After the client sends the first authentication request to the server, the client receives the random number fed back by the server, the random number is used for authenticating the identity of the client, and due to the randomness of the random number, the client can be prevented from being repeatedly used.
The encrypting module 503 is configured to encrypt the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext.
The first preset algorithm is a known or pre-agreed encryption algorithm between the client and the server. The certificate public key preset in the SIM card, i.e. the public key value in the certificate of the SIM card, the SIM card certificate usually contains the following information: a public key value, identifier information (such as name and email address), a validity period (validity time of the certificate), issuer identifier information, and an issuer's digital signature, etc., to verify the validity of the binding between the public key of the principal in which the certificate is located and the principal's identifier information.
The client encrypts the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, and the first ciphertext can be used for verifying the first preset algorithm and the certificate public key so as to verify the identity of the client.
A second sending module 504, configured to send a second authentication request carrying the identification number and the first ciphertext to the server.
The client sends a second authentication request to the server, and the second authentication request carries the identification number and the first ciphertext, so that the server searches a local random number corresponding to the identification number and recorded locally by the server according to the identification number, verifies the first ciphertext according to the local random number, and realizes authentication of the second authentication request.
Further, after the client subsequently receives the message that the server passes the authentication of the second authentication request, the client may execute a process corresponding to the current authentication, for example, a login process of the third-party application program, and after the second authentication request is completed, the client may log in the third-party application program without a secret, and at this time, the login process does not need login manners such as a user name and a password, so that the complexity of the login manner based on the user name and the password is avoided.
Optionally, in an embodiment of the present invention, the apparatus further includes:
a result receiving module, configured to receive an authentication result of the server for the second authentication request;
and the login module is used for logging in a preset application program when the authentication result indicates that the second authentication request passes.
Optionally, in this embodiment of the present invention, the login module is configured to:
acquiring a preset request parameter of the client;
requesting a preset user identification number from the server according to the preset request parameter;
and logging in a preset application program according to the preset user identification number.
In the above embodiment of the present invention, a first sending module 501 sends a first authentication request carrying an identification number of a subscriber identity module SIM card of a terminal to a server, and a random number receiving module 502 receives a random number fed back by the server for the first authentication request; the encryption module 503 encrypts the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, the second sending module 504 sends a second authentication request carrying the identification number and the first ciphertext to the server, and subsequently, if a message that the second authentication request passes the authentication is received, the client may execute a process corresponding to the identity authentication at this time. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
Referring to fig. 6, an embodiment of the present invention provides an identity authentication apparatus, which is applied to a server, and the apparatus includes:
a first receiving module 601, configured to receive a first authentication request sent by a client and carrying an identification number of a subscriber identity module SIM card of a terminal; and the client is installed on the terminal.
The client is installed on the terminal, and when identity authentication is carried out, the client carries the identification number of the SIM card of the terminal in a first authentication request and sends the first authentication request to the server so as to request the server to carry out identity authentication on the client.
Alternatively, the identification number may be the IMSI of the SIM card, and the IMSI is a mark for distinguishing the mobile subscriber, and is stored in the SIM card and is used for distinguishing valid information of the mobile subscriber.
The random number generating module 602 is configured to generate a random number according to a second preset algorithm, feed back the random number to the client, and record a first corresponding relationship between the random number and the identification number.
The server generates a random number according to a second preset algorithm, the random number is used for authenticating the identity of the client, and due to the randomness of the random number, repeated use can be prevented.
A second receiving module 603, configured to receive a second authentication request that is sent by the client and carries the identification number to be authenticated and the first ciphertext; and the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card.
The server receives a second authentication request sent by the client, wherein the second authentication request carries a first ciphertext and an identification number to be authenticated; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in a terminal SIM card where the client is located, and the first preset algorithm is a known or pre-agreed encryption algorithm between the client and the server.
The certificate public key preset in the SIM card, i.e. the public key value in the certificate of the SIM card, the SIM card certificate usually contains the following information: a public key value, identifier information (such as name and email address), a validity period (validity time of the certificate), issuer identifier information, and an issuer's digital signature, etc., to verify the validity of the binding between the public key of the principal in which the certificate is located and the principal's identifier information.
An authentication module 604, configured to authenticate the second authentication request according to the first corresponding relationship.
The server determines a random number (hereinafter referred to as a local random number) corresponding to the identification number to be authenticated in the first corresponding relationship according to the identification number to be authenticated; obtaining a plaintext (namely a random number) of a first ciphertext according to a decryption algorithm corresponding to a first preset algorithm; if the random number is consistent with the local random number, the certificate public key of the client and the first preset algorithm are correct, and the second authentication request passes authentication and the identity authentication of the client passes.
Optionally, in this embodiment of the present invention, the authentication module 604 includes:
the obtaining submodule is used for obtaining the identification number to be authenticated carried in the second authentication request;
the determining submodule is used for determining a local random number corresponding to the identification number to be authenticated according to the first corresponding relation;
the decryption submodule is used for acquiring a preset certificate private key corresponding to the identification number to be authenticated and decrypting the first ciphertext according to the certificate private key and a decryption algorithm corresponding to a first preset algorithm to obtain a decrypted plaintext;
and the authentication submodule is used for determining that the second authentication request passes the authentication if the decrypted plaintext is the same as the local random number.
Optionally, in an embodiment of the present invention, the apparatus further includes:
and the result feedback module is used for feeding back the authentication result to the client.
In the above embodiment of the present invention, a first receiving module 601 receives a first authentication request carrying an identification number of an SIM card of a terminal sent by a client; the random number generating module 602 generates a random number according to a second preset algorithm, feeds the random number back to the client, and the second receiving module 603 records a first corresponding relationship between the random number and the identification number, and receives a second authentication request which is sent by the client and carries the identification number to be authenticated and the first ciphertext; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card; the authentication module 604 authenticates the second authentication request according to the first corresponding relationship. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
Fig. 7 is a schematic structural diagram of an electronic device according to yet another embodiment of the present invention.
Referring to fig. 7, an embodiment of the present invention provides an electronic device, which includes a memory (memory)71, a processor (processor)72, a bus 73, and a computer program stored in the memory 71 and running on the processor. The memory 71 and the processor 72 complete communication with each other through the bus 73.
The processor 72 is adapted to call program instructions in the memory 71 to implement the method of fig. 1 when executing the computer program.
In another embodiment, the processor, when executing the computer program, implements the method of:
sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal to a server; the client is installed on the terminal;
receiving a random number fed back by the server for the first authentication request;
encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
and sending a second authentication request carrying the identification number and the first ciphertext to the server.
The electronic device provided in the embodiment of the present invention may be configured to execute a program corresponding to the method in the foregoing method embodiment, and details of this implementation are not described again.
In the electronic device provided by the embodiment of the invention, when the processor executes the computer program, a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal is sent to a server, and a random number fed back by the server for the first authentication request is received; and then encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, finally sending a second authentication request carrying the identification number and the first ciphertext to the server, and if a message passing the authentication of the second authentication request is received subsequently, the client can execute a process corresponding to the identity authentication at this time. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
A non-transitory computer readable storage medium is provided according to a further embodiment of the present invention, having a computer program stored thereon, which when executed by a processor implements the steps of fig. 1.
In another embodiment, the computer program when executed by a processor implements a method comprising:
sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal to a server; the client is installed on the terminal;
receiving a random number fed back by the server for the first authentication request;
encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
and sending a second authentication request carrying the identification number and the first ciphertext to the server.
In the non-transitory computer-readable storage medium provided in the embodiment of the present invention, when the computer program is executed by the processor, the method in the foregoing method embodiment is implemented, and details of this implementation are not described again.
The non-transitory computer readable storage medium provided by the embodiment of the present invention sends a first authentication request carrying an identification number of a subscriber identity module SIM card of a terminal to a server, and receives a random number fed back by the server for the first authentication request; and then encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext, finally sending a second authentication request carrying the identification number and the first ciphertext to the server, and if a message passing the authentication of the second authentication request is received subsequently, the client can execute a process corresponding to the identity authentication at this time. The authentication process in the embodiment of the invention is simple and convenient to operate, the certificate in the SIM card is issued by the authentication server, the related certificate information is registered before the card is manufactured, and the re-acquisition is not needed in the authentication process; and the identity authentication is completed based on the certificate in the SIM card, and because most communication terminals are provided with the SIM card slots, the embodiment of the invention is easy to popularize and has strong applicability without adding other hardware equipment.
Yet another embodiment of the present invention discloses a computer program product comprising a computer program stored on a non-transitory computer-readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the methods provided by the above-mentioned method embodiments, for example, comprising:
sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal to a server; the client is installed on the terminal;
receiving a random number fed back by the server for the first authentication request;
encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
and sending a second authentication request carrying the identification number and the first ciphertext to the server.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (9)
1. An identity authentication method applied to a client is characterized by comprising the following steps:
sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of a terminal to a server; the client is installed on the terminal;
receiving a random number fed back by the server for the first authentication request; after receiving the first authentication request, the server generates a random number according to a second preset algorithm, feeds the random number back to the client, and records a first corresponding relation between the random number and the identification number;
encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
sending a second authentication request carrying the identification number and the first ciphertext to the server;
wherein the step of authenticating the second authentication request comprises:
acquiring an identification number to be authenticated carried in the second authentication request;
determining a local random number corresponding to the identification number to be authenticated according to the first corresponding relation;
acquiring a preset certificate private key corresponding to the identification number to be authenticated, and decrypting the first ciphertext according to the certificate private key and a decryption algorithm corresponding to a first preset algorithm to obtain a decrypted plaintext;
if the decrypted plaintext is the same as the local random number, determining that the second authentication request passes the authentication;
and the local random number is data which is locally recorded by the server according to the identification number and corresponds to the identification number.
2. The method according to claim 1, wherein after the step of sending the second authentication request carrying the identification number and the first ciphertext to the server, the method comprises:
receiving an authentication result of the server for the second authentication request;
and logging in a preset application program when the authentication result indicates that the second authentication request passes.
3. The method of claim 2, wherein the step of logging into the default application comprises:
acquiring a preset request parameter of the client;
requesting a preset user identification number from the server according to the preset request parameter;
and logging in a preset application program according to the preset user identification number.
4. An identity authentication method applied to a server is characterized by comprising the following steps:
receiving a first authentication request which is sent by a client and carries an identification number of a user identity SIM card of a terminal; the client is installed on the terminal;
generating a random number according to a second preset algorithm, feeding the random number back to the client, and recording a first corresponding relation between the random number and the identification number;
receiving a second authentication request which is sent by the client and carries the identification number to be authenticated and the first ciphertext; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card;
authenticating the second authentication request according to the first corresponding relation;
the step of authenticating the second authentication request according to the first correspondence includes:
acquiring an identification number to be authenticated carried in the second authentication request;
determining a local random number corresponding to the identification number to be authenticated according to the first corresponding relation;
acquiring a preset certificate private key corresponding to the identification number to be authenticated, and decrypting the first ciphertext according to the certificate private key and a decryption algorithm corresponding to a first preset algorithm to obtain a decrypted plaintext;
if the decrypted plaintext is the same as the local random number, determining that the second authentication request passes the authentication;
and the local random number is data which is locally recorded by the server according to the identification number and corresponds to the identification number.
5. The method of claim 4, wherein after the step of authenticating the second authentication request according to the first correspondence, the method further comprises:
and feeding back an authentication result to the client.
6. An identity authentication device applied to a client, the identity authentication device comprising:
the first sending module is used for sending a first authentication request carrying an identification number of a Subscriber Identity Module (SIM) card of the terminal to the server; the client is installed on the terminal;
a random number receiving module, configured to receive a random number fed back by the server for the first authentication request; after receiving the first authentication request, the server generates a random number according to a second preset algorithm, feeds the random number back to the client, and records a first corresponding relation between the random number and the identification number
The encryption module is used for encrypting the random number according to a first preset algorithm and a certificate public key preset in the SIM card to obtain a first ciphertext;
the second sending module is used for sending a second authentication request carrying the identification number and the first ciphertext to the server;
wherein the step of authenticating the second authentication request comprises:
acquiring an identification number to be authenticated carried in the second authentication request;
determining a local random number corresponding to the identification number to be authenticated according to the first corresponding relation;
acquiring a preset certificate private key corresponding to the identification number to be authenticated, and decrypting the first ciphertext according to the certificate private key and a decryption algorithm corresponding to a first preset algorithm to obtain a decrypted plaintext;
if the decrypted plaintext is the same as the local random number, determining that the second authentication request passes the authentication;
and the local random number is data which is locally recorded by the server according to the identification number and corresponds to the identification number.
7. An identity authentication device applied to a server, the identity authentication device comprising:
the first receiving module is used for receiving a first authentication request which is sent by a client and carries an identification number of a user identity SIM card of a terminal; the client is installed on the terminal;
the random number generating module is used for generating a random number according to a second preset algorithm, feeding the random number back to the client and recording a first corresponding relation between the random number and the identification number;
the second receiving module is used for receiving a second authentication request which is sent by the client and carries the identification number to be authenticated and the first ciphertext; the first ciphertext is obtained by encrypting the random number by the client according to a first preset algorithm and a certificate public key preset in the SIM card;
the authentication module is used for authenticating the second authentication request according to the first corresponding relation;
the step of authenticating the second authentication request according to the first correspondence includes:
acquiring an identification number to be authenticated carried in the second authentication request;
determining a local random number corresponding to the identification number to be authenticated according to the first corresponding relation;
acquiring a preset certificate private key corresponding to the identification number to be authenticated, and decrypting the first ciphertext according to the certificate private key and a decryption algorithm corresponding to a first preset algorithm to obtain a decrypted plaintext;
if the decrypted plaintext is the same as the local random number, determining that the second authentication request passes the authentication;
and the local random number is data which is locally recorded by the server according to the identification number and corresponds to the identification number.
8. An electronic device comprising a memory, a processor, a bus and a computer program stored on the memory and executable on the processor, the processor implementing the steps in the identity authentication method according to any one of claims 1 to 5 when executing the computer program.
9. A non-transitory computer-readable storage medium having stored thereon a computer program, characterized in that: the computer program when executed by a processor implementing the steps in the identity authentication method as claimed in any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810724395.8A CN109005155B (en) | 2018-07-04 | 2018-07-04 | Identity authentication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810724395.8A CN109005155B (en) | 2018-07-04 | 2018-07-04 | Identity authentication method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109005155A CN109005155A (en) | 2018-12-14 |
| CN109005155B true CN109005155B (en) | 2021-11-12 |
Family
ID=64598756
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810724395.8A Active CN109005155B (en) | 2018-07-04 | 2018-07-04 | Identity authentication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109005155B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109286933B (en) * | 2018-10-18 | 2021-11-30 | 世纪龙信息网络有限责任公司 | Authentication method, device, system, computer equipment and storage medium |
| CN112187709B (en) * | 2019-07-05 | 2022-07-05 | 荣耀终端有限公司 | Authentication method, device and server |
| CN111006692A (en) * | 2019-11-29 | 2020-04-14 | 东风商用车有限公司 | Method for rapidly correcting vehicle speed and mileage of commercial vehicle instrument based on development of diagnostic instrument |
| CN111572676B (en) * | 2020-04-19 | 2021-08-13 | 东风汽车股份有限公司 | Vehicle instrument configuration parameter calibration method |
| CN111552928A (en) * | 2020-04-26 | 2020-08-18 | 北京学之途网络科技有限公司 | Authentication method and device |
| CN111541708B (en) * | 2020-05-06 | 2022-08-19 | 广东纬德信息科技股份有限公司 | Identity authentication method based on power distribution |
| CN111526166B (en) * | 2020-07-03 | 2020-12-15 | 支付宝(杭州)信息技术有限公司 | Information verification method, device and equipment |
| CN111740846B (en) * | 2020-08-04 | 2020-11-24 | 飞天诚信科技股份有限公司 | Method and system for realizing smart card information reading of mobile terminal |
| CN112543454B (en) * | 2020-11-30 | 2022-11-15 | 亚信科技(成都)有限公司 | Authentication method and equipment |
| CN112839062B (en) * | 2021-04-20 | 2021-08-13 | 北京天维信通科技有限公司 | Port hiding method, device and equipment with mixed authentication signals |
| CN115696329A (en) * | 2022-10-27 | 2023-02-03 | 中国联合网络通信集团有限公司 | Zero trust authentication method and device, zero trust client device and storage medium |
| CN115622794B (en) * | 2022-11-15 | 2023-04-07 | 北京密码云芯科技有限公司 | Encryption and decryption method, device, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101848084A (en) * | 2009-03-25 | 2010-09-29 | 黄金富 | Method and system for authenticating user computer server ISP identity by using SIM cards |
| CN104009843A (en) * | 2013-02-23 | 2014-08-27 | 贺征东 | Token terminal and method |
| CN104348812A (en) * | 2013-08-06 | 2015-02-11 | 中国电信股份有限公司 | Method and device for on-line certification of NFC (Near Field Communication) terminal |
| CN105812334A (en) * | 2014-12-31 | 2016-07-27 | 北京华虹集成电路设计有限责任公司 | Network authentication method |
| CN105871864A (en) * | 2016-04-20 | 2016-08-17 | 中国联合网络通信集团有限公司 | Mobile terminal identity authentication method and device |
| CN107333263A (en) * | 2017-06-12 | 2017-11-07 | 浙江神州量子网络科技有限公司 | A kind of follow-on SIM card and mobile communication personal identification method and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7930553B2 (en) * | 2003-04-11 | 2011-04-19 | Intel Corporation | System and method for extending secure authentication using unique session keys derived from entropy generated by authentication method |
-
2018
- 2018-07-04 CN CN201810724395.8A patent/CN109005155B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101848084A (en) * | 2009-03-25 | 2010-09-29 | 黄金富 | Method and system for authenticating user computer server ISP identity by using SIM cards |
| CN104009843A (en) * | 2013-02-23 | 2014-08-27 | 贺征东 | Token terminal and method |
| CN104348812A (en) * | 2013-08-06 | 2015-02-11 | 中国电信股份有限公司 | Method and device for on-line certification of NFC (Near Field Communication) terminal |
| CN105812334A (en) * | 2014-12-31 | 2016-07-27 | 北京华虹集成电路设计有限责任公司 | Network authentication method |
| CN105871864A (en) * | 2016-04-20 | 2016-08-17 | 中国联合网络通信集团有限公司 | Mobile terminal identity authentication method and device |
| CN107333263A (en) * | 2017-06-12 | 2017-11-07 | 浙江神州量子网络科技有限公司 | A kind of follow-on SIM card and mobile communication personal identification method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109005155A (en) | 2018-12-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109005155B (en) | Identity authentication method and device | |
| CN107079034B (en) | Identity authentication method, terminal equipment, authentication server and electronic equipment | |
| EP3373510B1 (en) | Method and device for realizing session identifier synchronization | |
| US8683562B2 (en) | Secure authentication using one-time passwords | |
| US20180082050A1 (en) | Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device | |
| US7640430B2 (en) | System and method for achieving machine authentication without maintaining additional credentials | |
| US9094823B2 (en) | Data processing for securing local resources in a mobile device | |
| KR101451359B1 (en) | User account recovery | |
| EP2879421B1 (en) | Terminal identity verification and service authentication method, system, and terminal | |
| US20230179420A1 (en) | Software credential token process, software, and device | |
| CN110659467A (en) | Remote user identity authentication method, device, system, terminal and server | |
| US11777743B2 (en) | Method for securely providing a personalized electronic identity on a terminal | |
| CN111327629B (en) | Identity verification method, client and server | |
| KR102012262B1 (en) | Key management method and fido authenticator software authenticator | |
| DK2414983T3 (en) | Secure computer system | |
| US20210256102A1 (en) | Remote biometric identification | |
| CN111800378A (en) | Login authentication method, device, system and storage medium | |
| CN104486322B (en) | Terminal access authentication authorization method and terminal access authentication authoring system | |
| CN110138558B (en) | Transmission method and device of session key and computer-readable storage medium | |
| KR20220167366A (en) | Cross authentication method and system between online service server and client | |
| CN113872989B (en) | SSL protocol-based authentication method, SSL protocol-based authentication device, computer equipment and storage medium | |
| CN115834077B (en) | Control method, control system, electronic device and storage medium | |
| CN114021111A (en) | Login authentication method and device, electronic equipment and computer readable storage medium | |
| CN117155718B (en) | Gateway dynamic access control method, device and storage medium | |
| CN110225011B (en) | Authentication method and device for user node and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Applicant after: Qianxin Technology Group Co.,Ltd. Address before: 100015 15, 17 floor 1701-26, 3 building, 10 Jiuxianqiao Road, Chaoyang District, Beijing. Applicant before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |