CN110247758A - The method, apparatus and code management device of Password Management - Google Patents

The method, apparatus and code management device of Password Management Download PDF

Info

Publication number
CN110247758A
CN110247758A CN201910461988.4A CN201910461988A CN110247758A CN 110247758 A CN110247758 A CN 110247758A CN 201910461988 A CN201910461988 A CN 201910461988A CN 110247758 A CN110247758 A CN 110247758A
Authority
CN
China
Prior art keywords
password
verified
stored
platform chain
block platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910461988.4A
Other languages
Chinese (zh)
Other versions
CN110247758B (en
Inventor
夏修理
黄伟胜
梁鹰
任伟权
唐晨辉
潘浩
李宇光
仇国祥
纪柱
黄靖妍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianyi Digital Life Technology Co Ltd
Original Assignee
CENTURY DRAGON INFORMATION NETWORK Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CENTURY DRAGON INFORMATION NETWORK Co Ltd filed Critical CENTURY DRAGON INFORMATION NETWORK Co Ltd
Priority to CN201910461988.4A priority Critical patent/CN110247758B/en
Publication of CN110247758A publication Critical patent/CN110247758A/en
Application granted granted Critical
Publication of CN110247758B publication Critical patent/CN110247758B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to the method, apparatus of Password Management, storage medium and code management devices, belong to field of information security technology.The described method includes: receiving the operation requests that client is sent;It include the first password and Password Operations information to be verified in operation requests;Checking request is sent to block platform chain according to the first password to be verified;Checking request is verified the first password to be verified for triggering block platform chain using having stored password;If the message that the first password authentification to be verified for receiving the return of block platform chain passes through, decision requests verification pass through;According to the Password Operations information in operation requests, the password that stored corresponding in block platform chain is operated.Above-mentioned technical proposal solves the problems, such as that current cipher management method not can guarantee the safety of each password managed.The password stored in block platform chain sufficiently carries out legitimacy verifies before operating, and the safety of institute's administrator password can be effectively ensured.

Description

The method, apparatus and code management device of Password Management
Technical field
The present invention relates to field of information security technology, more particularly to the method, apparatus and code management device of Password Management.
Background technique
Electronic account is the identity of internet world, has great economy and information value.Ideally, Mei Geyong Family only has the account for representing internet identity;But actual conditions are, numerous websites and application program are done things in his own way, and cause to use The isolated island of family information, leading to user often has more accounts and more passwords.The safety problem of more more passwords of account, not only deep puzzlement User, and hinder the Rapid Popularization of Internet service.In addition, with the development of network technology, user information leakage etc. Safety accident takes place frequently, and password also starts to become to become increasingly complex.Therefore, it is necessary to which more passwords to user carry out safety management. Current Password Management is usually the password that each application program is stored by the password house keeper of a concentration, and user passes through one The password of each application program can be got after a main password login password house keeper, and then the pipe to password may be implemented Reason.
In realizing process of the present invention, at least there are the following problems in the prior art for inventor's discovery: user passes through password House keeper carrys out the mode of administrator password, and the password stored has been leaked to the provider of password housekeeper service, there is the wind being abused Danger;In addition, the leakage of multiple passwords stored in password house keeper can be caused if the main password of login password house keeper is revealed.Cause This, current cipher management method not can guarantee the safety of institute's administrator password.
Summary of the invention
Based on this, the embodiment of the invention provides the method, apparatus of Password Management and code management devices, and institute can be effectively ensured The safety of administrator password.
The content of the embodiment of the present invention is as follows:
In a first aspect, the embodiment of the present invention provides a kind of method of Password Management, comprising the following steps: receive client hair The operation requests sent;It include the first password and Password Operations information to be verified in the operation requests;According to described first Password to be verified sends checking request to block platform chain;The checking request has been deposited for triggering the block platform chain utilization Storage password verifies the described first password to be verified;If it is to be verified to receive the block platform chain returns described first The message that password authentification passes through determines that the operation requests are verified;According to the Password Operations information in the operation requests, The corresponding password that stored in the block platform chain is operated.
In one embodiment, before described the step of receiving the operation requests that client is sent, further includes: receive client Hold the logging request sent;It wherein include the second password to be verified in the logging request;To the described second password to be verified It is verified;If second password authentification to be verified passes through, Xiang Suoshu client returns to the information logined successfully.
In one embodiment, before described the step of receiving the logging request that client is sent, further includes: receive client Hold the registration request sent;Corresponding second password to be verified is generated according to the registration request, and is returned to the client Second password to be verified.
In one embodiment, before described the step of receiving the operation requests that client is sent, further includes: described in reception The password storage instruction that client is sent;It wherein, include password to be stored in the password storage instruction;According to the password The password to be stored is sent to the block platform chain and recorded by store instruction;Wherein, it is wrapped in the block platform chain Include multiple nodes;The multiple node verifies the password to be stored, and is the password to be stored when being verified Corresponding block is generated, block generated is linked into block chain and is recorded, is by the pin marker to be stored Store password.
It in one embodiment, include account number information in the operation requests;It is also wrapped in the block platform chain Containing having stored the corresponding multiple accounts of password with the multiple;The operation requests include inquiry request and modification request;Institute It states according to the Password Operations information in the operation requests, the corresponding password that stored in the block platform chain is operated The step of, comprising: according to the account number information, corresponding target account is determined from the block platform chain;And it determines It is corresponding with the target account to have stored password, password has been stored as target;If the operation requests are inquiry request, to The client returns to the target account and the target has stored password;If the operation requests are modification request, according to The modification request has stored password to the target account and the target and has modified, and controls in the block platform chain The modified target account of each nodes records and target have stored password, generate modification and complete information, Xiang Suoshu client is returned It returns the modification and completes information.
Second aspect, the embodiment of the present invention provide a kind of method of Password Management, comprising the following steps: send to server Operation requests;It include the first password and Password Operations information to be verified in the operation requests;The operation requests are used for It triggers the server and checking request is sent to block platform chain according to the described first password to be verified;The checking request is used for It triggers the block platform chain and the described first password to be verified is verified using having stored password;If receiving the block The message that the described first password authentification to be verified that platform chain returns passes through, determines that the operation requests are verified;According to institute The Password Operations information in operation requests is stated, the corresponding password that stored in the block platform chain is operated.
In one embodiment, the described first password to be verified includes private key;It is described to send operation requests to server Before step, further includes: send private key creation instruction to server;The private key creation, which is instructed for triggering the server, is Local terminal generates private key;The private key that server returns is received, output private key saves prompt information;The private key saves prompt information and uses The private key is saved in prompt user.
The third aspect, the embodiment of the present invention provide a kind of device of Password Management, comprising: request receiving module, for connecing Receive the operation requests that client is sent;It include the first password and Password Operations information to be verified in the operation requests;It tests Module is demonstrate,proved, for sending checking request to block platform chain according to the described first password to be verified;The checking request is for touching It sends out block platform chain described and described first password to be verified is verified using having stored password;Judgment module, if for connecing The message that the described first password authentification to be verified that the block platform chain returns passes through is received, determines the operation requests verifying Pass through;And operation module, for according to the Password Operations information in the operation requests, to right in the block platform chain The password of storage answered is operated.
Fourth aspect, the embodiment of the present invention provide a kind of device of Password Management, comprising: request sending module, for Server sends operation requests;It include the first password and Password Operations information to be verified in the operation requests;The behaviour It requests to send checking request to block platform chain according to the described first password to be verified for triggering the server;It is described to test Card request is verified the described first password to be verified for triggering the block platform chain using having stored password;If receiving The message that the described first password authentification to be verified returned to the block platform chain passes through determines that the operation requests verifying is logical It crosses;According to the Password Operations information in the operation requests, the corresponding password that stored in the block platform chain is grasped Make.
5th aspect, the embodiment of the present invention provide a kind of code management device, comprising: the client of network connection, server And block platform chain;Wherein, record has multiple accounts and corresponding with the multiple account more in the block platform chain It is a to have stored password;The client, for sending operation requests to the server;It include first in the operation requests Password, Password Operations information and account number information to be verified;The server, for according to the described first password to be verified Checking request is sent to block platform chain;The block platform chain has stored password pair for utilizing according to the checking request First password to be verified is verified;The server, if being also used to receive the described of the block platform chain return The message that first password authentification to be verified passes through, according to the account number information in the operation requests to the block platform chain Send cipher inquiry instruction;The block platform chain is also used to be instructed from the block platform chain according to the cipher inquiry Determine corresponding target account;And determine it is corresponding with the target account stored password, stored password as target;Institute Server is stated, the target account and target for being also used to receive the block platform chain transmission have stored password, Xiang Suoshu client It returns to the target account and the target has stored password.
A technical solution in above-mentioned technical proposal has the following advantages that or the utility model has the advantages that password storage is flat in block chain In platform, stored by block chain password can guarantee password can not tamper, in addition, passing through when needing to carry out Password Operations Block platform chain verifies the first password to be verified, and first password authentification to be verified after to it is corresponding Storage password is operated.The password stored in block platform chain sufficiently carries out legitimacy verifies, energy before operating The safety of institute's administrator password is effectively ensured.
Detailed description of the invention
Fig. 1 is the applied environment figure of the method for Password Management in one embodiment;
Fig. 2 is the flow diagram of the method for Password Management in one embodiment;
Fig. 3 is the operation workflow schematic diagram of block chain in one embodiment;
Fig. 4 is the flow diagram of the method for Password Management in another embodiment;
Fig. 5 is the structural block diagram of the device of Password Management in one embodiment;
Fig. 6 is the structural block diagram of the device of Password Management in another embodiment;
Fig. 7 is the internal structure of computer equipment in one embodiment;
Fig. 8 is the architecture diagram of code management device in one embodiment;
Fig. 9 is the applied environment figure of code management device in one embodiment.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
Referenced herein " embodiment " is it is meant that a particular feature, structure, or characteristic described can wrap in conjunction with the embodiments It is contained at least one embodiment of the application.Each position in the description occur the phrase might not each mean it is identical Embodiment, nor the independent or alternative embodiment with other embodiments mutual exclusion.Those skilled in the art explicitly and Implicitly understand, embodiment described herein can be combined with other embodiments.
The method of Password Management provided by the present application can be applied in application environment as shown in Figure 1.The application environment Including client 101, server 102 and block platform chain 103, three's network connection, the system constituted is properly termed as close Code manager;In addition, a server can connect multiple client (Fig. 1 illustrates only a client).Wherein, client 101 send operation requests to server 102, and server 102 carries out the verifying of operation requests by block platform chain 103.Client End 101 can be, but not limited to be various personal computers, laptop, smart phone, tablet computer and portable wearable Equipment, meanwhile, various types of application programs can be installed, the password in these application programs can be by client 101 Server 102 is stored into block platform chain 103;Server 102 can use independent server either multiple server groups At server cluster realize;It is can wrap in block platform chain 103 containing multiple nodes, these nodes can be by various types of The host of type is realized.
The embodiment of the present invention provides method, apparatus, computer equipment, storage medium and the Password Management of a kind of Password Management Device.It is described in detail separately below.
In one embodiment, as shown in Fig. 2, providing a kind of method of Password Management.It is applied in Fig. 1 in this way Server end for be illustrated, comprising the following steps:
S201, the operation requests that client is sent are received;It include the first password to be verified in the operation requests and close Code operation information.
Wherein, client refers to the terminal interacted needed for realizing Password Management process with user, can pass through Mobile phone, computer etc. realize, in addition can be installed in this client various types of application programs (such as: web application and mobile Using).When user passes through client login application program, password is generally required, at this point, the client can be to server Operation requests are sent, corresponding password is obtained and is logged in.
Further, operation requests can refer to inquire password etc. and (can only refer to the inquiry of password, can also refer to and answer The process of password for inquiry before being logged in program), modification etc. operation.Since password is often corresponding with account, which is asked Asking also may include operation to corresponding account.Password Operations information can refer to the operation description letter that specific operation is carried out to password It ceases and the parameter being directed to etc..
First password to be verified refers to the password verified before being operated to password, to be verified to first The process that password is verified can be understood as necessary verification process before access block platform chain.
S202, checking request is sent to block platform chain according to the first password to be verified;The checking request is used for trigger region Block platform chain is verified the first password to be verified using having stored password.
Server can be obtained according to the request of client, the password storage to be stored that client is sent into block chain To having stored password.Specifically, the password of storage in block platform chain can refer to that logging in different Web applies with mobile phone using institute The password needed.In addition, having stored password also and may include for the password of password authentification (it is properly termed as verifying password, passes through public affairs Private key is realized), account corresponding with password has been stored, website links, etc..These have stored password storage in decentralization In block chain, it is not easy to be tampered, ensure that the privacy of user.
Further, verifying password, when receiving the first password to be verified, block can be stored in advance in block platform chain It is compared each participation node in platform chain with pre-stored verifying password, if each node thinks exist Consistent verifying password, it is possible to determine that the first password authentification to be verified passes through.
For ease of understanding, be illustrated at this to block chain: block chain originates from middle clever bit coin, as bit coin Floor layer Technology, be substantially the database of a decentralization, be decentralization and go trust by way of collective safeguard The technical solution in one authentic data library also has open common recognition, trades that transparent, both sides are anonymous, can not distort and not can be traced The features such as.For decentralization, it is most important that solved a little pair by the way of distributed framework, point multipoint transport network Interaction between point;It is most important for going trustization, be two mechanism: first is that public/private key pair mechanism, first is that common recognition mechanism. In addition, the block platform chain in the embodiment of the present invention is implemented on Kubernetes cluster, Kubernetes cluster can be transported The entire block platform chain of row is responsible for scheduling docker container (operation has application thereon), if finding, certain containers are operating abnormally, Automatically task is redeployed on other nodes, to realize that the scalable appearance of automatically dispose, elasticity of micro services, safety is administered and fortune Dimension control, realizes High Availabitity.
If the message that S203, the first password authentification to be verified for receiving the return of block platform chain pass through, decision are asked It asks and is verified.
After the first password authentification to be verified passes through, it can also judge that operation requests are in conjunction with other verification informations It is no to be verified, such as: the log-on message of client.
S204, according to the Password Operations information in operation requests, the password that stored corresponding in block platform chain is carried out Operation.
This step is operated according to Password Operations information to password has been stored.Wherein, the operation to password has been stored It can be realized by block platform chain.
After operation requests are verified, server can be determined from block platform chain and deposited corresponding to operation requests Password is stored up, and then the operation such as inquired, modified to the corresponding password that stored, operation obtains operation data after terminating.Into One step, if operation requests are inquiry request, operation data can be the storage password inquired, or " inquire The information of success ";If operation requests are modification operation, operation data can be " modification is completed ", and server can will operate Data return to client.
The present embodiment stores password by the block chain of decentralization, and can guarantee stored password can not tamper; The first password to be verified is verified by block platform chain, is sufficiently verifying client to having stored before password operates The safety of institute's administrator password can be effectively ensured in the legitimacy at end.
In one embodiment, the first password to be verified includes private key;Before S201 further include: receive what client was sent Private key creation instruction is that client generates private key according to private key creation instruction;Private key generated is returned into client and handle Private key is sent to block platform chain and is stored.After client receives private key, it is appropriate can to notify that user carries out private key Keeping.Server in the present embodiment is that client generates private key, which is saved by user oneself.It is needing to put down block chain The password of storage in platform needs to verify private key when being operated, and therefore, if user does not import private key, reads not To password has been stored, the safety of institute's administrator password can be effectively ensured.
In one embodiment, before S201 further include: receive the logging request that client is sent;Wherein in logging request It include the second password to be verified;Second password to be verified is verified;If the second password authentification to be verified passes through, to client End returns to the information logined successfully.Wherein, the second password to be verified is referred to as main password, can refer to login password pipe The password for managing device (it can be appreciated that login service device), can be by code management device service supplier's encrypting storing.To first The process that password to be verified and the second password to be verified are verified may be considered the process that authentication is carried out to user.
Further, before the step of receiving the logging request that client is sent, further includes: receive the note that client is sent Volume request;Corresponding second password to be verified is generated according to registration request, and returns to the second password to be verified to client.User After application shop downloading code management device, the registration control on client end interface is clicked, so that it may trigger client to service Device sends registration request, and completes to register, and received second password to be verified of client institute is needed for login password manager Main password.
The method of Password Management provided in this embodiment passes through multiple-enciphered (the first password to be verified and second to be verified close Code) verifying to use client user carry out authentication, the safety of institute's administrator password can be effectively ensured.
In one embodiment, before S201 further include: receive the password storage instruction that client is sent;Wherein, password It include password to be stored in store instruction;Password to be stored block platform chain is sent to according to password storage instruction to remember Record;Wherein, in block platform chain include multiple nodes (may include several nodes in block platform chain, multiple sections here Point can refer to the node for participating in this verifying, i.e. part of nodes in several nodes);Multiple nodes are treated storage password and are carried out Verifying generates corresponding block when being verified for password to be stored, block generated is linked into block chain and is carried out Pin marker to be stored is to have stored password by record.
The basic unit of block chain storage is the block using chain structure, i.e. newly-increased block has recorded a block Mark (cryptographic Hash).Block chain remains the track of business generation, can trace back to root always.When newly-increased transaction, It can be verified according to the record of front, to ensure that can not distorting for account information, to ensure the safety of account information.
Further, block platform chain is receiving after storing password, password list to be stored can be broadcast to block chain The whole network, each node that participates in verify the block.Encrypted message block to be stored after obtaining verifying formally accesses block chain, The storage of password to be stored is completed, and guarantees to have stored can not distorting for password.
It can be in any time after code management device building it should be noted that increasing password newly into block platform chain. That is, being not limited only to " before the step of receiving the operation requests that client is sent ".Here it limits and " receives the behaviour that client is sent Before the step of requesting " mean that the targeted needs of operation requests are the passwords having stored in block platform chain, The password not stored then is not necessarily to carry out Password Operations.
Above-described embodiment realizes the storage to password by block platform chain, and each participation node will do it before storing It verifies and this storage information is recorded in block chain, so that the password stored can not be distorted, be able to achieve the safety of password Storage.
It in one embodiment, include account number information in operation requests;Also include in block platform chain and more It is a to have stored the corresponding multiple accounts of password;Operation requests include inquiry request and modification request;According to close in operation requests Code operation information, has stored the step of password operates to corresponding in block platform chain, comprising: believe according to account number Breath determines corresponding target account from block platform chain;And determine it is corresponding with target account stored password, as target Password is stored;If operation requests are inquiry request, target account is returned to client and target has stored password;If operation is asked It asks and is requested for modification, password has been stored to target account and target according to modification request and has been modified, has been controlled in block platform chain The modified target account of each nodes records and target stored password, generate modification and complete information, returned to client Information is completed in modification.Wherein, account number information can store in the server, also can store in block platform chain;If Account number information stores in the server, then may include that account number information is corresponding with account number cipher in block chain closes System, block platform chain is by account number information and the corresponding relationship can inquire corresponding target account and target has been deposited Store up password.
In some embodiments, account number information includes the network address of the application program run in client.To apply journey For sequence is facebook, the process for carrying out account and cipher inquiry can be with are as follows: server is according to the network address of facebook in area The facebook account and password of corresponding user are inquired in block platform chain, and carry out subsequent result return processing.
Above-described embodiment searches target account in block platform chain and target has stored password, so realize to account and The inquiry and modification of password, the modification that user can also be facilitated to carry out password in the case where guaranteeing account number cipher safety update.
Further, in one embodiment, in block platform chain account and password increased newly, modified and inquired Schematic diagram it is as shown in Figure 3.Block platform chain in Fig. 3 includes multiple nodes (6 host being connected in such as Fig. 3), these Node can be in communication with each other.In addition, member identities' service can refer to that code management device carries out main password and private key to client The service of verifying.Customer end A is planned newly-increased account and password and is added in block platform chain, the quasi- modification block chain of customer end B Account and password in platform, client C is quasi- to inquire account and password stored in block platform chain, these three clients Operation requests are sent to server, server sends corresponding request to block platform chain, and block platform chain is receiving service Corresponding operation is completed after the request that device is sent, and block is generated according to operation data and is added in block chain, and block chain is protected The track for having stayed business (operating to password) to generate, can trace back to always root, ensure that close after newly-increased password, modification The other information that code and Password Operations process generate can not distort.
In one embodiment, as shown in figure 4, providing a kind of management method of password.It is applied in Fig. 1 in this way Client for be illustrated, comprising the following steps: S401, to server send operation requests;Include in operation requests First password and Password Operations information to be verified;Operation requests are for trigger the server according to the first password to be verified to block Platform chain sends checking request;Checking request for trigger block platform chain using stored password to the first password to be verified into Row verifying;If the message that the first password authentification to be verified for receiving the return of block platform chain passes through, decision requests verification Pass through;According to the Password Operations information in operation requests, the password that stored corresponding in block platform chain is operated, may be used also Terminate obtained operation data to receive server in operation.The present embodiment, user end to server send operation requests, and can To receive the operation data returned after server is requested by block platform chain verification operation.It is stored in block platform chain Password sufficiently carries out legitimacy verifies before being operated, and the safety of institute's administrator password can be effectively ensured.
It in one embodiment, include account number information in operation requests;Also include in block platform chain and more It is a to have stored the corresponding multiple accounts of password;The step of sending operation requests to server, comprising: send to log in server and ask It asks;The logging request, according to account number information, determines corresponding target account for trigger the server from block platform chain; And determine it is corresponding with target account stored password, stored password as target;Receive the target account that server returns Password has been stored with target.
Login therein can refer to login of the client to a certain application program.When needing to log in a certain application program, User end to server sends logging request, so that server obtains corresponding target from block platform chain and stored password.
Further, after the step of target account and target for receiving server return have stored password, further includes: will Target account and target have stored password filling login frame, complete register.
On the other hand, code management device has service discovery function, the application program that can be clicked according to user, automatic to find The account frame and password box of the login page of application program provide corresponding prompt when needing to input password determining, in block chain Platform is automatically filled in corresponding frame after successfully returning to account and password.It is avoided that cumbersome and repeatedly inputs account information, Guarantee the efficiency for improving user's login application program in the case where account password safety, and then realizes that the quick of trustship account is recognized The quick registration of card and application program.Meanwhile being automatically filled in for account number cipher is not have feeling for a user, is realized The noninductive login of user.
In one embodiment, the first password to be verified includes private key;Before the step of sending operation requests to server, Further include: private key creation instruction is sent to server;Private key creation instruction is that local terminal generates private key for trigger the server;It receives The private key that server returns, output private key save prompt information;Private key saves prompt information for prompting user to carry out private key It saves.
Further, before the step of sending operation requests to server, further includes: receive private key;Wherein, private key according to CTAP agreement imports;According to the private key of importing, operation requests are generated.
Wherein, CTAP (Client to Authenticator Protocol, client to authenticator protocol specification) belongs to In FIDO2, connect from external authentication device (such as safe code key or mobile phone) by USB, bluetooth or NFC to the internet of user Enter equipment (computer or mobile phone) localized delivery strong authentication certificate, can allow user can be easily and safely by desktop or movement Device authentication online service.
The method of Password Management provided by the above embodiment, other than main password, user also needs to click private key creation interface To locate to create private key and properly save.When needing to having stored password and operating, not only need to input main password, but also It needs to import private key according to CTAP agreement, could inquire and modify the account and password of trustship, hosted password can be effectively ensured Safety.In addition, centralization data center of the main password storage in service supplier, and the account of user's trustship and password are deposited Storage is in the block chain for going to center.Because private key is only taken care of by individual subscriber, even if occur service supplier reveal main password or Hacker attack data center obtains the case where main password, and supplier or hacker still can not obtain the account of user's trustship and close Code, to ensure the account number safety of user.
It should be noted that for the various method embodiments described above, describing for simplicity, it is all expressed as a series of Combination of actions, but those skilled in the art should understand that, the present invention is not limited by the sequence of acts described, because according to According to the present invention, certain steps can use other sequences or carry out simultaneously.
Based on thought identical with the method for the Password Management in above-described embodiment, the present invention also provides the dresses of Password Management It sets, which can be used for executing the method for above-mentioned Password Management.For ease of description, the structure of the Installation practice of Password Management In schematic diagram, part related to the embodiment of the present invention illustrate only, it will be understood by those skilled in the art that schematic structure is simultaneously The not restriction of structure twin installation may include perhaps combining certain components or different than illustrating more or fewer components Component layout.
As shown in figure 5, the device of Password Management includes request receiving module 501, authentication module 502,503 and of judgment module Operation module 504, detailed description are as follows: request receiving module 501, for receiving the operation requests of client transmission;Operation is asked It include the first password and Password Operations information to be verified in asking.Authentication module 502, for according to the first password to be verified to Block platform chain sends checking request;Checking request is to be verified close to first using password has been stored for triggering block platform chain Code is verified.Judgment module 503, if the disappearing of passing through of the first password authentification to be verified for receiving the return of block platform chain Breath, decision requests verification pass through.And operation module 504, it is right for according to the Password Operations information in operation requests The corresponding password that stored is operated in block platform chain.The present embodiment, the password stored in block platform chain carry out Legitimacy verifies are sufficiently carried out before operation, and the safety of institute's administrator password can be effectively ensured.
In one embodiment, the first password to be verified includes private key;Further include: private key instruction receiving module, for connecing It receives the private key that client is sent and creates instruction, be that client generates private key according to private key creation instruction;Private key return module, is used for Private key generated is returned into client.
In one embodiment, further includes: logging request receiving module, for receiving the logging request of client transmission; It wherein include the second password to be verified in logging request;Login authentication module, for being verified to the second password to be verified; If the second password authentification to be verified passes through, the information logined successfully is returned to client.
In one embodiment, further includes: registration request receiving module, for receiving the registration request of client transmission; Secret generation module, for generating corresponding second password to be verified according to registration request, and it is to be tested to client return second Demonstrate,prove password.
In one embodiment, further includes: store instruction receiving module, the password storage for receiving client transmission refer to It enables;It wherein, include password to be stored in password storage instruction;Password storage module, for will be to according to password storage instruction Storage password is sent to block platform chain and is recorded;It wherein, include multiple nodes in block platform chain;Multiple nodes, which are treated, to be deposited Storage password is verified, and generates corresponding block when being verified for password to be stored, block generated is linked into area It is recorded in block chain, is to have stored password by pin marker to be stored.
It in one embodiment, include account number information in operation requests;Also include in block platform chain and more It is a to have stored the corresponding account of password;Operation requests include inquiry request and modification request;Operation module 504, comprising: password is true Stator modules, for determining corresponding target account from block platform chain according to account number information;And determining and target account It is number corresponding to have stored password, password has been stored as target;Submodule is inquired, if being inquiry request for operation requests, to Client returns to target account and target has stored password;Submodule is modified, if being modification request for operation requests, according to repairing Change request to have stored password to target account and target and modify, after controlling each nodes records modification in block platform chain Target account and target stored password, generate modification and complete information, return to modification to client and complete information.
In one embodiment, account number information includes the network address of the application program run in client.
As shown in fig. 6, the device of Password Management includes request sending module 601, detailed description are as follows: request sending module 601, for sending operation requests to server;It include the first password and Password Operations information to be verified in operation requests; Operation requests send checking request to block platform chain according to the first password to be verified for trigger the server;Checking request is used for Triggering block platform chain is verified the first password to be verified using having stored password;If receiving the return of block platform chain The message that first password authentification to be verified passes through, decision requests verification pass through;According to the Password Operations letter in operation requests Breath, operates the password that stored corresponding in block platform chain.The present embodiment, the password stored in block platform chain Legitimacy verifies are sufficiently carried out before being operated, and the safety of institute's administrator password can be effectively ensured.
It in one embodiment, include account number information in operation requests;Also include in block platform chain and more It is a to have stored the corresponding multiple accounts of password;Further include: logging request sending module, for sending logging request to server; The logging request, according to account number information, determines corresponding target account for trigger the server from block platform chain;And Determination is corresponding with target account to have stored password, has stored password as target;Password acceptance module, for receiving server The target account and target of return have stored password.
In one embodiment, further includes: login module is logged in for target account and target to have been stored password filling Frame completes register.
In one embodiment, the first password to be verified includes private key;Further include: creation instruction sending module, for Server sends private key creation instruction;Private key creation instruction is that local terminal generates private key for trigger the server;Private key preserving module, For receiving the private key of server return, output private key saves prompt information;Private key saves prompt information for prompting user couple Private key is saved.
In one embodiment, further includes: private key receiving module, for receiving private key;Wherein, private key is according to CTAP agreement It imports;Operation requests generation module generates operation requests for the private key according to importing.
It should be noted that the device of Password Management of the invention and the method for Password Management of the invention correspond, It is suitable for the device of Password Management in the technical characteristic and its advantages of the embodiment elaboration of the method for above-mentioned Password Management Embodiment in, for details, please refer to the description in the embodiment of the method for the present invention, and details are not described herein again, hereby give notice that.
In addition, the logical partitioning of each program module is only to lift in the embodiment of the device of the Password Management of above-mentioned example Example explanation, can according to need in practical application, for example, for corresponding hardware configuration requirement or software realization convenience Consider, above-mentioned function distribution is completed by different program modules, i.e., is divided the internal structure of the device of the Password Management At different program modules, to complete all or part of the functions described above.
The method of Password Management provided by the present application can be applied in computer equipment as shown in Figure 7.The computer Equipment can be server, be also possible to terminal device, and internal structure chart can be as shown in Figure 7.The computer equipment includes Processor, memory, network interface and the database connected by system bus.Wherein, processor is calculated and is controlled for providing Ability processed;Memory includes non-volatile memory medium, built-in storage, the non-volatile memory medium be stored with operating system, Computer program (a kind of computer program realizes Password Management method when being executed by processor) and database, the interior storage Device provides environment for the operation of operating system and computer program in non-volatile memory medium;Database is for storing first The data such as password to be verified, the second password to be verified;Network interface is used to communicate with external terminal by network connection, example Such as: being connect with client, for receiving the operation requests of client transmission.It will be understood by those skilled in the art that being shown in Fig. 7 Structure, only the block diagram of part-structure relevant to application scheme, does not constitute and is applied to it to application scheme On computer equipment restriction, specific computer equipment may include than more or fewer components as shown in the figure, or Certain components are combined, or with different component layouts.
In one embodiment, a kind of computer equipment, including memory and processor, the memory storage are provided There is computer program, processor realizes the step in above-mentioned each embodiment of the method when executing computer program.
In one embodiment, a kind of computer readable storage medium is provided, computer program is stored thereon with, is calculated Machine program realizes the step in above-mentioned each embodiment of the method when being executed by processor.
It will appreciated by the skilled person that realizing all or part of the process in above-described embodiment method, being can It is completed with instructing relevant hardware by computer program, the program can be stored in a computer-readable storage and be situated between In matter, sells or use as independent product.The more specific example (non-exhaustive list) of computer-readable medium includes Below: there is the electrical connection section (electronic device) of one or more wirings, portable computer diskette box (magnetic device), arbitrary access Memory (RAM), read-only memory (ROM), erasable edit read-only storage (EPROM or flash memory), optical fiber dress It sets and portable optic disk read-only storage (CDROM).In addition, computer-readable medium, which can even is that, to be printed on it The paper of described program or other suitable media, because can be for example by carrying out optical scanner to paper or other media, then It edited, interpreted or is handled when necessary with other suitable methods electronically to obtain described program, then by it Storage is in computer storage.
In one embodiment, a kind of code management device is also provided, comprising: the client of network connection (is properly termed as close Code manager client), server (being properly termed as code management device server-side) and block platform chain;Wherein, block chain is flat Record has multiple accounts and corresponding with multiple accounts multiple has stored password in platform;Client, for being sent to server Operation requests;It include the first password, Password Operations information and account number information to be verified in operation requests;Server, For sending checking request to block platform chain according to the first password to be verified;Block platform chain, for according to checking request benefit The first password to be verified is verified with password has been stored;Server, if being also used to receive the of block platform chain return The message that one password authentification to be verified passes through sends password to block platform chain according to the account number information in operation requests and looks into Ask instruction;Block platform chain is also used to instruct the determining corresponding target account from block platform chain according to cipher inquiry;And really It is calmly corresponding with target account to have stored password, password has been stored as target;Server is also used to receive block platform chain hair The target account and target sent have stored password, return to target account to client and target has stored password.
Wherein, client illustrates the basic function of code management device, such as logs in and registration, account number cipher trustship, safety Condition monitoring, using setting etc., for being interacted with user.The request that client issues reaches password by micro services gateway The corresponding micro services of manager server-side, and the processing of various businesses logic is carried out in server-side.Server-side (i.e. previous embodiment In server) use distributed micro services framework, system is split according to business, with realize agile development, The characteristics such as rapid evolution, convenient fault-tolerant and elastic telescopic.Middleware is that code management device server-side calls the service of block platform chain Bridge, in the form of SDK, API, RPC access interface dock server-side multiple business.Block platform chain is in addition to providing identity With cert services, block chain function realize etc. basic functions, additionally provide data service, management and operation, block chain gateway clothes The kernel services such as business.
Specifically, the framework of the code management device is as shown in figure 8, the code management device has presentation layer, application layer, block chain Using middleware layer and block platform chain service layer.
Wherein, presentation layer includes mobile and Web applications client, provides login/registration, trustship account searching and managing, master The interfaces such as Password Management, account number safety condition monitoring, connected device inquiry and application setting.Connected device is inquired, Code management device may be mounted in multiple mobile phones, plate or PC machine, log in a wherein terminal, so that it may check other terminals Connection status, it is ensured that code management device is only stored in suitable terminal, if it is found not to be the terminal of oneself, can modify master Password keeps the logging state of other terminals unavailable.
Micro services gateway in application layer is a key concept of micro services framework, is the sole inlet of client. Since the granularity of service attenuates, it carries many functions such as safety and access registrar.What code management device client issued Request is after micro services gateway processes, and suitable service is simply acted on behalf of/be routed to some, and some is given to one group of clothes Business.Code management device server-side in application layer, handles various businesses logic, and such as main Password Management, adds public/private key pair management Close service and account number safety monitoring etc..
In some embodiments, code management device server-side is docked by SDK, API, RPC interface in the application of block chain Between part.Middleware can certification, safety, cryptographic system, processing, management, monitoring and in terms of provide it is different grades of Service.
The code management device of above-described embodiment combines client, server and block platform chain and realizes depositing for password Storage and authentication, can be effectively ensured the safety of institute's administrator password.
The operational process of above-mentioned code management device in order to better understand, as shown in figure 9, this hair detailed below The application example of bright code management device.
1, user registers main password in code management device, after main password login code management device, wait store Password is stored by the block platform chain in code management device, as having stored password.If user needs to log in some application The password of program, can be by main password login code management device, and code management device is in running background.
2, after user opens mobile or Web application interface, code management device client can be waken up, goes inquiry mobile or Web The account and password of application.The client end response event verifies main password to code management device server-side application and client is private Key signature.Main password is verified by code management device server-side, and private key signature is verified by block platform chain.
3, after the verifying of the dual identity of main password and private key signature, client can be according to the net of mobile or Web application Block platform chain inquiry account and password are removed in location.After block platform chain successfully returns to account and password, code management device client Will Auto-writing account information, and to for return account information filling result (such as: the letter such as application program logins successfully Breath).
Currently, telecom operators and Internet enterprises exist in order to reduce the cost of account certification and ensure the safety of account It is constantly trying to new account authentication mode.Mainly there are 5 kinds of account authentication modes: a, account password certification, the disadvantage is that more accounts The more difficult memory for a user of more passwords.Some website requests have spcial character, and that gives for change or reset is at high cost.B, dynamic password Certification, the disadvantage is that identifying code is easy to be held as a hostage, verification process trouble.C, third party, which authorizes, logs in, the disadvantage is that privacy is actively let out Reveal to third party.D, close certification is exempted from based on cell-phone number, shortcoming is the gateway authentication that height relies on mobile phone, needs to turn off Wifi uses the 4G network of mobile phone;If mobile phone is lost, getting back mobile phone number is very troublesome, and there are security risks.Furthermore, it is necessary to mutually Networking company enters the phone number authentication service of telecom operators, restricted application.E, close certification is exempted from based on public key, led to It crosses and is embedded in WebAuthn Interface Expanding in the web browser to realize FIDO authentication.Shortcoming is only to support web application And it is in the trial stage, extensive use is not yet received.
Therefore, carrying out centralized management to the more passwords of more accounts has biggish demand.To currently used account number cipher collection Middle management method is analyzed as follows:
1) small red umbrella password house keeper/password house keeper app.Can on mobile phone and computer in equipment safely storage ground password and Notes, it is characterized in that: a, only having to remember that a main password.There is main password, user is accessible to be encrypted using army grade (AES-256) all other password of secure storage.B, password and notes are intuitively stored: saving password in surfing.User Notes can also be created or comment or only record idea are carried out to particular login and access them on all devices. C, it easily logs in full-automatic: avoiding cumbersome and repeatedly input login details, small red umbrella code management device can Auto-writing institute There is information.D, unshakable password is created.Code management device is that account generates and store unique password, to prevent identity quilt It steals.This kind of code management device is the data of dependence centralization to store the password of user, there is following 2 disadvantages: a, Yong Hucun The password of storage has been leaked to the provider of password housekeeper service, there is the risk being abused;If b, main password leakage, can cause The leakage of multiple account passwords.
2) Passport password house keeper.Passport endeavours to guarantee the privacy of user using advanced encryption technology, can be with Safely save account number cipher and credit card information.Passport can recorde each account, therefore user can make easily With random cipher generator to be combined on different web sites using different username and passwords.At the same time, moreover it is possible to ensure to use The cryptosecurity at family is without anxiety.The use of Passport has no threshold, and unlocked by fingerprint can be used (only in the equipment of support in user On), it might even be possible to fingerprint just automatic stopping code is scanned directly in webpage, is equivalent to and the net that fingerprint logs in preservation can be used It stands.For Passport even without network legal power, permanent data can back up to SD card or synchronous by installing free cloud Plug-in unit comes using cloud synchronous service.But Passport password house keeper only supports mobile terminal, synchronization is cumbersome with backup procedure.
3) the WebAuthn API of W3C.It is a kind of standard that can incorporate browser and related Web platform base framework WebAPI can provide powerful, the unique and voucher based on public key for each website, eliminate from a certain website snatch password after quilt Risk for other websites.The Web application journey run in a browser being loaded into using FIDO identity verifier thereof in equipment Sequence can replace password exchange by Password Operations, or other than password exchange, can also bring for ISP and user Simpler authentication and stronger authentication.But WebAuthn API only supports Web terminal, does not solve existing Multi-user's more passwords the problem of, and it is still under test.
Compared to existing code management device, the advantage of the code management device of the embodiment of the present invention is: 1, can be effectively ensured The personal secrets of user.2, it does not need to close WIFI network, simplifies operation, it is applied widely.3, change internet is not needed to answer Login interface is to support mobile phone to exempt from close certification, therefore the scope of application is wider.4, the account after client is decrypted and close Code, will automatic filling is mobile or the login interface of the application terminal Web, can be to avoid cumbersome and repeatedly input account information.5, account Number cipher inquiry and the process filled in running background, user only see account information filling as a result, and to account and close Code filling process is noninductive.After trustship account and password are filled automatically, quickly recognizing for each application program can be rapidly completed Card process.
It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware Any one of column technology or their combination are realized: having a logic gates for realizing logic function to data-signal Discrete logic, with suitable combinational logic gate circuit specific integrated circuit, programmable gate array (PGA), scene Programmable gate array (FPGA) etc..
The term " includes " of the embodiment of the present invention and " having " and their any deformations, it is intended that cover non-exclusive Include.Such as contain series of steps or the process, method, system, product or equipment of (module) unit are not limited to The step of listing or unit, but optionally further comprising the step of not listing or unit, or optionally further comprising for these The intrinsic other step or units of process, method, product or equipment.
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited In contradiction, all should be considered as described in this specification.
The embodiments described above only express several embodiments of the present invention, should not be understood as to the invention patent range Limitation.It should be pointed out that for those of ordinary skill in the art, without departing from the inventive concept of the premise, Various modifications and improvements can be made, and these are all within the scope of protection of the present invention.Therefore, the scope of protection of the patent of the present invention It should be determined by the appended claims.

Claims (10)

1. a kind of method of Password Management, which comprises the following steps:
Receive the operation requests that client is sent;It include the first password and Password Operations letter to be verified in the operation requests Breath;
Checking request is sent to block platform chain according to the described first password to be verified;The checking request is for triggering the area Block platform chain is verified the described first password to be verified using having stored password;
If receiving the message that the described first password authentification to be verified that the block platform chain returns passes through, the operation is determined Requests verification passes through;
According to the Password Operations information in the operation requests, the corresponding password that stored in the block platform chain is grasped Make.
2. the method according to claim 1, wherein it is described receive client send operation requests the step of it Before, further includes:
Receive the logging request that client is sent;It wherein include the second password to be verified in the logging request;
Described second password to be verified is verified;If second password authentification to be verified passes through, Xiang Suoshu client is returned Return the information logined successfully.
3. according to the method described in claim 2, it is characterized in that, it is described receive client send logging request the step of it Before, further includes:
Receive the registration request that client is sent;
Corresponding second password to be verified is generated according to the registration request, and to be verified to client return described second Password.
4. the method according to claim 1, wherein it is described receive client send operation requests the step of it Before, further includes:
Receive the password storage instruction that the client is sent;It wherein, include password to be stored in the password storage instruction;
The password to be stored the block platform chain is sent to according to password storage instruction to record;Wherein, institute Stating includes multiple nodes in block platform chain;The multiple node verifies the password to be stored, when being verified Generate corresponding block for the password to be stored, block generated be linked into block chain and is recorded, will it is described to Storage pin marker is to have stored password.
5. according to the method described in claim 4, it is characterized in that, including account number information in the operation requests;Institute State in block platform chain also includes to have stored the corresponding multiple accounts of password with the multiple;The operation requests include inquiry Request and modification request;
The Password Operations information according in the operation requests, in the block platform chain it is corresponding stored password into The step of row operation, comprising:
According to the account number information, corresponding target account is determined from the block platform chain;And the determining and mesh Account is corresponding has stored password for mark, has stored password as target;
If the operation requests are inquiry request, the Xiang Suoshu client return target account and the target have stored close Code;
If the operation requests are modification request, the target account and the target are stored according to modification request close Code is modified, control the modified target account of each nodes records in the block platform chain and target stored it is close Code generates modification and completes information, and Xiang Suoshu client returns to the modification and completes information.
6. a kind of method of Password Management, which comprises the following steps:
Operation requests are sent to server;It include the first password and Password Operations information to be verified in the operation requests; The operation requests send checking request to block platform chain according to the described first password to be verified for triggering the server; The checking request is verified the described first password to be verified for triggering the block platform chain using having stored password; If receiving the message that the described first password authentification to be verified that the block platform chain returns passes through, the operation requests are determined It is verified;According to the Password Operations information in the operation requests, password has been stored to corresponding in the block platform chain It is operated.
7. according to the method described in claim 6, it is characterized in that, first password to be verified includes private key;
Before described the step of sending operation requests to server, further includes:
Private key creation instruction is sent to server;The private key creation instruction is that local terminal generates private for triggering the server Key;
The private key that server returns is received, output private key saves prompt information;The private key saves prompt information and uses for prompting Family saves the private key.
8. a kind of device of Password Management characterized by comprising
Request receiving module, for receiving the operation requests of client transmission;It include first to be verified in the operation requests Password and Password Operations information;
Authentication module, for sending checking request to block platform chain according to the described first password to be verified;The checking request The described first password to be verified is verified for triggering the block platform chain using having stored password;
Judgment module, if disappearing for receive that the described first password authentification to be verified that the block platform chain returns passes through Breath, determines that the operation requests are verified;
And operation module, for being corresponded to in the block platform chain according to the Password Operations information in the operation requests The password of storage operated.
9. a kind of device of Password Management characterized by comprising
Request sending module, for sending operation requests to server;It include the first password to be verified in the operation requests And Password Operations information;The operation requests are for triggering the server according to the described first password to be verified to block chain Platform sends checking request;The checking request for trigger the block platform chain using stored password to described first to Verifying password is verified;If what the described first password authentification to be verified for receiving the block platform chain return passed through disappears Breath, determines that the operation requests are verified;According to the Password Operations information in the operation requests, to the block platform chain In the corresponding password that stored operated.
10. a kind of code management device characterized by comprising client, server and the block platform chain of network connection; Wherein, record has multiple accounts and corresponding with the multiple account multiple has stored password in the block platform chain;
The client, for sending operation requests to the server;It include first to be verified close in the operation requests Code, Password Operations information and account number information;
The server, for sending checking request to block platform chain according to the described first password to be verified;
The block platform chain, for being carried out to the described first password to be verified according to the checking request using having stored password Verifying;
The server, if being also used to receive what the described first password authentification to be verified that the block platform chain returns passed through Message sends cipher inquiry instruction to the block platform chain according to the account number information in the operation requests;
The block platform chain is also used to instruct the determining corresponding target from the block platform chain according to the cipher inquiry Account;And determine it is corresponding with the target account stored password, stored password as target;
The server, the target account and target for being also used to receive the block platform chain transmission have stored password, Xiang Suoshu Client returns to the target account and the target has stored password.
CN201910461988.4A 2019-05-30 2019-05-30 Password management method and device and password manager Active CN110247758B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910461988.4A CN110247758B (en) 2019-05-30 2019-05-30 Password management method and device and password manager

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910461988.4A CN110247758B (en) 2019-05-30 2019-05-30 Password management method and device and password manager

Publications (2)

Publication Number Publication Date
CN110247758A true CN110247758A (en) 2019-09-17
CN110247758B CN110247758B (en) 2023-03-24

Family

ID=67885318

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910461988.4A Active CN110247758B (en) 2019-05-30 2019-05-30 Password management method and device and password manager

Country Status (1)

Country Link
CN (1) CN110247758B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111082927A (en) * 2019-11-07 2020-04-28 贵州警察学院 Private key management method and device and terminal equipment
CN112365263A (en) * 2020-11-12 2021-02-12 湖南智慧政务区块链科技有限公司 Block chain account management intercommunication method, device, equipment and storage medium
CN112507325A (en) * 2020-12-03 2021-03-16 深圳天地宽视信息科技有限公司 Method, device, equipment and storage medium for managing equipment access authority
CN113726888A (en) * 2021-08-31 2021-11-30 安天科技集团股份有限公司 Cipher data processing method and device based on block chain, electronic equipment and medium
CN114124480A (en) * 2021-11-08 2022-03-01 闪捷信息科技有限公司 Communication authentication method, server, client, electronic device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015149582A1 (en) * 2014-04-02 2015-10-08 天地融科技股份有限公司 Password input method, intelligent secret key device and client apparatus
CN106034123A (en) * 2015-03-17 2016-10-19 ***通信集团湖北有限公司 Authentication method, application system server and client
WO2017088677A1 (en) * 2015-11-23 2017-06-01 阿里巴巴集团控股有限公司 User key storage method and server
CN109257336A (en) * 2018-08-24 2019-01-22 维沃移动通信有限公司 It is a kind of based on the encrypted message processing method of block chain, terminal device
CN109359976A (en) * 2018-09-06 2019-02-19 深圳大学 Account number cipher management method, device, equipment and storage medium based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015149582A1 (en) * 2014-04-02 2015-10-08 天地融科技股份有限公司 Password input method, intelligent secret key device and client apparatus
CN106034123A (en) * 2015-03-17 2016-10-19 ***通信集团湖北有限公司 Authentication method, application system server and client
WO2017088677A1 (en) * 2015-11-23 2017-06-01 阿里巴巴集团控股有限公司 User key storage method and server
CN109257336A (en) * 2018-08-24 2019-01-22 维沃移动通信有限公司 It is a kind of based on the encrypted message processing method of block chain, terminal device
CN109359976A (en) * 2018-09-06 2019-02-19 深圳大学 Account number cipher management method, device, equipment and storage medium based on block chain

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111082927A (en) * 2019-11-07 2020-04-28 贵州警察学院 Private key management method and device and terminal equipment
CN111082927B (en) * 2019-11-07 2023-12-12 贵州警察学院 Private key management method and device and terminal equipment
CN112365263A (en) * 2020-11-12 2021-02-12 湖南智慧政务区块链科技有限公司 Block chain account management intercommunication method, device, equipment and storage medium
CN112507325A (en) * 2020-12-03 2021-03-16 深圳天地宽视信息科技有限公司 Method, device, equipment and storage medium for managing equipment access authority
CN112507325B (en) * 2020-12-03 2022-10-28 深圳天地宽视信息科技有限公司 Method, device, equipment and storage medium for managing equipment access authority
CN113726888A (en) * 2021-08-31 2021-11-30 安天科技集团股份有限公司 Cipher data processing method and device based on block chain, electronic equipment and medium
CN114124480A (en) * 2021-11-08 2022-03-01 闪捷信息科技有限公司 Communication authentication method, server, client, electronic device and storage medium
CN114124480B (en) * 2021-11-08 2023-12-05 闪捷信息科技有限公司 Communication authentication method, server, client, electronic device and storage medium

Also Published As

Publication number Publication date
CN110247758B (en) 2023-03-24

Similar Documents

Publication Publication Date Title
Lim et al. Blockchain technology the identity management and authentication service disruptor: a survey
US10097350B2 (en) Privacy enhanced key management for a web service provider using a converged security engine
CN101414909B (en) System, method and mobile communication terminal for verifying network application user identification
CN105378744B (en) User and device authentication in business system
CN105359486B (en) Resource is accessed using agent security
CN108989346B (en) Third-party valid identity escrow agile authentication access method based on account hiding
CN108293045A (en) Single-sign-on Identity Management between local and remote system
CN110247758A (en) The method, apparatus and code management device of Password Management
CN109558721A (en) The Secure Single Sign-on and conditional access of client application
CN105556891B (en) Method, system and the storage medium of session token are sent by passive client
CN109413032A (en) A kind of single-point logging method, computer readable storage medium and gateway
US10291622B1 (en) Quorum-based access management
CN108028845A (en) Use the mobile device management service of export voucher registered enterprise
US10277606B2 (en) Anonymous application wrapping
CN107209659A (en) Mobile authentication in mobile virtual network
TW200820716A (en) Method and apparatus for providing trusted single sign-on access to applications and internet-based services
US20220224535A1 (en) Dynamic authorization and access management
CN107743702A (en) The single-sign-on of trustship mobile device
CN110493237A (en) Identity management method, device, computer equipment and storage medium
CN101651541A (en) System and method for authentication of network user
CN108234509A (en) FIDO authenticators, Verification System and method based on TEE and PKI certificates
US9444800B1 (en) Virtual communication endpoint services
CN105354482A (en) Single sign-on method and device
CN111274569A (en) Research, development, operation and maintenance integrated system for unified login authentication and login authentication method thereof
Chen et al. A self-sovereign decentralized identity platform based on blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20220118

Address after: Room 1423, No. 1256 and 1258, Wanrong Road, Jing'an District, Shanghai 200040

Applicant after: Tianyi Digital Life Technology Co.,Ltd.

Address before: 1 / F and 2 / F, East Garden, Huatian International Plaza, 211 Longkou Middle Road, Tianhe District, Guangzhou, Guangdong 510630

Applicant before: Century Dragon Information Network Co.,Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant