CN112967056A - Access information processing method and device, electronic equipment and medium - Google Patents
Access information processing method and device, electronic equipment and medium Download PDFInfo
- Publication number
- CN112967056A CN112967056A CN202110341463.4A CN202110341463A CN112967056A CN 112967056 A CN112967056 A CN 112967056A CN 202110341463 A CN202110341463 A CN 202110341463A CN 112967056 A CN112967056 A CN 112967056A
- Authority
- CN
- China
- Prior art keywords
- terminal
- user
- identifier
- information
- identification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 49
- 238000003672 processing method Methods 0.000 title claims abstract description 35
- 238000012795 verification Methods 0.000 claims abstract description 35
- 238000000034 method Methods 0.000 claims abstract description 33
- 238000013475 authorization Methods 0.000 claims description 86
- 230000006399 behavior Effects 0.000 claims description 3
- 238000004590 computer program Methods 0.000 claims description 3
- 230000002159 abnormal effect Effects 0.000 description 12
- 238000012545 processing Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 8
- 230000003287 optical effect Effects 0.000 description 6
- 239000003795 chemical substances by application Substances 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000004091 panning Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000009825 accumulation Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Technology Law (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the application discloses an access information processing method, an access information processing device, electronic equipment and a medium. The application relates to the technical field of mobile internet, and the method is executed by a server and comprises the following steps: if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained; and generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in. According to the scheme, the operation request which is initiated by the subsequent terminal and carries the terminal identification and the authorized login information is safely verified, so that the problem that other terminals steal the login authentication information and abnormally access the server after the terminal successfully logs in is solved, and the security of the terminal for accessing the server is ensured.
Description
Technical Field
The embodiment of the application relates to the technical field of mobile interconnection, in particular to an access information processing method and device, electronic equipment and a medium.
Background
At present, the revolution of the bank system enters a third stage, the bank service is split, the bank service is moved out, the business splitting and scene fusion in banks, between banks and non-bank financial institutions and even between cross-border enterprises is realized, and the ecological reconstruction of the banks is carried out. The banking service system in the third stage, namely an unbounded and open banking service system, uses banking services in an open scene.
However, the security of the banking system is further threatened while the banking system is opened. After the user successfully logs in the banking system by using the terminal, the banking system returns the token to mark that the user successfully logs in, but other abnormally accessed terminals may steal the token and carry the stolen token to continuously access the banking system, thereby threatening the security of the banking system.
Disclosure of Invention
The embodiment of the invention provides an access information processing method, an access information processing device, electronic equipment and a medium, which are used for continuously verifying the operation executed after a user logs in and ensuring the access safety.
In one embodiment, an embodiment of the present application provides an access information processing method, which is executed by a server, and includes:
if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained;
and generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in.
In another embodiment, an embodiment of the present application further provides an access information processing method, which is executed by a terminal, and the method includes:
if the fact that the user logs in the server through the terminal is detected, acquiring terminal identification information of the terminal and login information of the user;
sending terminal identification information and login information of the user to the server, so that after the user successfully logs in the server through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information, generates an authorized login identification of the user according to the login information of the user, and issues the authorized login identification to the terminal;
and receiving an authorized login identifier issued by the server.
In an embodiment, an embodiment of the present application further provides an access information processing apparatus configured on a server, where the apparatus includes:
the information acquisition module is used for acquiring terminal identification information sent by a terminal and login information of a user if the fact that the user successfully logs in a server through the terminal is detected;
and the identifier generation module is used for generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in.
In another embodiment, an embodiment of the present application further provides an access information processing apparatus configured in a terminal, where the apparatus includes:
the information acquisition module is used for acquiring terminal identification information of the terminal and login information of the user if the fact that the user logs in the server through the terminal is detected;
the information sending module is used for sending terminal identification information and login information of the user by the server, so that after the user successfully logs in the server through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information, generates an authorized login identification of the user according to the login information of the user, and sends the authorized login identification to the terminal;
and the identifier receiving module is used for receiving the authorized login identifier issued by the server.
In another embodiment, an embodiment of the present application further provides an electronic device, including: one or more processors;
a memory for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors implement the access information processing method executed by the server according to any embodiment of the present application, or implement the access information processing method executed by the terminal according to any embodiment of the present application.
In yet another embodiment, the present application further provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the access information processing method executed by the server according to any embodiment of the present application, or implements the access information processing method executed by the terminal according to any embodiment of the present application.
According to the technical scheme of the embodiment of the application, if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained; and generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in. By carrying out security verification on the operation request which is initiated by the subsequent terminal and carries the terminal identification and the authorized login information, the problem that other terminals steal the login authentication information and carry out abnormal access on the server after the terminal login is successful is solved, and the security of the terminal for accessing the server is ensured.
Drawings
Fig. 1 is a flowchart of an access information processing method executed by a server according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a user login interface according to an embodiment of the present invention;
fig. 3 is a flowchart of an access information processing method executed by a server according to another embodiment of the present invention;
fig. 4 is a flowchart of an access information processing method executed by a server according to another embodiment of the present invention;
fig. 5 is a flowchart of an access information processing method executed by a terminal according to an embodiment of the present invention;
FIG. 6 is a block diagram of an accessing information processing apparatus configured in a server according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an access information processing apparatus configured in a terminal according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Fig. 1 is a flowchart of an access information processing method executed by a server according to an embodiment of the present invention. The access information processing method provided by the embodiment of the application can be suitable for processing the access initiated by the user to the server through the terminal. Typically, the embodiment of the application is suitable for verifying the initiated operation request after the user successfully logs in the server through the terminal. The method may be particularly performed by an access information processing apparatus, which may be implemented in software and/or hardware, which may be integrated in an electronic device capable of implementing the access information processing method. Referring to fig. 1, the method of the embodiment of the present application specifically includes:
s110, if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained.
The user logs in the server through the terminal and can be software systems such as a bank service system and the like. The server performs access information such as authentication login operation. The user may be a bank customer or the like who may use the banking system. The software system may also be other systems, such as a public accumulation fund business system, a household processing business system, etc., and is not limited to a bank service system.
If the terminal logs in based on the application program, the terminal identification information comprises at least one of the following items: a software system identification, a device identification, and a hardware address; for example: android Id, Open UDID, Device Id, MAC address and the like, wherein if the terminal logs in based on a browser, the terminal identification information comprises at least one of the following items: browser name, kernel version number based on which the browser is based, browser vendor kernel version number, browser user agent and operating system version information, and the like.
The login information of the user can comprise a user account identifier and a third-party platform identifier, wherein the third-party platform is a platform on which the user logs in through the terminal; the user account identification can be a bank client number and the like, and is a unique identification set for each user by a bank. The third-party platform identifier may be a merchant number outside the current application scenario, for example, if the user accesses the bank service system on the terminal based on the treasure panning platform, the treasure panning platform is the third-party platform, and the third-party platform identifier is the merchant number of the treasure panning platform.
For example, as shown in fig. 2, a user may log in to a server through a terminal, and a specific login verification process may be that the user logs in through a mobile phone number, the server returns a verification code to the terminal, the user fills the verification code into the terminal and sends the verification code to the server, and the server verifies the verification code. And if the verification is passed, the user logs in successfully. When a user logs in a server through a terminal, acquiring terminal identification information and user login information, sending the terminal identification information and the user login information to the server, and acquiring the terminal identification information sent by the terminal and the user login information by the server.
And S120, generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in.
At present, after a user successfully logs in to a server through a terminal, the server returns a Token to the terminal to mark that the terminal has successfully logged in, and a subsequent terminal can access the server by carrying the Token. However, if the Token is stolen by other abnormal terminals, the Token can be carried to continue to illegally access the server, and the security of the server is threatened. In the embodiment of the application, after the user successfully logs in through the terminal, the authorized environment identifier of the terminal is generated according to the terminal identifier information and is stored locally, so that when the subsequent terminal accesses, the terminal currently used by the user is verified according to the authorized environment identifier, and abnormal access of other abnormal terminals is avoided. In addition, the server generates an authorized login identification of the user according to the login information of the user and issues the authorized login identification to the terminal, so that when a subsequent user initiates an operation request through the terminal, the operation request of the user is safely verified according to the authorized login identification carried by the terminal and the authorized login identification issued to the terminal, and abnormal access of an abnormal user is avoided.
According to the technical scheme of the embodiment of the application, if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained; and generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in. The terminal environment used by the user is verified by carrying out safety verification on the operation request carrying the terminal identification and the authorized login information and initiated by the subsequent terminal, the problem that other terminals steal the login authentication information and perform abnormal access on the server after the terminal is successfully logged in is solved, and the safety of the terminal in accessing the server is ensured.
Fig. 3 is a flowchart of an access information processing method executed by a server according to another embodiment of the present invention. For further optimization of the embodiments, details which are not described in detail in the embodiments of the present application are described in the embodiments. Referring to fig. 3, an access information processing method provided in an embodiment of the present application may include:
s210, if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained.
S220, generating an authorization environment identifier of the terminal according to the terminal identifier information and the key information distributed to the user.
For example, the server may assign the user with the private key information in advance, and different third party platforms used by the user may assign different private key information. The server generates an authorized environment identifier of the terminal according to the terminal identifier information and the key information distributed to the user, so that the authorized environment identifier uniquely identifies one terminal, and different terminal environments correspond to different authorized environment identifiers.
In this embodiment of the present application, generating the authorization environment identifier of the terminal according to the terminal identifier information and the key information allocated to the user includes: splicing the terminal identification information and the key information to obtain splicing environment identification information; and based on an encryption algorithm, encrypting the splicing identification information to obtain the authorized environment identification of the terminal.
Illustratively, as shown in table 1, the terminal identification information and the key information are spliced to obtain splicing environment identification information, and then the splicing environment identification information is encrypted to obtain an authorized environment identification of the terminal. The encryption algorithm may be a MAC algorithm, an MD5 algorithm, or the like. And after the server generates the authorization environment identifier, the server stores the authorization environment identifier locally.
TABLE 1
S230, determining the authorization identity of the user according to the user account identity and the third-party platform identity.
The login information of the user comprises a user account identifier and a third party platform identifier, wherein the third party platform is a platform on which the user logs in through the terminal;
illustratively, for each user, the authorized identity of the user is generated according to the user account identity and the third-party platform identity, so that the identity of the user is uniquely marked with the authorized identity.
In this embodiment of the present application, determining the authorized identity of the user according to the user account identifier and the third-party platform identifier includes: splicing the user account identification and the third-party platform identification to obtain a spliced identity identification; encrypting the splicing identity to obtain the authorization identity; and issuing the authorization identity to the terminal.
The user account identifier and the third party platform identifier are spliced, the third party platform identifier can be spliced in front of the user account identifier, or the third party platform identifier can be spliced behind the user account, and the splicing is not limited herein. The method comprises the steps of splicing a user account identifier and a third-party platform identifier to obtain a spliced identity identifier, encrypting the spliced identity identifier to obtain an authorized identity identifier, and issuing the authorized identity identifier to a terminal so that the terminal carries the authorized identity identifier when an operation request is subsequently initiated, and performing security verification by a server. The algorithm of the encryption processing may be a MAC algorithm, an MD5 algorithm, or the like.
S240, aiming at the current successful login behavior, a session identifier is generated.
Illustratively, after the user successfully logs in to the server through the terminal each time, the server generates a session identifier, which is Token. The server returns the session identifier to the terminal, and the terminal needs to carry Token in subsequent access without carrying a user name and a password each time.
S250, encrypting the authorization identity identification and the session identification after splicing to obtain the authorization login identification; or, after the third party platform identifier, the authorization identity identifier and the session identifier are spliced, encrypting is carried out to obtain the authorization login identifier.
Illustratively, the server splices the authorization identity identifier and the session identifier, and encrypts the spliced authorization identity identifier and the session identifier to obtain an authorization login identifier. Or the server splices the third party platform identification, the authorization identification and the session identification, encrypts the spliced third party platform identification, the authorization identification and the session identification to obtain an authorization login identification, and issues the authorization login identification to the terminal, so that the terminal carries the authorization login identification during subsequent access and is subjected to security verification by the server. In the embodiment of the application, the authorization identity identifier and the session identifier are encrypted after being spliced, or the encryption mode of the third-party platform identifier, the authorization identity identifier and the session identifier after being spliced is reversible encryption. The authorization identity identification and the session identification can be determined according to the authorization login information, or the third-party platform identification, the authorization identity identification and the session identification can be determined according to the authorization login information.
According to the scheme in the embodiment of the application, an authorization environment identifier of the terminal is generated according to the terminal identifier information and key information distributed to the user, an authorization identity identifier of the user is determined according to the user account identifier and the third-party platform identifier, the authorization identity identifier of the user is determined according to the user account identifier and the third-party platform identifier, and the authorization identity identifier and the session identifier are encrypted after being spliced to obtain the authorization login identifier; or, after the third-party platform identifier, the authorized identity identifier and the session identifier are spliced, encryption is carried out to obtain the authorized login identifier, so that double authentication is carried out from two aspects of the operating environment and the user identity of the user, and the safety of the operation initiated after the user logs in is improved.
In this embodiment of the present application, the process of performing security verification on the operation request after the user successfully logs in includes: if receiving an operation request initiated by the user through the terminal, acquiring an authorization identity carried by the terminal; and if the authorization identity carried by the terminal is consistent with the authorization identity issued to the terminal, determining the user operation authority associated with the authorization identity.
Illustratively, after generating the authorized identity, the server stores the authorized identity and the user operation permission of the user in an associated manner, and issues the authorized identity to the terminal. When a user initiates an operation request to a server through a terminal, the authorization identity sent by the server is carried. And if receiving an operation request initiated by a user through the terminal, the server acquires an authorization identity carried by the terminal. If the authorized identity sent by the authorized identity server carried by the terminal to the terminal is consistent, determining the user operation authority associated with the authorized identity according to the pre-stored association relationship between the authorized identity and the user operation authority, so as to execute corresponding operation according to the operation authority.
Fig. 4 is a flowchart of an access information processing method executed by a server according to yet another embodiment of the present invention. For further optimization of the embodiments, details which are not described in detail in the embodiments of the present application are described in the embodiments. Referring to fig. 4, an access information processing method provided in an embodiment of the present application may include:
s310, if it is detected that the user successfully logs in the server through the terminal, terminal identification information sent by the terminal and login information of the user are obtained.
S320, generating an authorization environment identifier of the terminal according to the terminal identifier information, generating an authorization login identifier of the user according to the login information of the user, and issuing the authorization login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorization login identifier after the user successfully logs in.
S330, if an operation request initiated by the user through the terminal is received, acquiring current terminal identification information and an authorized login identification carried by the terminal.
For example, for an operation request initiated by a user after the user successfully logs in through a terminal, the server needs to verify the terminal environment and the user identity initiated by the operation request again, and therefore the terminal needs to acquire current terminal identification information. After the server generates the authorized login identification, the authorized identification information is sent to the terminal. The terminal needs to send an authorized login identifier to the server, so that the server performs security verification on the terminal environment and the user identity of the currently initiated operation request according to the current terminal identifier information and the authorized login identifier carried by the terminal.
And S340, generating a current environment identifier according to the current terminal identifier information carried by the terminal.
The server generates a current environment identifier according to current terminal identifier information carried by the terminal, wherein the generation mode is the same as that of the authorized environment identifier, namely, the terminal identifier information and key information distributed to the user are spliced and then encrypted to obtain the current environment identifier.
And S350, determining a security verification result according to the matching result of the current environment identifier and the authorization environment identifier and the matching result of the authorization login identifier issued to the terminal and the authorization login identifier carried by the terminal.
Illustratively, the current environment identifier is matched with a pre-stored authorization environment identifier, and if the matching is successful, it is determined that the terminal environment currently used by the user is the same as the terminal environment used by the user during login, and no change of the terminal environment occurs. And the server matches the authorized login identification issued to the terminal with the authorized login identification carried by the terminal. The specific process that the server matches the authorized login identification issued to the terminal with the authorized login identification carried by the terminal can be that the server decrypts the authorized login identification to obtain the authorized identity identification and the session identification, matches the authorized identity identification obtained by decryption with the authorized identity identification stored in the server in advance, matches the session identification obtained by decryption with the session identification stored in the server in advance, and if the matching is successful, the security authentication is passed. Or the server decrypts the authorized login identification to obtain a third-party platform identification, an authorized identity identification and a session identification, matches the decrypted third-party platform identification, the decrypted authorized identity identification and the authorized identity identification prestored in the server, matches the session identification obtained by decryption with the session identification prestored in the server, and matches the decrypted third-party platform identification with the third-party platform identification prestored in the server. And if the matching is successful, the security authentication is passed. In addition, the server can also inquire whether the current login state of the user is in a limited period according to the login state of the pre-stored session identifier. If within the limited period, the user is allowed to continue accessing.
According to the technical scheme of the embodiment of the application, when the user initiates the operation request to the server through the terminal, the current terminal identification information and the authorized login identification carried by the terminal are used, so that the terminal environment and the user identity used by the user are verified, illegal access of other abnormal terminals to the server is avoided, and the access safety is improved.
Fig. 5 is a flowchart of an access information processing method executed by a terminal according to an embodiment of the present invention. The access information processing method provided by the embodiment of the application can be suitable for processing the access initiated by the user to the server through the terminal. Typically, the embodiment of the application is suitable for verifying the initiated operation request after the user successfully logs in the server through the terminal. The method may be particularly performed by an access information processing apparatus, which may be implemented in software and/or hardware, which may be integrated in an electronic device capable of implementing the access information processing method. Referring to fig. 5, the method of the embodiment of the present application specifically includes:
s410, if it is detected that the user logs in the server through the terminal, acquiring terminal identification information of the terminal and login information of the user.
If the terminal logs in based on the application program, the terminal identification information comprises at least one of the following items: a software system identification, a device identification, and a hardware address; if the terminal logs in based on the browser, the terminal identification information comprises at least one of the following items: browser name, kernel version number upon which the browser is based, browser vendor kernel version number, browser user agent and operating system version information.
Illustratively, if the terminal detects that the user sends a login request to the server through the terminal, terminal representation information and login information of the user are collected.
S420, sending terminal identification information and login information of the user to the server, so that after the user successfully logs in the server through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information, generates an authorized login identification of the user according to the login information of the user, and sends the authorized login identification to the terminal.
The terminal sends terminal identification information and login information of a user to the server, after the user successfully logs in through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information and stores the authorized environment identification in the local, so that when a subsequent terminal accesses, the terminal currently used by the user is verified according to the authorized environment identification, and abnormal access of other abnormal terminals is avoided. In addition, the server generates an authorized login identification of the user according to the login information of the user and issues the authorized login identification to the terminal, so that when a subsequent user initiates an operation request through the terminal, the operation request of the user is safely verified according to the authorized login identification carried by the terminal and the authorized login identification issued to the terminal, and abnormal access of an abnormal user is avoided.
S430, receiving the authorized login identification sent by the server.
Illustratively, the terminal receives an authorized login identifier issued by the server, so that when an operation request is subsequently initiated to the server, the authorized login identifier and the terminal identifier information are carried, and the server performs security verification.
In an embodiment of the present application, the method further includes: if the user initiates an operation request to a server through the terminal, acquiring the current terminal identification information of the terminal; sending current terminal identification information and an authorized login identification to a server, generating a current environment identification by the server according to the current terminal identification information, and performing security verification according to a matching result of the current environment identification and the authorized environment identification, the authorized login identification sent by the terminal and the matching result of the authorized login identification issued by the server to the terminal.
For example, for an operation request initiated by a user after the user successfully logs in through a terminal, the server needs to verify the terminal environment and the user identity initiated by the operation request again, and therefore the terminal needs to acquire current terminal identification information. After the server generates the authorized login identification, the authorized identification information is sent to the terminal. The terminal needs to send an authorized login identifier to the server, so that the server performs security verification on the terminal environment and the user identity of the currently initiated operation request according to the current terminal identifier information and the authorized login identifier carried by the terminal. The server generates a current environment identifier according to current terminal identifier information carried by the terminal, wherein the generation mode is the same as that of the authorized environment identifier, namely, the terminal identifier information and key information distributed to the user are spliced and then encrypted to obtain the current environment identifier. And matching the current environment identifier with a prestored authorization environment identifier, and if the matching is successful, determining that the current terminal environment used by the user is the same as the terminal environment used by the user during login and the terminal environment is not changed. And the server matches the authorized login identification issued to the terminal with the authorized login identification carried by the terminal. The specific process that the server matches the authorized login identification issued to the terminal with the authorized login identification carried by the terminal can be that the server decrypts the authorized login identification to obtain the authorized identity identification and the session identification, matches the authorized identity identification obtained by decryption with the authorized identity identification stored in the server in advance, matches the session identification obtained by decryption with the session identification stored in the server in advance, and if the matching is successful, the security authentication is passed. Or the server decrypts the authorized login identification to obtain a third-party platform identification, an authorized identity identification and a session identification, matches the decrypted third-party platform identification, the decrypted authorized identity identification and the authorized identity identification prestored in the server, matches the session identification obtained by decryption with the session identification prestored in the server, and matches the decrypted third-party platform identification with the third-party platform identification prestored in the server. And if the matching is successful, the security authentication is passed. In addition, the server can also inquire whether the current login state of the user is in a limited period according to the login state of the pre-stored session identifier. If within the limited period, the user is allowed to continue accessing.
In an embodiment of the present application, the method further includes: receiving an authorization identity sent by the server; and if the user initiates an operation request to the server through the terminal, sending an authorization identity identifier to the server, so that if the server judges that the authorization identity identifier carried by the terminal is consistent with the authorization identity identifier issued to the terminal, determining the user operation authority associated with the authorization identity identifier.
Illustratively, after generating the authorized identity, the server stores the authorized identity and the user operation permission of the user in an associated manner, and issues the authorized identity to the terminal. When a user initiates an operation request to a server through a terminal, the authorization identity sent by the server is carried. And if receiving an operation request initiated by a user through the terminal, the server acquires an authorization identity carried by the terminal. If the authorized identity sent by the authorized identity server carried by the terminal to the terminal is consistent, determining the user operation authority associated with the authorized identity according to the pre-stored association relationship between the authorized identity and the user operation authority, so as to execute corresponding operation according to the operation authority.
Fig. 6 is a schematic structural diagram of an access information processing apparatus configured in a server according to an embodiment of the present invention. The device can be applied to the condition of processing the access initiated by the user to the server through the terminal. Typically, the embodiment of the application is suitable for verifying the initiated operation request after the user successfully logs in the server through the terminal. The apparatus may be implemented by software and/or hardware, and the apparatus may be integrated in an electronic device. Referring to fig. 6, the apparatus specifically includes:
an information obtaining module 510, configured to, if it is detected that a user successfully logs in a server through a terminal, obtain terminal identification information sent by the terminal and login information of the user;
and an identifier generating module 520, configured to generate an authorized environment identifier of the terminal according to the terminal identifier information, generate an authorized login identifier of the user according to the login information of the user, and issue the authorized login identifier to the terminal, so as to perform security verification on an operation request, which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier, after the user successfully logs in.
In this embodiment of the present application, if the terminal logs in based on the application program, the terminal identification information includes at least one of the following items: a software system identification, a device identification, and a hardware address;
if the terminal logs in based on the browser, the terminal identification information comprises at least one of the following items: browser name, kernel version number upon which the browser is based, browser vendor kernel version number, browser user agent and operating system version information.
In this embodiment of the present application, the identifier generating module 520 includes:
and the authorization environment identifier generating unit is used for generating the authorization environment identifier of the terminal according to the terminal identifier information and the key information distributed to the user.
In this embodiment of the present application, the authorization environment identifier generating unit is specifically configured to:
splicing the terminal identification information and the key information to obtain splicing environment identification information;
and based on an encryption algorithm, encrypting the splicing identification information to obtain the authorized environment identification of the terminal.
In the embodiment of the application, the login information of the user comprises a user account identifier and a third-party platform identifier, wherein the third-party platform is a platform on which the user logs in through a terminal;
accordingly, the identity generation module 520 includes:
the authorized identity identification determining unit is used for determining the authorized identity identification of the user according to the user account identification and the third-party platform identification;
the session identifier generating unit is used for generating a session identifier aiming at the current successful login behavior;
the authorized login identification generation unit is used for encrypting the spliced authorized identity identification and the session identification to obtain the authorized login identification; or, after the third party platform identifier, the authorization identity identifier and the session identifier are spliced, encrypting is carried out to obtain the authorization login identifier.
In an embodiment of the present application, the authorization identifier determining unit is specifically configured to:
splicing the user account identification and the third-party platform identification to obtain a spliced identity identification;
encrypting the splicing identity to obtain the authorization identity;
and issuing the authorization identity to the terminal.
In an embodiment of the present application, the apparatus further includes:
the authorized identity acquisition module is used for acquiring an authorized identity carried by the terminal if receiving an operation request initiated by the user through the terminal;
and the user operation permission determining module is used for determining the user operation permission associated with the authorization identity identifier if the authorization identity identifier carried by the terminal is consistent with the authorization identity identifier issued to the terminal.
In an embodiment of the present application, the apparatus further includes:
the identifier obtaining module is used for obtaining current terminal identifier information and authorized login identifiers carried by the terminal if receiving an operation request initiated by the user through the terminal;
a current environment identifier generating module, configured to generate a current environment identifier according to current terminal identifier information carried by the terminal;
and the safety verification result determining module is used for determining a safety verification result according to the matching result of the current environment identifier and the authorization environment identifier and the matching result of the authorization login identifier issued to the terminal and the authorization login identifier carried by the terminal.
The access information processing device configured in the server provided by the embodiment of the application can execute the access information processing method executed by the server provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method.
Fig. 7 is a schematic structural diagram of an access information processing apparatus configured in a terminal according to an embodiment of the present invention. The device can be applied to the condition of processing the access initiated by the user to the server through the terminal. Typically, the embodiment of the application is suitable for verifying the initiated operation request after the user successfully logs in the server through the terminal. The apparatus may be implemented by software and/or hardware, and the apparatus may be integrated in an electronic device. Referring to fig. 7, the apparatus specifically includes:
an information collecting module 610, configured to collect terminal identification information of the terminal and login information of the user if it is detected that the user logs in the server through the terminal;
an information sending module 620, configured to send, by the server, terminal identification information and login information of the user, so that after a user successfully logs in to the server through the terminal, the server generates, according to the terminal identification information, an authorized environment identification of the terminal, generates, according to the login information of the user, an authorized login identification of the user, and issues the authorized login identification to the terminal;
an identifier receiving module 630, configured to receive the authorized login identifier sent by the server.
In this embodiment of the present application, if the terminal logs in based on the application program, the terminal identification information includes at least one of the following items: a software system identification, a device identification, and a hardware address;
if the terminal logs in based on the browser, the terminal identification information comprises at least one of the following items: browser name, kernel version number upon which the browser is based, browser vendor kernel version number, browser user agent and operating system version information.
In an embodiment of the present application, the apparatus further includes:
the current information acquisition module is used for acquiring the current terminal identification information of the terminal if the user initiates an operation request to the server through the terminal;
and the identifier sending module is used for sending current terminal identifier information and an authorized login identifier to the server so that the server generates a current environment identifier according to the current terminal identifier information, and performs security verification according to a matching result of the current environment identifier and the authorized environment identifier, and a matching result of the authorized login identifier sent by the terminal and the authorized login identifier issued by the server to the terminal.
In an embodiment of the present application, the apparatus further includes:
the authorized identity receiving module is used for receiving the authorized identity sent by the server;
and the authorized identity transmitting module is used for transmitting the authorized identity to the server if the user initiates an operation request to the server through the terminal, so that the server determines the user operation permission associated with the authorized identity if the server judges that the authorized identity carried by the terminal is consistent with the authorized identity issued to the terminal.
The access information processing device configured in the terminal provided by the embodiment of the application can execute the access information processing method executed by the terminal provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method.
Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention. FIG. 8 illustrates a block diagram of an exemplary electronic device 712 suitable for use to implement embodiments of the present application. The electronic device 712 shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 8, the electronic device 712 may include: one or more processors 716; the memory 728 is configured to store one or more programs, and when the one or more programs are executed by the one or more processors 716, the one or more processors 716 implement the method for processing access information performed by a server according to the embodiment of the present application, including:
if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained;
and generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in.
Or, the method for processing access information executed by a terminal according to the embodiment of the present application includes:
if the fact that the user logs in the server through the terminal is detected, acquiring terminal identification information of the terminal and login information of the user;
sending terminal identification information and login information of the user to the server, so that after the user successfully logs in the server through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information, generates an authorized login identification of the user according to the login information of the user, and issues the authorized login identification to the terminal;
and receiving an authorized login identifier issued by the server.
Components of electronic device 712 may include, but are not limited to: one or more processors or processors 716, a memory 728, and a bus 718 that connects the various device components (including the memory 728 and the processors 716).
Program/utility 740 having a set (at least one) of program modules 742 may be stored, for instance, in memory 728, such program modules 742 including, but not limited to, an operating device, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may include an implementation of a network environment. Program modules 742 generally perform the functions and/or methodologies of embodiments of the invention as described herein.
The electronic device 712 may also communicate with one or more external devices 714 (e.g., keyboard, pointing device, display 724, etc.), with one or more devices that enable a user to interact with the electronic device 712, and/or with any devices (e.g., network card, modem, etc.) that enable the electronic device 712 to communicate with one or more other computing devices. Such communication may occur through input/output (I/O) interfaces 722. Also, the electronic device 712 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via the network adapter 720. As shown in fig. 8, the network adapter 720 communicates with the other modules of the electronic device 712 via the bus 718. It should be appreciated that although not shown in FIG. 8, other hardware and/or software modules may be used in conjunction with electronic device 712, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID devices, tape drives, and data backup storage devices, among others.
The processor 716 executes various functional applications and data processing by executing at least one of other programs of the programs stored in the memory 728, for example, to implement an access information processing method provided in an embodiment of the present application.
One embodiment of the present invention provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to implement the access information processing method performed by a server according to the embodiments of the present application, including:
if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained;
and generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in.
Or, the method for processing access information executed by a terminal according to the embodiment of the present application includes:
if the fact that the user logs in the server through the terminal is detected, acquiring terminal identification information of the terminal and login information of the user;
sending terminal identification information and login information of the user to the server, so that after the user successfully logs in the server through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information, generates an authorized login identification of the user according to the login information of the user, and issues the authorized login identification to the terminal;
and receiving an authorized login identifier issued by the server.
The computer storage media of the embodiments of the present application may take any combination of one or more computer-readable storage media. The computer readable storage medium may be a computer readable signal storage medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor device, apparatus, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the present application, a computer readable storage medium may be any tangible storage medium that can contain, or store a program for use by or in connection with an instruction execution apparatus, device, or apparatus.
A computer readable signal storage medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal storage medium may also be any computer readable storage medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution apparatus, device, or apparatus.
Program code embodied on a computer readable storage medium may be transmitted using any appropriate storage medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or device. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (16)
1. An access information processing method, performed by a server, the method comprising:
if the fact that the user successfully logs in the server through the terminal is detected, terminal identification information sent by the terminal and login information of the user are obtained;
and generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in.
2. The method of claim 1, wherein if the terminal logs in based on the application program, the terminal identification information comprises at least one of the following: a software system identification, a device identification, and a hardware address;
if the terminal logs in based on the browser, the terminal identification information comprises at least one of the following items: browser name, kernel version number upon which the browser is based, browser vendor kernel version number, browser user agent and operating system version information.
3. The method of claim 1, wherein generating the authorization environment identifier of the terminal according to the terminal identifier information comprises:
and generating an authorization environment identifier of the terminal according to the terminal identifier information and the key information distributed to the user.
4. The method of claim 3, wherein generating the authorized environment identifier of the terminal according to the terminal identifier information and the key information allocated to the user comprises:
splicing the terminal identification information and the key information to obtain splicing environment identification information;
and based on an encryption algorithm, encrypting the splicing identification information to obtain the authorized environment identification of the terminal.
5. The method according to claim 1, wherein the login information of the user comprises a user account identifier and a third party platform identifier, and the third party platform is a platform on which the user logs in through the terminal;
correspondingly, according to the login information of the user, generating an authorized login identifier of the user, including:
determining an authorized identity of the user according to the user account identifier and the third-party platform identifier;
generating a session identifier aiming at the current successful login behavior;
after the authorization identity identification and the session identification are spliced, encryption is carried out to obtain the authorization login identification; or, after the third party platform identifier, the authorization identity identifier and the session identifier are spliced, encrypting is carried out to obtain the authorization login identifier.
6. The method of claim 5, wherein determining the authorized identity of the user based on the user account identifier and the third party platform identifier comprises:
splicing the user account identification and the third-party platform identification to obtain a spliced identity identification;
encrypting the splicing identity to obtain the authorization identity;
and issuing the authorization identity to the terminal.
7. The method of claim 6, wherein the process of performing security verification on the operation request after the user login is successful comprises:
if receiving an operation request initiated by the user through the terminal, acquiring an authorization identity carried by the terminal;
and if the authorization identity carried by the terminal is consistent with the authorization identity issued to the terminal, determining the user operation authority associated with the authorization identity.
8. The method of claim 1, wherein the process of performing security verification on the operation request after the user login is successful comprises:
if receiving an operation request initiated by the user through the terminal, acquiring current terminal identification information and an authorized login identification carried by the terminal;
generating a current environment identifier according to current terminal identifier information carried by the terminal;
and determining a security verification result according to the matching result of the current environment identifier and the authorization environment identifier and the matching result of the authorization login identifier issued to the terminal and the authorization login identifier carried by the terminal.
9. An access information processing method, performed by a terminal, the method comprising:
if the fact that the user logs in the server through the terminal is detected, acquiring terminal identification information of the terminal and login information of the user;
sending terminal identification information and login information of the user to the server, so that after the user successfully logs in the server through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information, generates an authorized login identification of the user according to the login information of the user, and issues the authorized login identification to the terminal;
and receiving an authorized login identifier issued by the server.
10. The method according to claim 9, wherein if the terminal logs in based on the application program, the terminal identification information comprises at least one of the following items: a software system identification, a device identification, and a hardware address;
if the terminal logs in based on the browser, the terminal identification information comprises at least one of the following items: browser name, kernel version number upon which the browser is based, browser vendor kernel version number, browser user agent and operating system version information.
11. The method of claim 9, further comprising:
if the user initiates an operation request to a server through the terminal, acquiring the current terminal identification information of the terminal;
sending current terminal identification information and an authorized login identification to a server, generating a current environment identification by the server according to the current terminal identification information, and performing security verification according to a matching result of the current environment identification and the authorized environment identification, the authorized login identification sent by the terminal and the matching result of the authorized login identification issued by the server to the terminal.
12. The method of claim 9, further comprising:
receiving an authorization identity sent by the server;
and if the user initiates an operation request to the server through the terminal, sending an authorization identity identifier to the server, so that if the server judges that the authorization identity identifier carried by the terminal is consistent with the authorization identity identifier issued to the terminal, determining the user operation authority associated with the authorization identity identifier.
13. An access information processing apparatus, configured to a server, the apparatus comprising:
the information acquisition module is used for acquiring terminal identification information sent by a terminal and login information of a user if the fact that the user successfully logs in a server through the terminal is detected;
and the identifier generation module is used for generating an authorized environment identifier of the terminal according to the terminal identifier information, generating an authorized login identifier of the user according to the login information of the user, and issuing the authorized login identifier to the terminal so as to perform security verification on an operation request which is initiated by the terminal and carries the terminal identifier information and the authorized login identifier after the user successfully logs in.
14. An access information processing apparatus, provided in a terminal, the apparatus comprising:
the information acquisition module is used for acquiring terminal identification information of the terminal and login information of the user if the fact that the user logs in the server through the terminal is detected;
the information sending module is used for sending terminal identification information and login information of the user by the server, so that after the user successfully logs in the server through the terminal, the server generates an authorized environment identification of the terminal according to the terminal identification information, generates an authorized login identification of the user according to the login information of the user, and sends the authorized login identification to the terminal;
and the identifier receiving module is used for receiving the authorized login identifier issued by the server.
15. An electronic device, characterized in that the electronic device comprises:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the access information processing method performed by the server according to any one of claims 1 to 8, or the access information processing method performed by the terminal according to any one of claims 9 to 12.
16. A computer-readable storage medium on which a computer program is stored, characterized in that the program, when executed by a processor, implements the access information processing method performed by a server according to any one of claims 1 to 8, or implements the access information processing method performed by a terminal according to any one of claims 9 to 12.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110341463.4A CN112967056A (en) | 2021-03-30 | 2021-03-30 | Access information processing method and device, electronic equipment and medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110341463.4A CN112967056A (en) | 2021-03-30 | 2021-03-30 | Access information processing method and device, electronic equipment and medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112967056A true CN112967056A (en) | 2021-06-15 |
Family
ID=76279652
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110341463.4A Pending CN112967056A (en) | 2021-03-30 | 2021-03-30 | Access information processing method and device, electronic equipment and medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112967056A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113378152A (en) * | 2021-06-30 | 2021-09-10 | 北京天融信网络安全技术有限公司 | Operation and maintenance auditing method and device, storage medium and electronic equipment |
CN114244583A (en) * | 2021-11-30 | 2022-03-25 | 珠海大横琴科技发展有限公司 | Data processing method and device based on mobile client |
CN114500074A (en) * | 2022-02-11 | 2022-05-13 | 京东科技信息技术有限公司 | Single-point system security access method, device and related equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106254560A (en) * | 2016-10-12 | 2016-12-21 | 腾讯科技(北京)有限公司 | Information transferring method and device |
CN106657068A (en) * | 2016-12-23 | 2017-05-10 | 腾讯科技(深圳)有限公司 | Login authorization method and device, login method and device |
CN107026860A (en) * | 2017-04-01 | 2017-08-08 | 成都虫洞奇迹科技有限公司 | Login authentication method, apparatus and system |
CN110958119A (en) * | 2019-10-25 | 2020-04-03 | 泰康保险集团股份有限公司 | Identity verification method and device |
-
2021
- 2021-03-30 CN CN202110341463.4A patent/CN112967056A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106254560A (en) * | 2016-10-12 | 2016-12-21 | 腾讯科技(北京)有限公司 | Information transferring method and device |
CN106657068A (en) * | 2016-12-23 | 2017-05-10 | 腾讯科技(深圳)有限公司 | Login authorization method and device, login method and device |
CN107026860A (en) * | 2017-04-01 | 2017-08-08 | 成都虫洞奇迹科技有限公司 | Login authentication method, apparatus and system |
CN110958119A (en) * | 2019-10-25 | 2020-04-03 | 泰康保险集团股份有限公司 | Identity verification method and device |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113378152A (en) * | 2021-06-30 | 2021-09-10 | 北京天融信网络安全技术有限公司 | Operation and maintenance auditing method and device, storage medium and electronic equipment |
CN114244583A (en) * | 2021-11-30 | 2022-03-25 | 珠海大横琴科技发展有限公司 | Data processing method and device based on mobile client |
CN114500074A (en) * | 2022-02-11 | 2022-05-13 | 京东科技信息技术有限公司 | Single-point system security access method, device and related equipment |
CN114500074B (en) * | 2022-02-11 | 2024-04-12 | 京东科技信息技术有限公司 | Single-point system security access method and device and related equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9560033B2 (en) | Method and system for authenticating user identity | |
US9426134B2 (en) | Method and systems for the authentication of a user | |
US8601268B2 (en) | Methods for securing transactions by applying crytographic methods to assure mutual identity | |
CN109587162B (en) | Login verification method, device, terminal, password server and storage medium | |
US10726111B2 (en) | Increased security using dynamic watermarking | |
CN112967056A (en) | Access information processing method and device, electronic equipment and medium | |
US20210243037A1 (en) | Method for information processing in digital asset certificate inheritance transfer, and related device | |
EP3933624B1 (en) | Blockchain-based identity verification method and related hardware | |
US9894053B2 (en) | Method and system for authenticating service | |
CN111698312B (en) | Service processing method, device, equipment and storage medium based on open platform | |
CN110417557B (en) | Intelligent terminal peripheral data security control method and device | |
CN115952552A (en) | Remote data destruction method, system and equipment | |
US10990982B2 (en) | Authenticating a payment card | |
US9871890B2 (en) | Network authentication method using a card device | |
US20190266580A1 (en) | Electronic transfer tracking using virtual wallets | |
WO2015060950A1 (en) | Method and system for authenticating service | |
CN113961970B (en) | Cross-network-segment network disk login identity authentication method and device, network disk and storage medium | |
CN114785560B (en) | Information processing method, device, equipment and medium | |
CN115643012A (en) | Evidence obtaining method and system based on block chain | |
CN117455489A (en) | Transaction authorization method, device, equipment and storage medium | |
CN114493592A (en) | Risk transaction execution method and device, electronic equipment and storage medium | |
TW202409933A (en) | Non-fungible token login verification system and its method capable of achieving a login verification with high safety for electronic wallets | |
CN113987461A (en) | Identity authentication method and device and electronic equipment | |
CN115514567A (en) | Access method, access system, computer equipment and medium of internet of things terminal equipment | |
CN115147101A (en) | Secure payment method, apparatus, electronic device, medium, and program product |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |