CN114071455A - Secret-free authentication method, server, system and gateway equipment - Google Patents
Secret-free authentication method, server, system and gateway equipment Download PDFInfo
- Publication number
- CN114071455A CN114071455A CN202010743347.0A CN202010743347A CN114071455A CN 114071455 A CN114071455 A CN 114071455A CN 202010743347 A CN202010743347 A CN 202010743347A CN 114071455 A CN114071455 A CN 114071455A
- Authority
- CN
- China
- Prior art keywords
- secret
- free authentication
- authentication request
- mobile terminal
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 230000000977 initiatory effect Effects 0.000 claims abstract description 12
- 239000000284 extract Substances 0.000 claims abstract description 8
- 238000004590 computer program Methods 0.000 claims description 10
- 238000000605 extraction Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 19
- 230000006870 function Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present disclosure provides a secret-free authentication method, a server, a system and a gateway device, which relate to the technical field of data communication, wherein the method comprises the following steps: the secret-free authentication server receives a secret-free authentication request message sent by gateway equipment; the secret-free authentication server extracts a first identity identifier of a first mobile terminal initiating a secret-free authentication request from the secret-free authentication request message and a second identity identifier of a second mobile terminal sending the secret-free authentication request message to the gateway equipment; and under the condition that the first identity identification is inconsistent with the second identity identification, the secret-free authentication server refuses the secret-free authentication request.
Description
Technical Field
The present disclosure relates to the field of data communication technologies, and in particular, to a secret-free authentication method, a server, a secret-free authentication system, and a gateway device.
Background
In a secret-free authentication mode based on the mobile phone number of the user, the user does not need to input an account name and a password, and authentication is convenient.
In the related art, the gateway device of the core network extracts the mobile phone number of the user and sends the mobile phone number to the secret-free authentication server, so that secret-free authentication based on the mobile phone number is realized.
Disclosure of Invention
The inventor has noticed that when a certain mobile terminal accesses the mobile core network by means of a mobile hotspot, the mobile phone number extracted by the gateway device is not the mobile phone number of the mobile terminal, thereby causing the failure of the secret-free authentication.
In order to solve the above problem, the embodiments of the present disclosure propose the following solutions.
According to an aspect of the embodiments of the present disclosure, there is provided a secret-free authentication method, including: the secret-free authentication server receives a secret-free authentication request message sent by gateway equipment; the secret-free authentication server extracts a first identity identifier of a first mobile terminal initiating a secret-free authentication request from the secret-free authentication request message and a second identity identifier of a second mobile terminal sending the secret-free authentication request message to the gateway equipment; and under the condition that the first identity identification is inconsistent with the second identity identification, the secret-free authentication server refuses the secret-free authentication request.
In some embodiments, the first identity and the second identity comprise IP addresses.
In some embodiments, the second identity is carried in a header of the secret-free authentication request message.
In some embodiments, the method further comprises: the secret-free authentication server extracts the mobile phone number of the second mobile terminal from the secret-free authentication request message; and under the condition that the first identity identification is consistent with the second identity identification, the secret-free authentication server performs secret-free authentication according to the mobile phone number of the second mobile terminal.
According to another aspect of the embodiments of the present disclosure, there is provided a secret-less authentication method, including: the gateway equipment receives a secret-free authentication request message, wherein the secret-free authentication request message carries a first identity of a first mobile terminal initiating a secret-free authentication request; the gateway equipment adds a second identity of a second mobile terminal which sends the secret-free authentication request message to the gateway equipment in the secret-free authentication request message; after the adding, the gateway device sends the secret-free authentication request message to a secret-free authentication server, so that the secret-free authentication server rejects the secret-free authentication request under the condition that the first identity identification and the second identity identification are inconsistent.
In some embodiments, the first identity and the second identity comprise IP addresses.
In some embodiments, the second identity is added in a header of the privacy-exempt authentication request message.
In some embodiments, the method further comprises: the gateway equipment adds the mobile phone number of the second mobile terminal in the secret-free authentication request message, so that the secret-free authentication server can carry out secret-free authentication according to the mobile phone number of the second mobile terminal under the condition that the first identity identification is consistent with the second identity identification.
According to another aspect of the embodiments of the present disclosure, there is provided a secret-less authentication server, including: the receiving module is configured to receive a secret-free authentication request message sent by the gateway equipment; an extraction module configured to extract, from the secret-free authentication request message, a first identity of a first mobile terminal that initiated a secret-free authentication request and a second identity of a second mobile terminal that sent the secret-free authentication request message to the gateway device; an authentication module configured to reject the request for the password-less authentication by the password-less authentication server if the first identity is not consistent with the second identity.
According to still another aspect of the embodiments of the present disclosure, there is provided a secret-less authentication server, including: a memory; and a processor coupled to the memory and configured to perform the method of any of the above embodiments based on instructions stored in the memory.
According to still another aspect of the embodiments of the present disclosure, there is provided a gateway apparatus including: the mobile terminal comprises a receiving module, a sending module and a sending module, wherein the receiving module is configured to receive a secret-free authentication request message which carries a first identity identifier of a first mobile terminal initiating a secret-free authentication request; an adding module configured to add, in the secret-free authentication request message, a second identity of a second mobile terminal that sends the secret-free authentication request message to the gateway device; and the sending module is configured to send the secret-free authentication request message to a secret-free authentication server after the adding so that the secret-free authentication server rejects the secret-free authentication request under the condition that the first identity identification is inconsistent with the second identity identification.
According to still another aspect of the embodiments of the present disclosure, there is provided a gateway device, including: a memory; and a processor coupled to the memory and configured to perform the method of any of the above embodiments based on instructions stored in the memory.
According to still another aspect of the embodiments of the present disclosure, there is provided a secret-less authentication system, including: the gateway device according to any of the above embodiments; and a privacy-free authentication server as described in any of the above embodiments.
In some embodiments, the system further comprises: the mobile terminal comprises a first mobile terminal and a second mobile terminal, wherein the first mobile terminal is configured to send a secret-free authentication request message carrying a first identity identifier of the first mobile terminal so as to initiate a secret-free authentication request; and the second mobile terminal is configured to receive the secret-free authentication request message sent by the first mobile terminal and send the secret-free authentication request message to the gateway device, wherein the first mobile terminal accesses a core network through a mobile hotspot established by the second mobile terminal.
According to a further aspect of the embodiments of the present disclosure, there is provided a computer-readable storage medium having stored thereon computer program instructions, which when executed by a processor, implement the method according to any one of the embodiments described above.
In the embodiment of the disclosure, by extracting the first identity identifier of the first mobile terminal initiating the secret-free authentication request from the secret-free authentication request message and the second identity identifier of the second mobile terminal sending the secret-free authentication request message to the gateway device, the secret-free authentication request can be rejected under the condition that the first identity identifier and the second identity identifier are not consistent. Therefore, the secret-free authentication can be avoided under the condition that the first mobile terminal is accessed into the core network in a mobile hotspot accessing mode, and the success rate of the secret-free authentication is improved.
The technical solution of the present disclosure is further described in detail by the accompanying drawings and examples.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic flow diagram of a method of privacy-free authentication according to some embodiments of the present disclosure;
FIG. 2 is a schematic flow chart diagram of a method of privacy-free authentication according to further embodiments of the present disclosure;
FIG. 3 is a block diagram of a method of privacy-free authentication according to further embodiments of the present disclosure;
FIG. 4 is a schematic block diagram of a privacy-free authentication server according to some embodiments of the present disclosure;
fig. 5 is a schematic structural diagram of a gateway device according to some embodiments of the present disclosure;
FIG. 6 is a schematic block diagram of a gateway device according to further embodiments of the present disclosure;
fig. 7 is a schematic structural diagram of a privacy-free authentication system according to some embodiments of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
The relative arrangement of the components and steps, the numerical expressions, and numerical values set forth in these embodiments do not limit the scope of the present disclosure unless specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
Fig. 1 is a flow diagram of a method of privacy-free authentication according to some embodiments of the present disclosure.
In step 102, the secret-less authentication server receives a secret-less authentication request message sent by the gateway device.
Here, the secret-less authentication request message carries a first identity of a first mobile terminal that initiates the secret-less authentication request and a second identity of a second mobile terminal that sends the secret-less authentication request message to the gateway device. For example, the gateway device may be a packet data network gateway (PDN gateway). For example, the first mobile terminal and the second mobile terminal may be cell phones.
For example, the first identity and the second identity may comprise physical addresses (e.g. MAC addresses), logical addresses, etc. that may identify the mobile terminal. Considering that the physical address and the logical address may be tampered with, thereby causing inaccuracy of the final authentication result, in some embodiments, the first identity identifier and the second identity identifier may include IP addresses, which may improve the accuracy of the secret-less authentication.
In step 104, the privacy-free authentication server extracts a first identity of the first mobile terminal initiating the privacy-free authentication request and a second identity of the second mobile terminal sending the privacy-free authentication request message to the gateway device from the privacy-free authentication request message.
For example, the first mobile terminal sends a secret-free authentication request message carrying the first identity identifier to the second mobile terminal to initiate a secret-free authentication request. And the second mobile terminal sends the secret-free authentication request message to the gateway equipment, and the gateway equipment adds a second identity identifier in the secret-free authentication request message.
As an example, the second identity may be carried in a header of the privacy-free authentication request message. For example, the privacy-exempt authentication request message is a hypertext transfer protocol (HTTP) message. The second identity can be added to the header of the privacy-free authentication request message in an HTTP header enhancement mode.
In step 106, the privacy-free authentication server rejects the privacy-free authentication request in case the first identity is not consistent with the second identity.
And if the first identity identification is not consistent with the second identity identification, the first mobile terminal and the second mobile terminal are different. For example, the second mobile terminal is a mobile terminal that establishes a mobile hotspot, and the first mobile terminal is a mobile terminal that accesses the core network by accessing the mobile hotspot. In this case, the first identity and the second identity are not identical. If the secret-free authentication is adopted, the authentication result is inaccurate finally.
In the above embodiment, by extracting the first identity identifier of the first mobile terminal initiating the privacy-exempt authentication request from the privacy-exempt authentication request message and the second identity identifier of the second mobile terminal sending the privacy-exempt authentication request message to the gateway device, the privacy-exempt authentication request can be rejected under the condition that the first identity identifier and the second identity identifier are not consistent. Therefore, the secret-free authentication can be avoided under the condition that the first mobile terminal is accessed into the core network in a mobile hotspot accessing mode, and the success rate of the secret-free authentication is improved.
Fig. 2 is a flow diagram of a method of privacy-free authentication according to further embodiments of the present disclosure.
In step 202, the secret-less authentication server receives a secret-less authentication request message sent by the gateway device.
Here, the first identity of the first mobile terminal initiating the privacy-exempt authentication request, the second identity of the second mobile terminal sending the privacy-exempt authentication request message to the gateway device, and the mobile phone number of the second mobile terminal are extracted from the privacy-exempt authentication request message.
In step 204, the privacy-free authentication server extracts the first identity identifier of the first mobile terminal initiating the privacy-free authentication request, the second identity identifier of the second mobile terminal sending the privacy-free authentication request message to the gateway device, and the mobile phone number of the second mobile terminal from the privacy-free authentication request message.
In step 206, the privacy-free authentication server rejects the privacy-free authentication request in case the first identity is not consistent with the second identity.
In step 208, the secret-less authentication server performs secret-less authentication according to the mobile phone number of the second mobile terminal under the condition that the first identity identifier is consistent with the second identity identifier.
And if the first identity identification is consistent with the second identity identification, the first terminal and the second mobile terminal are the same mobile terminal. At this time, the first mobile terminal does not access the core network by accessing the mobile hotspot, so that the second mobile terminal can be authenticated without secret. The specific way of performing the secret-free authentication according to the mobile phone number of the second mobile terminal may be performed according to an existing secret-free authentication way, and is not described in detail herein.
In the above embodiment, the secret-free authentication request is rejected under the condition that the first identity identifier and the second identity identifier are not consistent; and performing secret-free authentication according to the mobile phone number of the second mobile terminal under the condition that the first identity identification is consistent with the second identity identification. Therefore, the secret-free authentication is allowed only when the first mobile terminal and the second mobile terminal are the same mobile terminal, so that the secret-free authentication can be avoided when the first mobile terminal is accessed to the core network in a mobile hotspot accessing manner, and the success rate of the secret-free authentication is improved.
Fig. 3 is a flow diagram of a method of privacy-free authentication according to further embodiments of the present disclosure.
In step 302, the gateway device receives a privacy-exempt authentication request message. Here, the secret-free authentication request message carries the first identity of the first mobile terminal that initiated the secret-free authentication request.
For example, the first identity may be an IP address.
In step 304, the gateway device adds a second identity of the second mobile terminal that sent the privacy-free authentication request message to the gateway device in the privacy-free authentication request message.
For example, the second identity may be added in a header of the privacy-exempt authentication request message. In some embodiments, the second identity may be an IP address.
In step 306, after the adding, the gateway device sends the secret-less authentication request message to the secret-less authentication server, so that the secret-less authentication server rejects the secret-less authentication request when the first identity identifier and the second identity identifier are not consistent.
In some embodiments, the gateway device further adds a mobile phone number of the second mobile terminal to the secret-less authentication request message, so that the secret-less authentication server performs secret-less authentication according to the mobile phone number of the second mobile terminal when the first identity identifier and the second identity identifier are consistent.
In the above embodiment, the secret-less authentication request message received by the gateway device carries the first identity identifier of the first mobile terminal that initiated the secret-less authentication request, and the gateway device adds the second identity identifier of the second mobile terminal that sent the secret-less authentication request message to the gateway device in the secret-less authentication request message, and then sends the second identity identifier to the secret-less authentication server, so that the secret-less authentication server can reject the secret-less authentication request when the first identity identifier and the second identity identifier are not consistent. Therefore, the secret-free authentication can be avoided under the condition that the first mobile terminal is accessed into the core network in a mobile hotspot accessing mode, and the success rate of the secret-free authentication is improved.
In the present specification, the embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts in the embodiments are referred to each other. For the embodiments of the privacy-free authentication server and the gateway device, since they basically correspond to the embodiments of the method, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the embodiments of the method.
Fig. 4 is a schematic structural diagram of a privacy-free authentication server according to some embodiments of the present disclosure.
As shown in fig. 4, the privacy-exempt authentication server includes a receiving module 401, an extracting module 402, and an authenticating module 403.
The receiving module 401 is configured to receive a secret-free authentication request message sent by a gateway device. The extraction module 402 is configured to extract, from the privacy-exempt authentication request message, a first identity of a first mobile terminal that initiated the privacy-exempt authentication request and a second identity of a second mobile terminal that sent the privacy-exempt authentication request message to the gateway device. The authentication module 403 is configured to reject the request for the privacy-free authentication by the privacy-free authentication server in case the first identity and the second identity are not identical.
Fig. 5 is a schematic structural diagram of a gateway device according to some embodiments of the present disclosure.
As shown in fig. 5, the gateway device includes a receiving module 501, an adding module 502, and a sending module 503.
The receiving module 501 is configured to receive a secret-free authentication request message, where the secret-free authentication request message carries a first identity of a first mobile terminal that initiates a secret-free authentication request. An adding module 502 configured to add, in the secret-free authentication request message, a second identity of a second mobile terminal that sends the secret-free authentication request message to the gateway device. The sending module 503 is configured to send the privacy-free authentication request message to the privacy-free authentication server after the adding, so that the privacy-free authentication server rejects the privacy-free authentication request when the first identity identifier and the second identity identifier are not consistent.
Fig. 6 is a schematic structural diagram of an electronic device according to some embodiments of the present disclosure. The electronic device shown in fig. 6 may be a privacy-free authentication server or a gateway device.
As shown in fig. 6, the electronic device 600 includes a memory 601 and a processor 602 coupled to the memory 601, and the processor 602 is configured to execute the secret-less authentication method of any of the foregoing embodiments based on instructions stored in the memory 601.
The memory 601 may include, for example, system memory, fixed non-volatile storage media, and the like. The system memory may store, for example, an operating system, application programs, a Boot Loader (Boot Loader), and other programs.
The electronic device 600 may also include an input-output interface 603, a network interface 604, a storage interface 605, and the like. The interfaces 603, 604, 605 and the memory 601 and the processor 602 may be connected by a bus 606, for example. The input/output interface 603 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. The network interface 604 provides a connection interface for various networking devices. The storage interface 605 provides a connection interface for external storage devices such as an SD card and a usb disk.
Fig. 7 is a schematic structural diagram of a privacy-free authentication system according to some embodiments of the present disclosure.
As shown in fig. 7, the privacy-free authentication system includes a gateway device 701 according to any one of the above embodiments and a privacy-free authentication server 702 according to any one of the above embodiments.
In some embodiments, the privacy-free authentication system may further include a first mobile terminal 703 and a second mobile terminal 704. For example, the first mobile terminal 703 accesses the core network through a mobile hotspot established by the second mobile terminal 704.
The first mobile terminal 703 is configured to send a privacy-exempt authentication request message carrying a first identity of the first mobile terminal 703 to initiate a privacy-exempt authentication request. The second mobile terminal 704 is configured to receive the secret-free authentication request message sent by the first mobile terminal 703 and send the secret-free authentication request message to the gateway device 701.
In the above embodiment, the first mobile terminal 703 accesses the core network through the mobile hotspot established by the second mobile terminal 704, and the secret-free authentication server 702 rejects the secret-free authentication of the first mobile terminal 703, thereby improving the success rate of secret-free authentication.
The disclosed embodiments also provide a computer-readable storage medium having stored thereon computer program instructions, which when executed by a processor, implement the method of any of the above embodiments.
Thus, various embodiments of the present disclosure have been described in detail. Some details that are well known in the art have not been described in order to avoid obscuring the concepts of the present disclosure. It will be fully apparent to those skilled in the art from the foregoing description how to practice the presently disclosed embodiments.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that the functions specified in one or more of the flows in the flowcharts and/or one or more of the blocks in the block diagrams can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Although some specific embodiments of the present disclosure have been described in detail by way of example, it should be understood by those skilled in the art that the foregoing examples are for purposes of illustration only and are not intended to limit the scope of the present disclosure. It will be understood by those skilled in the art that various changes may be made in the above embodiments or equivalents may be substituted for elements thereof without departing from the scope and spirit of the present disclosure. The scope of the present disclosure is defined by the appended claims.
Claims (15)
1. A privacy-free authentication method, comprising:
the secret-free authentication server receives a secret-free authentication request message sent by gateway equipment;
the secret-free authentication server extracts a first identity identifier of a first mobile terminal initiating a secret-free authentication request from the secret-free authentication request message and a second identity identifier of a second mobile terminal sending the secret-free authentication request message to the gateway equipment;
and under the condition that the first identity identification is inconsistent with the second identity identification, the secret-free authentication server refuses the secret-free authentication request.
2. The method of claim 1, wherein the first identity and the second identity comprise IP addresses.
3. The method of claim 1, wherein the second identity is carried in a header of the privacy-exempt authentication request message.
4. The method of any of claims 1-3, further comprising:
the secret-free authentication server extracts the mobile phone number of the second mobile terminal from the secret-free authentication request message;
and under the condition that the first identity identification is consistent with the second identity identification, the secret-free authentication server performs secret-free authentication according to the mobile phone number of the second mobile terminal.
5. A privacy-free authentication method, comprising:
the gateway equipment receives a secret-free authentication request message, wherein the secret-free authentication request message carries a first identity of a first mobile terminal initiating a secret-free authentication request;
the gateway equipment adds a second identity of a second mobile terminal which sends the secret-free authentication request message to the gateway equipment in the secret-free authentication request message;
after the adding, the gateway device sends the secret-free authentication request message to a secret-free authentication server, so that the secret-free authentication server rejects the secret-free authentication request under the condition that the first identity identification and the second identity identification are inconsistent.
6. The method of claim 5, wherein the first identity and the second identity comprise IP addresses.
7. The method of claim 5, wherein the second identity is added in a header of the privacy-exempt authentication request message.
8. The method of any of claims 5-7, further comprising:
the gateway equipment adds the mobile phone number of the second mobile terminal in the secret-free authentication request message, so that the secret-free authentication server can carry out secret-free authentication according to the mobile phone number of the second mobile terminal under the condition that the first identity identification is consistent with the second identity identification.
9. A privacy-free authentication server comprising:
the receiving module is configured to receive a secret-free authentication request message sent by the gateway equipment;
an extraction module configured to extract, from the secret-free authentication request message, a first identity of a first mobile terminal that initiated a secret-free authentication request and a second identity of a second mobile terminal that sent the secret-free authentication request message to the gateway device;
an authentication module configured to reject the request for the password-less authentication by the password-less authentication server if the first identity is not consistent with the second identity.
10. A privacy-free authentication server comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the method of any of claims 1-4 based on instructions stored in the memory.
11. A gateway device, comprising:
the mobile terminal comprises a receiving module, a sending module and a sending module, wherein the receiving module is configured to receive a secret-free authentication request message which carries a first identity identifier of a first mobile terminal initiating a secret-free authentication request;
an adding module configured to add, in the secret-free authentication request message, a second identity of a second mobile terminal that sends the secret-free authentication request message to the gateway device;
and the sending module is configured to send the secret-free authentication request message to a secret-free authentication server after the adding so that the secret-free authentication server rejects the secret-free authentication request under the condition that the first identity identification is inconsistent with the second identity identification.
12. A gateway device, comprising:
a memory; and
a processor coupled to the memory and configured to perform the method of any of claims 5-8 based on instructions stored in the memory.
13. A privacy-free authentication system comprising:
the gateway device of claim 11 or 12; and
a privacy-free authentication server as claimed in claim 9 or 10.
14. The system of claim 13, further comprising:
the mobile terminal comprises a first mobile terminal and a second mobile terminal, wherein the first mobile terminal is configured to send a secret-free authentication request message carrying a first identity identifier of the first mobile terminal so as to initiate a secret-free authentication request; and
a second mobile terminal configured to receive the secret-free authentication request message sent by the first mobile terminal and send the secret-free authentication request message to the gateway device,
and the first mobile terminal accesses the core network through the mobile hotspot established by the second mobile terminal.
15. A computer readable storage medium having computer program instructions stored thereon, wherein the instructions, when executed by a processor, implement the method of any of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010743347.0A CN114071455A (en) | 2020-07-29 | 2020-07-29 | Secret-free authentication method, server, system and gateway equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010743347.0A CN114071455A (en) | 2020-07-29 | 2020-07-29 | Secret-free authentication method, server, system and gateway equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114071455A true CN114071455A (en) | 2022-02-18 |
Family
ID=80226750
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010743347.0A Pending CN114071455A (en) | 2020-07-29 | 2020-07-29 | Secret-free authentication method, server, system and gateway equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114071455A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115150157A (en) * | 2022-06-30 | 2022-10-04 | 中国电信股份有限公司 | Secret-free authentication method, device and system and deep packet inspection equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140289508A1 (en) * | 2013-03-21 | 2014-09-25 | Tencent Technology (Shenzhen) Company Limited | Method, client and system of identity authentication |
| CN105554037A (en) * | 2016-02-24 | 2016-05-04 | 中国联合网络通信集团有限公司 | Identity identification processing method and service platform |
| WO2019056971A1 (en) * | 2017-09-25 | 2019-03-28 | 华为技术有限公司 | Authentication method and device |
| CN109756452A (en) * | 2017-11-03 | 2019-05-14 | ***通信有限公司研究院 | A kind of safety certifying method, device and computer readable storage medium |
| CN110266656A (en) * | 2019-05-30 | 2019-09-20 | 世纪龙信息网络有限责任公司 | Exempt from close authenticating identity recognition methods, device and computer equipment |
| CN110418345A (en) * | 2019-07-25 | 2019-11-05 | 世纪龙信息网络有限责任公司 | Identity identifying method, device and computer equipment |
-
2020
- 2020-07-29 CN CN202010743347.0A patent/CN114071455A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140289508A1 (en) * | 2013-03-21 | 2014-09-25 | Tencent Technology (Shenzhen) Company Limited | Method, client and system of identity authentication |
| CN105554037A (en) * | 2016-02-24 | 2016-05-04 | 中国联合网络通信集团有限公司 | Identity identification processing method and service platform |
| WO2019056971A1 (en) * | 2017-09-25 | 2019-03-28 | 华为技术有限公司 | Authentication method and device |
| CN109756452A (en) * | 2017-11-03 | 2019-05-14 | ***通信有限公司研究院 | A kind of safety certifying method, device and computer readable storage medium |
| CN110266656A (en) * | 2019-05-30 | 2019-09-20 | 世纪龙信息网络有限责任公司 | Exempt from close authenticating identity recognition methods, device and computer equipment |
| CN110418345A (en) * | 2019-07-25 | 2019-11-05 | 世纪龙信息网络有限责任公司 | Identity identifying method, device and computer equipment |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115150157A (en) * | 2022-06-30 | 2022-10-04 | 中国电信股份有限公司 | Secret-free authentication method, device and system and deep packet inspection equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105323253B (en) | Identity verification method and device | |
| CN102958022A (en) | Short message verification method, device and system | |
| CN109688186B (en) | Data interaction method, device, equipment and readable storage medium | |
| WO2016101635A1 (en) | Method, apparatus and device for synchronizing login status, and computer storage medium | |
| CN110825448B (en) | Method, device, electronic equipment and storage medium for realizing multi-service module mutual calling | |
| CN110661829B (en) | File downloading method and device, client and computer readable storage medium | |
| CN104092653B (en) | Data processing method and system | |
| CN107688733B (en) | Service interface calling method, device, user terminal and readable storage medium | |
| CN112532605B (en) | Network attack tracing method and system, storage medium and electronic device | |
| CN103023727A (en) | Portal performance testing system and Portal performance testing method | |
| CN114513350A (en) | Identity verification method, system and storage medium | |
| CN107508784B (en) | Application login method and terminal equipment | |
| CN108769059B (en) | Verification method, device, medium and computing equipment | |
| CN105376636A (en) | A verification code filling-in method, a verification code filling-in assisting method, an intelligent television set and an intelligent mobile terminal | |
| CN114071455A (en) | Secret-free authentication method, server, system and gateway equipment | |
| CN114186206A (en) | Login method and device based on small program, electronic equipment and storage medium | |
| CN111641554B (en) | Message processing method and device and computer readable storage medium | |
| CN110875895A (en) | Method, system, equipment and vehicle for realizing intelligent terminal software login | |
| CN114968822A (en) | Interface testing method and device, computer equipment and storage medium | |
| CN110248326B (en) | Data processing method and device | |
| CN108092974A (en) | Network access authentication method and device | |
| CN114465811B (en) | Website login determination method and device, electronic equipment and storage medium | |
| CN118250341B (en) | Form request processing method, device, equipment and storage medium | |
| CN113840285B (en) | Physical layer collaborative authentication method and system based on 5G and electronic equipment | |
| CN106686057A (en) | heterogeneous service integrated system based on cloud platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |